@webiny/pulumi-aws 5.32.0-beta.0 → 5.33.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/apps/api/ApiGraphql.js +3 -0
  2. package/apps/api/ApiGraphql.js.map +1 -1
  3. package/apps/api/createApiPulumiApp.js +9 -9
  4. package/apps/api/createApiPulumiApp.js.map +1 -1
  5. package/apps/common/VpcConfig.js +1 -1
  6. package/apps/common/VpcConfig.js.map +1 -1
  7. package/apps/core/CoreElasticSearch.js +21 -9
  8. package/apps/core/CoreElasticSearch.js.map +1 -1
  9. package/apps/customDomain.js +0 -21
  10. package/apps/customDomain.js.map +1 -1
  11. package/apps/lambdaUtils.js +1 -1
  12. package/apps/lambdaUtils.js.map +1 -1
  13. package/apps/tenantRouter.js +10 -0
  14. package/apps/tenantRouter.js.map +1 -1
  15. package/apps/website/createWebsitePulumiApp.d.ts +7 -1
  16. package/apps/website/createWebsitePulumiApp.js +7 -1
  17. package/apps/website/createWebsitePulumiApp.js.map +1 -1
  18. package/package.json +8 -8
  19. package/utils/uploadFolderToS3.js +1 -1
  20. package/utils/uploadFolderToS3.js.map +1 -1
package/apps/api/ApiGraphql.js CHANGED
@@ -62,6 +62,8 @@ const ApiGraphql = (0, _pulumi2.createAppModule)({
62
62
  vpcConfig: app.getModule(_.VpcConfig).functionVpcConfig
63
63
  }
64
64
  });
65
+ const headlessCmsModule = app.getModule(_.ApiHeadlessCMS);
66
+ const headlessCmsGraphQL = headlessCmsModule.functions.graphql;
65
67
  /**
66
68
  * Store meta information like "mainGraphqlFunctionArn" in APW settings at deploy time.
67
69
  *
@@ -78,6 +80,7 @@ const ApiGraphql = (0, _pulumi2.createAppModule)({
78
80
  item: pulumi.interpolate`{
79
81
  "PK": {"S": "APW#SETTINGS"},
80
82
  "SK": {"S": "${app.params.run.variant || "default"}"},
83
+ "cmsGraphqlFunctionArn": {"S": "${headlessCmsGraphQL.output.arn}"},
81
84
  "mainGraphqlFunctionArn": {"S": "${graphql.output.arn}"},
82
85
  "eventRuleName": {"S": "${params.apwSchedulerEventRule.name}"},
83
86
  "eventTargetId": {"S": "${params.apwSchedulerEventTarget.targetId}"}
package/apps/api/ApiGraphql.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["ApiGraphql","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","aws","lambda","Function","runtime","handler","arn","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","functions","addRoute","routeParams","apiGateway","resources","console","log","kebabName","toKebabCase","method","function","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","description","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport toKebabCase from \"lodash/kebabCase\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport interface AddRouteParams {\n /**\n * Must be in kebab case (a-z and -)\n */\n name: string;\n path: `/${string}`;\n method: \"DELETE\" | \"GET\" | \"HEAD\" | \"PATCH\" | \"POST\" | \"PUT\" | \"OPTIONS\" | \"ANY\";\n}\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"default\"}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n },\n addRoute: (routeParams: AddRouteParams) => {\n const apiGateway: any = app.resources.apiGateway;\n if (!apiGateway) {\n console.log(\n \"Could not add route because there is no apiGateway in the resources.\"\n );\n return;\n }\n const kebabName = toKebabCase(routeParams.name);\n if (kebabName !== routeParams.name) {\n console.log(`Route name is not allowed: \"${routeParams.name}\".`);\n return;\n }\n return apiGateway.addRoute(routeParams.name, {\n path: routeParams.path,\n method: routeParams.method,\n function: graphql.output.arn\n });\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: `arn:aws:s3:::${core.fileManagerBucketId}/*`\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AACA;;;;;;;;;;AAmBO,MAAMA,UAAU,GAAG,IAAAC,wBAAA,EAAgB;EACtCC,IAAI,EAAE,YADgC;;EAEtCC,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAAwC;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAb;IAEA,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAD,CAAxC;IACA,MAAMO,IAAI,GAAG,IAAAC,6BAAA,EAAiBR,GAAjB,EAAsB;MAC/BF,IAAI,EAAE,iBADyB;MAE/BO,MAAM,EAAEA,MAAM,CAACI;IAFgB,CAAtB,CAAb;IAKA,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MACjDhB,IAAI,EAAE,SAD2C;MAEjDC,MAAM,EAAE;QACJgB,OAAO,EAAE,YADL;QAEJC,OAAO,EAAE,iBAFL;QAGJT,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GAHd;QAIJC,OAAO,EAAE,EAJL;QAKJC,UAAU,EAAE,GALR;QAMJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU1B,GAAG,CAAC2B,KAAJ,CAAUC,SAApB,EAA+B,eAA/B,CADC;QAD2B,CAA9B,CANF;QAWJC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ChC,MAAM,CAACiC,GAFsC;YAGhDC,mCAAmC,EAAE;UAHW,EAAzC;QADF,CAXT;QAkBJC,SAAS,EAAEpC,GAAG,CAACG,SAAJ,CAAckC,WAAd,EAAyBC;MAlBhC;IAFyC,CAArC,CAAhB;IAwBA;AACR;AACA;AACA;AACA;AACA;;IACQtC,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAAC2B,QAAJ,CAAaC,SAA7B,EAAwC;MACpC1C,IAAI,EAAE,aAD8B;MAEpCC,MAAM,EAAE;QACJ0C,SAAS,EAAEvC,IAAI,CAACwC,wBADZ;QAEJC,OAAO,EAAEzC,IAAI,CAAC0C,2BAFV;QAGJC,QAAQ,EAAExB,MAAM,CACXZ,MADK,CACEP,IAAI,CAAC4C,4BADP,EAELd,KAFK,CAECe,GAAG,IAAIA,GAAG,IAAI,IAFf,CAHN;QAMJC,IAAI,EAAE3B,MAAM,CAAC4B,WAAY;AACzC;AACA,6BAA6BjD,GAAG,CAACC,MAAJ,CAAWiD,GAAX,CAAeC,OAAf,IAA0B,SAAU;AACjE,iDAAiDzC,OAAO,CAACD,MAAR,CAAeQ,GAAI;AACpE,wCAAwChB,MAAM,CAACmD,qBAAP,CAA6BtD,IAAK;AAC1E,wCAAwCG,MAAM,CAACoD,uBAAP,CAA+BC,QAAS;AAChF;MAZoB;IAF4B,CAAxC;IAkBA,OAAO;MACH/C,IADG;MAEHF,MAFG;MAGHkD,SAAS,EAAE;QACP7C;MADO,CAHR;MAMH8C,QAAQ,EAAGC,WAAD,IAAiC;QACvC,MAAMC,UAAe,GAAG1D,GAAG,CAAC2D,SAAJ,CAAcD,UAAtC;;QACA,IAAI,CAACA,UAAL,EAAiB;UACbE,OAAO,CAACC,GAAR,CACI,sEADJ;UAGA;QACH;;QACD,MAAMC,SAAS,GAAG,IAAAC,kBAAA,EAAYN,WAAW,CAAC3D,IAAxB,CAAlB;;QACA,IAAIgE,SAAS,KAAKL,WAAW,CAAC3D,IAA9B,EAAoC;UAChC8D,OAAO,CAACC,GAAR,CAAa,+BAA8BJ,WAAW,CAAC3D,IAAK,IAA5D;UACA;QACH;;QACD,OAAO4D,UAAU,CAACF,QAAX,CAAoBC,WAAW,CAAC3D,IAAhC,EAAsC;UACzC2B,IAAI,EAAEgC,WAAW,CAAChC,IADuB;UAEzCuC,MAAM,EAAEP,WAAW,CAACO,MAFqB;UAGzCC,QAAQ,EAAEvD,OAAO,CAACD,MAAR,CAAeQ;QAHgB,CAAtC,CAAP;MAKH;IAxBE,CAAP;EA0BH;;AArFqC,CAAhB,CAAnB;;;AAwFP,SAASX,yBAAT,CAAmCN,GAAnC,EAAmD;EAC/C,MAAMkE,UAAU,GAAGlE,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAnB;EACA,MAAM+D,YAAY,GAAG,IAAAC,yBAAA,EAAgBpE,GAAhB,CAArB;EACA,MAAMqE,SAAS,GAAG,IAAAC,sBAAA,EAAatE,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAAC2D,GAAJ,CAAQC,MAAxB,EAAgC;IACnC1E,IAAI,EAAE,wBAD6B;IAEnCC,MAAM,EAAE;MACJ0E,WAAW,EAAE,oEADT;MAEJ;MACApE,MAAM,EAAE6D,UAAU,CAAClC,KAAX,CAAiB9B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnCqE,OAAO,EAAE,YAD0B;UAEnCC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,6BAHI,EAIJ,uBAJI,EAKJ,sBALI,EAMJ,6BANI,EAOJ,uBAPI,EAQJ,qBARI,EASJ,sBATI,EAUJ,6BAVI,EAWJ,yBAXI,EAYJ,oCAZI,EAaJ,sCAbI,EAcJ,yBAdI,EAeJ,8CAfI,EAgBJ,yBAhBI,EAiBJ,mCAjBI,EAkBJ,4CAlBI,EAmBJ,yBAnBI,EAoBJ,wBApBI,EAqBJ,0CArBI,EAsBJ,6BAtBI,EAuBJ,6CAvBI,EAwBJ,4CAxBI,EAyBJ,mCAzBI,EA0BJ,kBA1BI,EA2BJ,qBA3BI,EA4BJ,2BA5BI,EA6BJ,sBA7BI,EA8BJ,kCA9BI,EA+BJ,sBA/BI,EAgCJ,sBAhCI,EAiCJ,qBAjCI,EAkCJ,6BAlCI,EAmCJ,wBAnCI,EAoCJ,wBApCI,EAqCJ,wBArCI,EAsCJ,wBAtCI,EAuCJ,4CAvCI,EAwCJ,kBAxCI,EAyCJ,gBAzCI,EA0CJ,iCA1CI,EA2CJ,oCA3CI,EA4CJ,eA5CI,EA6CJ,kCA7CI,EA8CJ,oCA9CI,EA+CJ,qBA/CI,EAgDJ,sBAhDI,EAiDJ,wCAjDI,EAkDJ,2BAlDI,CAHZ;YAuDIC,QAAQ,EAAE,CACL,GAAE7E,IAAI,CAAC8E,uBAAwB,EAD1B,EAEL,GAAE9E,IAAI,CAAC8E,uBAAwB,IAF1B,EAGN;YACA,IAAI9E,IAAI,CAAC+E,6BAAL,GACE,CACK,GAAE/E,IAAI,CAAC+E,6BAA8B,EAD1C,EAEK,GAAE/E,IAAI,CAAC+E,6BAA8B,IAF1C,CADF,GAKE,EALN,CAJM;UAvDd,CADO,EAoEP;YACIL,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,CAHZ;YAUIC,QAAQ,EAAG,gBAAe7E,IAAI,CAACgF,mBAAoB;UAVvD,CApEO,EAgFP;YACIN,GAAG,EAAE,qBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;YAIIC,QAAQ,EAAE1D,MAAM,CAAC4B,WAAY,kBAAiBoB,SAAU,IAAGF,YAAa;UAJ5E,CAhFO,EAsFP;YACIS,GAAG,EAAE,yBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,eAHZ;YAIIC,QAAQ,EAAG,GAAE7E,IAAI,CAACiF,kBAAmB;UAJzC,CAtFO,EA4FP;YACIP,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,kBAHZ;YAIIC,QAAQ,EAAE7E,IAAI,CAACkF;UAJnB,CA5FO,EAkGP;UACA,IAAIlF,IAAI,CAACmF,sBAAL,GACE,CACI;YACIT,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,MAHZ;YAIIC,QAAQ,EAAE,CACL,GAAE7E,IAAI,CAACmF,sBAAuB,EADzB,EAEL,GAAEnF,IAAI,CAACmF,sBAAuB,IAFzB;UAJd,CADJ,CADF,GAYE,EAZN,CAnGO;QAFwB,CAAvC;QAqHA,OAAOhF,MAAP;MACH,CAvHO;IAHJ;EAF2B,CAAhC,CAAP;AA+HH"}
1
+ {"version":3,"names":["ApiGraphql","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","aws","lambda","Function","runtime","handler","arn","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","headlessCmsModule","ApiHeadlessCMS","headlessCmsGraphQL","functions","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","addRoute","routeParams","apiGateway","resources","console","log","kebabName","toKebabCase","method","function","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","description","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport toKebabCase from \"lodash/kebabCase\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { ApiHeadlessCMS, CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport interface AddRouteParams {\n /**\n * Must be in kebab case (a-z and -)\n */\n name: string;\n path: `/${string}`;\n method: \"DELETE\" | \"GET\" | \"HEAD\" | \"PATCH\" | \"POST\" | \"PUT\" | \"OPTIONS\" | \"ANY\";\n}\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const headlessCmsModule = app.getModule(ApiHeadlessCMS);\n\n const headlessCmsGraphQL = headlessCmsModule.functions.graphql;\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"default\"}\"},\n \"cmsGraphqlFunctionArn\": {\"S\": \"${headlessCmsGraphQL.output.arn}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n },\n addRoute: (routeParams: AddRouteParams) => {\n const apiGateway: any = app.resources.apiGateway;\n if (!apiGateway) {\n console.log(\n \"Could not add route because there is no apiGateway in the resources.\"\n );\n return;\n }\n const kebabName = toKebabCase(routeParams.name);\n if (kebabName !== routeParams.name) {\n console.log(`Route name is not allowed: \"${routeParams.name}\".`);\n return;\n }\n return apiGateway.addRoute(routeParams.name, {\n path: routeParams.path,\n method: routeParams.method,\n function: graphql.output.arn\n });\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: `arn:aws:s3:::${core.fileManagerBucketId}/*`\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AACA;;;;;;;;;;AAmBO,MAAMA,UAAU,GAAG,IAAAC,wBAAA,EAAgB;EACtCC,IAAI,EAAE,YADgC;;EAEtCC,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAAwC;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAb;IAEA,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAD,CAAxC;IACA,MAAMO,IAAI,GAAG,IAAAC,6BAAA,EAAiBR,GAAjB,EAAsB;MAC/BF,IAAI,EAAE,iBADyB;MAE/BO,MAAM,EAAEA,MAAM,CAACI;IAFgB,CAAtB,CAAb;IAKA,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MACjDhB,IAAI,EAAE,SAD2C;MAEjDC,MAAM,EAAE;QACJgB,OAAO,EAAE,YADL;QAEJC,OAAO,EAAE,iBAFL;QAGJT,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GAHd;QAIJC,OAAO,EAAE,EAJL;QAKJC,UAAU,EAAE,GALR;QAMJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU1B,GAAG,CAAC2B,KAAJ,CAAUC,SAApB,EAA+B,eAA/B,CADC;QAD2B,CAA9B,CANF;QAWJC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ChC,MAAM,CAACiC,GAFsC;YAGhDC,mCAAmC,EAAE;UAHW,EAAzC;QADF,CAXT;QAkBJC,SAAS,EAAEpC,GAAG,CAACG,SAAJ,CAAckC,WAAd,EAAyBC;MAlBhC;IAFyC,CAArC,CAAhB;IAwBA,MAAMC,iBAAiB,GAAGvC,GAAG,CAACG,SAAJ,CAAcqC,gBAAd,CAA1B;IAEA,MAAMC,kBAAkB,GAAGF,iBAAiB,CAACG,SAAlB,CAA4BhC,OAAvD;IACA;AACR;AACA;AACA;AACA;AACA;;IACQV,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAAC+B,QAAJ,CAAaC,SAA7B,EAAwC;MACpC9C,IAAI,EAAE,aAD8B;MAEpCC,MAAM,EAAE;QACJ8C,SAAS,EAAE3C,IAAI,CAAC4C,wBADZ;QAEJC,OAAO,EAAE7C,IAAI,CAAC8C,2BAFV;QAGJC,QAAQ,EAAE5B,MAAM,CACXZ,MADK,CACEP,IAAI,CAACgD,4BADP,EAELlB,KAFK,CAECmB,GAAG,IAAIA,GAAG,IAAI,IAFf,CAHN;QAMJC,IAAI,EAAE/B,MAAM,CAACgC,WAAY;AACzC;AACA,6BAA6BrD,GAAG,CAACC,MAAJ,CAAWqD,GAAX,CAAeC,OAAf,IAA0B,SAAU;AACjE,gDAAgDd,kBAAkB,CAAChC,MAAnB,CAA0BQ,GAAI;AAC9E,iDAAiDP,OAAO,CAACD,MAAR,CAAeQ,GAAI;AACpE,wCAAwChB,MAAM,CAACuD,qBAAP,CAA6B1D,IAAK;AAC1E,wCAAwCG,MAAM,CAACwD,uBAAP,CAA+BC,QAAS;AAChF;MAboB;IAF4B,CAAxC;IAmBA,OAAO;MACHnD,IADG;MAEHF,MAFG;MAGHqC,SAAS,EAAE;QACPhC;MADO,CAHR;MAMHiD,QAAQ,EAAGC,WAAD,IAAiC;QACvC,MAAMC,UAAe,GAAG7D,GAAG,CAAC8D,SAAJ,CAAcD,UAAtC;;QACA,IAAI,CAACA,UAAL,EAAiB;UACbE,OAAO,CAACC,GAAR,CACI,sEADJ;UAGA;QACH;;QACD,MAAMC,SAAS,GAAG,IAAAC,kBAAA,EAAYN,WAAW,CAAC9D,IAAxB,CAAlB;;QACA,IAAImE,SAAS,KAAKL,WAAW,CAAC9D,IAA9B,EAAoC;UAChCiE,OAAO,CAACC,GAAR,CAAa,+BAA8BJ,WAAW,CAAC9D,IAAK,IAA5D;UACA;QACH;;QACD,OAAO+D,UAAU,CAACF,QAAX,CAAoBC,WAAW,CAAC9D,IAAhC,EAAsC;UACzC2B,IAAI,EAAEmC,WAAW,CAACnC,IADuB;UAEzC0C,MAAM,EAAEP,WAAW,CAACO,MAFqB;UAGzCC,QAAQ,EAAE1D,OAAO,CAACD,MAAR,CAAeQ;QAHgB,CAAtC,CAAP;MAKH;IAxBE,CAAP;EA0BH;;AAzFqC,CAAhB,CAAnB;;;AA4FP,SAASX,yBAAT,CAAmCN,GAAnC,EAAmD;EAC/C,MAAMqE,UAAU,GAAGrE,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAnB;EACA,MAAMkE,YAAY,GAAG,IAAAC,yBAAA,EAAgBvE,GAAhB,CAArB;EACA,MAAMwE,SAAS,GAAG,IAAAC,sBAAA,EAAazE,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAAC8D,GAAJ,CAAQC,MAAxB,EAAgC;IACnC7E,IAAI,EAAE,wBAD6B;IAEnCC,MAAM,EAAE;MACJ6E,WAAW,EAAE,oEADT;MAEJ;MACAvE,MAAM,EAAEgE,UAAU,CAACrC,KAAX,CAAiB9B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnCwE,OAAO,EAAE,YAD0B;UAEnCC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,6BAHI,EAIJ,uBAJI,EAKJ,sBALI,EAMJ,6BANI,EAOJ,uBAPI,EAQJ,qBARI,EASJ,sBATI,EAUJ,6BAVI,EAWJ,yBAXI,EAYJ,oCAZI,EAaJ,sCAbI,EAcJ,yBAdI,EAeJ,8CAfI,EAgBJ,yBAhBI,EAiBJ,mCAjBI,EAkBJ,4CAlBI,EAmBJ,yBAnBI,EAoBJ,wBApBI,EAqBJ,0CArBI,EAsBJ,6BAtBI,EAuBJ,6CAvBI,EAwBJ,4CAxBI,EAyBJ,mCAzBI,EA0BJ,kBA1BI,EA2BJ,qBA3BI,EA4BJ,2BA5BI,EA6BJ,sBA7BI,EA8BJ,kCA9BI,EA+BJ,sBA/BI,EAgCJ,sBAhCI,EAiCJ,qBAjCI,EAkCJ,6BAlCI,EAmCJ,wBAnCI,EAoCJ,wBApCI,EAqCJ,wBArCI,EAsCJ,wBAtCI,EAuCJ,4CAvCI,EAwCJ,kBAxCI,EAyCJ,gBAzCI,EA0CJ,iCA1CI,EA2CJ,oCA3CI,EA4CJ,eA5CI,EA6CJ,kCA7CI,EA8CJ,oCA9CI,EA+CJ,qBA/CI,EAgDJ,sBAhDI,EAiDJ,wCAjDI,EAkDJ,2BAlDI,CAHZ;YAuDIC,QAAQ,EAAE,CACL,GAAEhF,IAAI,CAACiF,uBAAwB,EAD1B,EAEL,GAAEjF,IAAI,CAACiF,uBAAwB,IAF1B,EAGN;YACA,IAAIjF,IAAI,CAACkF,6BAAL,GACE,CACK,GAAElF,IAAI,CAACkF,6BAA8B,EAD1C,EAEK,GAAElF,IAAI,CAACkF,6BAA8B,IAF1C,CADF,GAKE,EALN,CAJM;UAvDd,CADO,EAoEP;YACIL,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,CAHZ;YAUIC,QAAQ,EAAG,gBAAehF,IAAI,CAACmF,mBAAoB;UAVvD,CApEO,EAgFP;YACIN,GAAG,EAAE,qBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;YAIIC,QAAQ,EAAE7D,MAAM,CAACgC,WAAY,kBAAiBmB,SAAU,IAAGF,YAAa;UAJ5E,CAhFO,EAsFP;YACIS,GAAG,EAAE,yBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,eAHZ;YAIIC,QAAQ,EAAG,GAAEhF,IAAI,CAACoF,kBAAmB;UAJzC,CAtFO,EA4FP;YACIP,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,kBAHZ;YAIIC,QAAQ,EAAEhF,IAAI,CAACqF;UAJnB,CA5FO,EAkGP;UACA,IAAIrF,IAAI,CAACsF,sBAAL,GACE,CACI;YACIT,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,MAHZ;YAIIC,QAAQ,EAAE,CACL,GAAEhF,IAAI,CAACsF,sBAAuB,EADzB,EAEL,GAAEtF,IAAI,CAACsF,sBAAuB,IAFzB;UAJd,CADJ,CADF,GAYE,EAZN,CAnGO;QAFwB,CAAvC;QAqHA,OAAOnF,MAAP;MACH,CAvHO;IAHJ;EAF2B,CAAhC,CAAP;AA+HH"}
package/apps/api/createApiPulumiApp.js CHANGED
@@ -61,7 +61,7 @@ const createApiPulumiApp = (projectAppParams = {}) => {
61
61
  WEBINY_LOGS_FORWARD_URL
62
62
  }
63
63
  });
64
- const graphql = app.addModule(_.ApiGraphql, {
64
+ const headlessCms = app.addModule(_.ApiHeadlessCMS, {
65
65
  env: {
66
66
  COGNITO_REGION: String(process.env.AWS_REGION),
67
67
  COGNITO_USER_POOL_ID: core.cognitoUserPoolId,
@@ -72,9 +72,6 @@ const createApiPulumiApp = (projectAppParams = {}) => {
72
72
  // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments
73
73
  ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,
74
74
  S3_BUCKET: core.fileManagerBucketId,
75
- EVENT_BUS: core.eventBusArn,
76
- IMPORT_PAGES_CREATE_HANDLER: pageBuilder.importPages.functions.create.output.arn,
77
- EXPORT_PAGES_PROCESS_HANDLER: pageBuilder.exportPages.functions.process.output.arn,
78
75
  // TODO: move to okta plugin
79
76
  OKTA_ISSUER: process.env["OKTA_ISSUER"],
80
77
  WEBINY_LOGS_FORWARD_URL,
@@ -83,11 +80,9 @@ const createApiPulumiApp = (projectAppParams = {}) => {
83
80
  * APW
84
81
  */
85
82
  APW_SCHEDULER_SCHEDULE_ACTION_HANDLER: apwScheduler.scheduleAction.lambda.output.arn
86
- },
87
- apwSchedulerEventRule: apwScheduler.eventRule.output,
88
- apwSchedulerEventTarget: apwScheduler.eventTarget.output
83
+ }
89
84
  });
90
- const headlessCms = app.addModule(_.ApiHeadlessCMS, {
85
+ const graphql = app.addModule(_.ApiGraphql, {
91
86
  env: {
92
87
  COGNITO_REGION: String(process.env.AWS_REGION),
93
88
  COGNITO_USER_POOL_ID: core.cognitoUserPoolId,
@@ -98,6 +93,9 @@ const createApiPulumiApp = (projectAppParams = {}) => {
98
93
  // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments
99
94
  ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,
100
95
  S3_BUCKET: core.fileManagerBucketId,
96
+ EVENT_BUS: core.eventBusArn,
97
+ IMPORT_PAGES_CREATE_HANDLER: pageBuilder.importPages.functions.create.output.arn,
98
+ EXPORT_PAGES_PROCESS_HANDLER: pageBuilder.exportPages.functions.process.output.arn,
101
99
  // TODO: move to okta plugin
102
100
  OKTA_ISSUER: process.env["OKTA_ISSUER"],
103
101
  WEBINY_LOGS_FORWARD_URL,
@@ -106,7 +104,9 @@ const createApiPulumiApp = (projectAppParams = {}) => {
106
104
  * APW
107
105
  */
108
106
  APW_SCHEDULER_SCHEDULE_ACTION_HANDLER: apwScheduler.scheduleAction.lambda.output.arn
109
- }
107
+ },
108
+ apwSchedulerEventRule: apwScheduler.eventRule.output,
109
+ apwSchedulerEventTarget: apwScheduler.eventTarget.output
110
110
  });
111
111
  const apiGateway = app.addModule(_.ApiGateway, {
112
112
  "graphql-post": {
package/apps/api/createApiPulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createApiPulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","pulumi","addHandler","WEBINY_LOGS_FORWARD_URL","String","process","env","core","addModule","CoreOutput","VpcConfig","enabled","getParam","vpc","pageBuilder","ApiPageBuilder","COGNITO_REGION","AWS_REGION","COGNITO_USER_POOL_ID","cognitoUserPoolId","DB_TABLE","primaryDynamodbTableName","DB_TABLE_ELASTICSEARCH","elasticsearchDynamodbTableName","ELASTIC_SEARCH_ENDPOINT","elasticsearchDomainEndpoint","ELASTIC_SEARCH_INDEX_PREFIX","S3_BUCKET","fileManagerBucketId","fileManager","ApiFileManager","apwScheduler","ApiApwScheduler","primaryDynamodbTableArn","graphql","ApiGraphql","EVENT_BUS","eventBusArn","IMPORT_PAGES_CREATE_HANDLER","importPages","functions","create","output","arn","EXPORT_PAGES_PROCESS_HANDLER","exportPages","OKTA_ISSUER","APW_SCHEDULER_SCHEDULE_ACTION_HANDLER","scheduleAction","lambda","apwSchedulerEventRule","eventRule","apwSchedulerEventTarget","eventTarget","headlessCms","ApiHeadlessCMS","apiGateway","ApiGateway","method","function","download","cloudfront","ApiCloudfront","domains","applyCustomDomain","addOutputs","region","apiUrl","domainName","apply","value","apiDomain","cognitoAppClientId","cognitoUserPoolPasswordPolicy","apwSchedulerScheduleAction","apwSchedulerExecuteAction","executeAction","apwSchedulerEventTargetId","targetId","dynamoDbTable","dynamoDbElasticsearchTable","tagResources","WbyProjectName","WbyEnvironment","withCommonLambdaEnvVariables"],"sources":["createApiPulumiApp.ts"],"sourcesContent":["import { createPulumiApp, PulumiAppParam, PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport {\n ApiGateway,\n ApiApwScheduler,\n ApiCloudfront,\n ApiFileManager,\n ApiGraphql,\n ApiHeadlessCMS,\n ApiPageBuilder,\n CoreOutput,\n VpcConfig\n} from \"~/apps\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\nimport { tagResources } from \"~/utils\";\nimport { withCommonLambdaEnvVariables } from \"~/utils\";\n\nexport type ApiPulumiApp = ReturnType<typeof createApiPulumiApp>;\n\nexport interface CreateApiPulumiAppParams {\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the Core application.\n */\n vpc?: PulumiAppParam<boolean>;\n\n /** Custom domain configuration */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: ApiPulumiApp) => void | Promise<void>;\n}\n\nexport const createApiPulumiApp = (projectAppParams: CreateApiPulumiAppParams = {}) => {\n const app = createPulumiApp({\n name: \"api\",\n path: \"apps/api\",\n config: projectAppParams,\n program: async app => {\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied too late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as ApiPulumiApp);\n });\n }\n\n // Enables logs forwarding.\n // https://www.webiny.com/docs/how-to-guides/use-watch-command#enabling-logs-forwarding\n const WEBINY_LOGS_FORWARD_URL = String(process.env.WEBINY_LOGS_FORWARD_URL);\n\n // Register core output as a module available to all the other modules\n const core = app.addModule(CoreOutput);\n\n // Register VPC config module to be available to other modules\n app.addModule(VpcConfig, {\n enabled: app.getParam(projectAppParams.vpc)\n });\n\n const pageBuilder = app.addModule(ApiPageBuilder, {\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n DB_TABLE_ELASTICSEARCH: core.elasticsearchDynamodbTableName,\n ELASTIC_SEARCH_ENDPOINT: core.elasticsearchDomainEndpoint,\n\n // Not required. Useful for testing purposes / ephemeral environments.\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,\n\n S3_BUCKET: core.fileManagerBucketId,\n WEBINY_LOGS_FORWARD_URL\n }\n });\n\n const fileManager = app.addModule(ApiFileManager);\n\n const apwScheduler = app.addModule(ApiApwScheduler, {\n primaryDynamodbTableArn: core.primaryDynamodbTableArn,\n\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n S3_BUCKET: core.fileManagerBucketId,\n WEBINY_LOGS_FORWARD_URL\n }\n });\n\n const graphql = app.addModule(ApiGraphql, {\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n DB_TABLE_ELASTICSEARCH: core.elasticsearchDynamodbTableName,\n ELASTIC_SEARCH_ENDPOINT: core.elasticsearchDomainEndpoint,\n\n // Not required. Useful for testing purposes / ephemeral environments.\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,\n\n S3_BUCKET: core.fileManagerBucketId,\n EVENT_BUS: core.eventBusArn,\n IMPORT_PAGES_CREATE_HANDLER:\n pageBuilder.importPages.functions.create.output.arn,\n EXPORT_PAGES_PROCESS_HANDLER:\n pageBuilder.exportPages.functions.process.output.arn,\n // TODO: move to okta plugin\n OKTA_ISSUER: process.env[\"OKTA_ISSUER\"],\n WEBINY_LOGS_FORWARD_URL,\n /**\n * APW\n */\n APW_SCHEDULER_SCHEDULE_ACTION_HANDLER:\n apwScheduler.scheduleAction.lambda.output.arn\n },\n apwSchedulerEventRule: apwScheduler.eventRule.output,\n apwSchedulerEventTarget: apwScheduler.eventTarget.output\n });\n\n const headlessCms = app.addModule(ApiHeadlessCMS, {\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n DB_TABLE_ELASTICSEARCH: core.elasticsearchDynamodbTableName,\n ELASTIC_SEARCH_ENDPOINT: core.elasticsearchDomainEndpoint,\n\n // Not required. Useful for testing purposes / ephemeral environments.\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,\n\n S3_BUCKET: core.fileManagerBucketId,\n // TODO: move to okta plugin\n OKTA_ISSUER: process.env[\"OKTA_ISSUER\"],\n WEBINY_LOGS_FORWARD_URL,\n /**\n * APW\n */\n APW_SCHEDULER_SCHEDULE_ACTION_HANDLER:\n apwScheduler.scheduleAction.lambda.output.arn\n }\n });\n\n const apiGateway = app.addModule(ApiGateway, {\n \"graphql-post\": {\n path: \"/graphql\",\n method: \"POST\",\n function: graphql.functions.graphql.output.arn\n },\n \"graphql-options\": {\n path: \"/graphql\",\n method: \"OPTIONS\",\n function: graphql.functions.graphql.output.arn\n },\n \"files-any\": {\n path: \"/files/{path}\",\n method: \"ANY\",\n function: fileManager.functions.download.output.arn\n },\n \"cms-post\": {\n path: \"/cms/{key+}\",\n method: \"POST\",\n function: headlessCms.functions.graphql.output.arn\n },\n \"cms-options\": {\n path: \"/cms/{key+}\",\n method: \"OPTIONS\",\n function: headlessCms.functions.graphql.output.arn\n }\n });\n\n const cloudfront = app.addModule(ApiCloudfront);\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(cloudfront, domains);\n }\n\n app.addOutputs({\n region: process.env.AWS_REGION,\n apiUrl: cloudfront.output.domainName.apply(value => `https://${value}`),\n apiDomain: cloudfront.output.domainName,\n cognitoUserPoolId: core.cognitoUserPoolId,\n cognitoAppClientId: core.cognitoAppClientId,\n cognitoUserPoolPasswordPolicy: core.cognitoUserPoolPasswordPolicy,\n apwSchedulerScheduleAction: apwScheduler.scheduleAction.lambda.output.arn,\n apwSchedulerExecuteAction: apwScheduler.executeAction.lambda.output.arn,\n apwSchedulerEventRule: apwScheduler.eventRule.output.name,\n apwSchedulerEventTargetId: apwScheduler.eventTarget.output.targetId,\n dynamoDbTable: core.primaryDynamodbTableName,\n dynamoDbElasticsearchTable: core.elasticsearchDynamodbTableName\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n fileManager,\n graphql,\n headlessCms,\n apiGateway,\n cloudfront,\n apwScheduler\n };\n }\n });\n\n return withCommonLambdaEnvVariables(app);\n};\n"],"mappings":";;;;;;;AAAA;;AACA;;AAWA;;AACA;;AAsBO,MAAMA,kBAAkB,GAAG,CAACC,gBAA0C,GAAG,EAA9C,KAAqD;EACnF,MAAMC,GAAG,GAAG,IAAAC,uBAAA,EAAgB;IACxBC,IAAI,EAAE,KADkB;IAExBC,IAAI,EAAE,UAFkB;IAGxBC,MAAM,EAAEL,gBAHgB;IAIxBM,OAAO,EAAE,MAAML,GAAN,IAAa;MAClB;MACA;MACA,IAAID,gBAAgB,CAACO,MAArB,EAA6B;QACzBN,GAAG,CAACO,UAAJ,CAAe,MAAM;UACjB,OAAOR,gBAAgB,CAACO,MAAjB,CAAyBN,GAAzB,CAAP;QACH,CAFD;MAGH,CAPiB,CASlB;MACA;;;MACA,MAAMQ,uBAAuB,GAAGC,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYH,uBAAb,CAAtC,CAXkB,CAalB;;MACA,MAAMI,IAAI,GAAGZ,GAAG,CAACa,SAAJ,CAAcC,YAAd,CAAb,CAdkB,CAgBlB;;MACAd,GAAG,CAACa,SAAJ,CAAcE,WAAd,EAAyB;QACrBC,OAAO,EAAEhB,GAAG,CAACiB,QAAJ,CAAalB,gBAAgB,CAACmB,GAA9B;MADY,CAAzB;MAIA,MAAMC,WAAW,GAAGnB,GAAG,CAACa,SAAJ,CAAcO,gBAAd,EAA8B;QAC9CT,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDC,sBAAsB,EAAEf,IAAI,CAACgB,8BAJ5B;UAKDC,uBAAuB,EAAEjB,IAAI,CAACkB,2BAL7B;UAOD;UACA;UACAC,2BAA2B,EAAErB,OAAO,CAACC,GAAR,CAAYoB,2BATxC;UAWDC,SAAS,EAAEpB,IAAI,CAACqB,mBAXf;UAYDzB;QAZC;MADyC,CAA9B,CAApB;MAiBA,MAAM0B,WAAW,GAAGlC,GAAG,CAACa,SAAJ,CAAcsB,gBAAd,CAApB;MAEA,MAAMC,YAAY,GAAGpC,GAAG,CAACa,SAAJ,CAAcwB,iBAAd,EAA+B;QAChDC,uBAAuB,EAAE1B,IAAI,CAAC0B,uBADkB;QAGhD3B,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDM,SAAS,EAAEpB,IAAI,CAACqB,mBAJf;UAKDzB;QALC;MAH2C,CAA/B,CAArB;MAYA,MAAM+B,OAAO,GAAGvC,GAAG,CAACa,SAAJ,CAAc2B,YAAd,EAA0B;QACtC7B,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDC,sBAAsB,EAAEf,IAAI,CAACgB,8BAJ5B;UAKDC,uBAAuB,EAAEjB,IAAI,CAACkB,2BAL7B;UAOD;UACA;UACAC,2BAA2B,EAAErB,OAAO,CAACC,GAAR,CAAYoB,2BATxC;UAWDC,SAAS,EAAEpB,IAAI,CAACqB,mBAXf;UAYDQ,SAAS,EAAE7B,IAAI,CAAC8B,WAZf;UAaDC,2BAA2B,EACvBxB,WAAW,CAACyB,WAAZ,CAAwBC,SAAxB,CAAkCC,MAAlC,CAAyCC,MAAzC,CAAgDC,GAdnD;UAeDC,4BAA4B,EACxB9B,WAAW,CAAC+B,WAAZ,CAAwBL,SAAxB,CAAkCnC,OAAlC,CAA0CqC,MAA1C,CAAiDC,GAhBpD;UAiBD;UACAG,WAAW,EAAEzC,OAAO,CAACC,GAAR,CAAY,aAAZ,CAlBZ;UAmBDH,uBAnBC;;UAoBD;AACpB;AACA;UACoB4C,qCAAqC,EACjChB,YAAY,CAACiB,cAAb,CAA4BC,MAA5B,CAAmCP,MAAnC,CAA0CC;QAxB7C,CADiC;QA2BtCO,qBAAqB,EAAEnB,YAAY,CAACoB,SAAb,CAAuBT,MA3BR;QA4BtCU,uBAAuB,EAAErB,YAAY,CAACsB,WAAb,CAAyBX;MA5BZ,CAA1B,CAAhB;MA+BA,MAAMY,WAAW,GAAG3D,GAAG,CAACa,SAAJ,CAAc+C,gBAAd,EAA8B;QAC9CjD,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDC,sBAAsB,EAAEf,IAAI,CAACgB,8BAJ5B;UAKDC,uBAAuB,EAAEjB,IAAI,CAACkB,2BAL7B;UAOD;UACA;UACAC,2BAA2B,EAAErB,OAAO,CAACC,GAAR,CAAYoB,2BATxC;UAWDC,SAAS,EAAEpB,IAAI,CAACqB,mBAXf;UAYD;UACAkB,WAAW,EAAEzC,OAAO,CAACC,GAAR,CAAY,aAAZ,CAbZ;UAcDH,uBAdC;;UAeD;AACpB;AACA;UACoB4C,qCAAqC,EACjChB,YAAY,CAACiB,cAAb,CAA4BC,MAA5B,CAAmCP,MAAnC,CAA0CC;QAnB7C;MADyC,CAA9B,CAApB;MAwBA,MAAMa,UAAU,GAAG7D,GAAG,CAACa,SAAJ,CAAciD,YAAd,EAA0B;QACzC,gBAAgB;UACZ3D,IAAI,EAAE,UADM;UAEZ4D,MAAM,EAAE,MAFI;UAGZC,QAAQ,EAAEzB,OAAO,CAACM,SAAR,CAAkBN,OAAlB,CAA0BQ,MAA1B,CAAiCC;QAH/B,CADyB;QAMzC,mBAAmB;UACf7C,IAAI,EAAE,UADS;UAEf4D,MAAM,EAAE,SAFO;UAGfC,QAAQ,EAAEzB,OAAO,CAACM,SAAR,CAAkBN,OAAlB,CAA0BQ,MAA1B,CAAiCC;QAH5B,CANsB;QAWzC,aAAa;UACT7C,IAAI,EAAE,eADG;UAET4D,MAAM,EAAE,KAFC;UAGTC,QAAQ,EAAE9B,WAAW,CAACW,SAAZ,CAAsBoB,QAAtB,CAA+BlB,MAA/B,CAAsCC;QAHvC,CAX4B;QAgBzC,YAAY;UACR7C,IAAI,EAAE,aADE;UAER4D,MAAM,EAAE,MAFA;UAGRC,QAAQ,EAAEL,WAAW,CAACd,SAAZ,CAAsBN,OAAtB,CAA8BQ,MAA9B,CAAqCC;QAHvC,CAhB6B;QAqBzC,eAAe;UACX7C,IAAI,EAAE,aADK;UAEX4D,MAAM,EAAE,SAFG;UAGXC,QAAQ,EAAEL,WAAW,CAACd,SAAZ,CAAsBN,OAAtB,CAA8BQ,MAA9B,CAAqCC;QAHpC;MArB0B,CAA1B,CAAnB;MA4BA,MAAMkB,UAAU,GAAGlE,GAAG,CAACa,SAAJ,CAAcsD,eAAd,CAAnB;MAEA,MAAMC,OAAO,GAAGpE,GAAG,CAACiB,QAAJ,CAAalB,gBAAgB,CAACqE,OAA9B,CAAhB;;MACA,IAAIA,OAAJ,EAAa;QACT,IAAAC,+BAAA,EAAkBH,UAAlB,EAA8BE,OAA9B;MACH;;MAEDpE,GAAG,CAACsE,UAAJ,CAAe;QACXC,MAAM,EAAE7D,OAAO,CAACC,GAAR,CAAYW,UADT;QAEXkD,MAAM,EAAEN,UAAU,CAACnB,MAAX,CAAkB0B,UAAlB,CAA6BC,KAA7B,CAAmCC,KAAK,IAAK,WAAUA,KAAM,EAA7D,CAFG;QAGXC,SAAS,EAAEV,UAAU,CAACnB,MAAX,CAAkB0B,UAHlB;QAIXjD,iBAAiB,EAAEZ,IAAI,CAACY,iBAJb;QAKXqD,kBAAkB,EAAEjE,IAAI,CAACiE,kBALd;QAMXC,6BAA6B,EAAElE,IAAI,CAACkE,6BANzB;QAOXC,0BAA0B,EAAE3C,YAAY,CAACiB,cAAb,CAA4BC,MAA5B,CAAmCP,MAAnC,CAA0CC,GAP3D;QAQXgC,yBAAyB,EAAE5C,YAAY,CAAC6C,aAAb,CAA2B3B,MAA3B,CAAkCP,MAAlC,CAAyCC,GARzD;QASXO,qBAAqB,EAAEnB,YAAY,CAACoB,SAAb,CAAuBT,MAAvB,CAA8B7C,IAT1C;QAUXgF,yBAAyB,EAAE9C,YAAY,CAACsB,WAAb,CAAyBX,MAAzB,CAAgCoC,QAVhD;QAWXC,aAAa,EAAExE,IAAI,CAACc,wBAXT;QAYX2D,0BAA0B,EAAEzE,IAAI,CAACgB;MAZtB,CAAf;MAeA,IAAA0D,mBAAA,EAAa;QACTC,cAAc,EAAE9E,MAAM,CAACC,OAAO,CAACC,GAAR,CAAY,qBAAZ,CAAD,CADb;QAET6E,cAAc,EAAE/E,MAAM,CAACC,OAAO,CAACC,GAAR,CAAY,YAAZ,CAAD;MAFb,CAAb;MAKA,OAAO;QACHuB,WADG;QAEHK,OAFG;QAGHoB,WAHG;QAIHE,UAJG;QAKHK,UALG;QAMH9B;MANG,CAAP;IAQH;EA9KuB,CAAhB,CAAZ;EAiLA,OAAO,IAAAqD,mCAAA,EAA6BzF,GAA7B,CAAP;AACH,CAnLM"}
1
+ {"version":3,"names":["createApiPulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","pulumi","addHandler","WEBINY_LOGS_FORWARD_URL","String","process","env","core","addModule","CoreOutput","VpcConfig","enabled","getParam","vpc","pageBuilder","ApiPageBuilder","COGNITO_REGION","AWS_REGION","COGNITO_USER_POOL_ID","cognitoUserPoolId","DB_TABLE","primaryDynamodbTableName","DB_TABLE_ELASTICSEARCH","elasticsearchDynamodbTableName","ELASTIC_SEARCH_ENDPOINT","elasticsearchDomainEndpoint","ELASTIC_SEARCH_INDEX_PREFIX","S3_BUCKET","fileManagerBucketId","fileManager","ApiFileManager","apwScheduler","ApiApwScheduler","primaryDynamodbTableArn","headlessCms","ApiHeadlessCMS","OKTA_ISSUER","APW_SCHEDULER_SCHEDULE_ACTION_HANDLER","scheduleAction","lambda","output","arn","graphql","ApiGraphql","EVENT_BUS","eventBusArn","IMPORT_PAGES_CREATE_HANDLER","importPages","functions","create","EXPORT_PAGES_PROCESS_HANDLER","exportPages","apwSchedulerEventRule","eventRule","apwSchedulerEventTarget","eventTarget","apiGateway","ApiGateway","method","function","download","cloudfront","ApiCloudfront","domains","applyCustomDomain","addOutputs","region","apiUrl","domainName","apply","value","apiDomain","cognitoAppClientId","cognitoUserPoolPasswordPolicy","apwSchedulerScheduleAction","apwSchedulerExecuteAction","executeAction","apwSchedulerEventTargetId","targetId","dynamoDbTable","dynamoDbElasticsearchTable","tagResources","WbyProjectName","WbyEnvironment","withCommonLambdaEnvVariables"],"sources":["createApiPulumiApp.ts"],"sourcesContent":["import { createPulumiApp, PulumiAppParam, PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport {\n ApiGateway,\n ApiApwScheduler,\n ApiCloudfront,\n ApiFileManager,\n ApiGraphql,\n ApiHeadlessCMS,\n ApiPageBuilder,\n CoreOutput,\n VpcConfig\n} from \"~/apps\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\nimport { tagResources } from \"~/utils\";\nimport { withCommonLambdaEnvVariables } from \"~/utils\";\n\nexport type ApiPulumiApp = ReturnType<typeof createApiPulumiApp>;\n\nexport interface CreateApiPulumiAppParams {\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the Core application.\n */\n vpc?: PulumiAppParam<boolean>;\n\n /** Custom domain configuration */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: ApiPulumiApp) => void | Promise<void>;\n}\n\nexport const createApiPulumiApp = (projectAppParams: CreateApiPulumiAppParams = {}) => {\n const app = createPulumiApp({\n name: \"api\",\n path: \"apps/api\",\n config: projectAppParams,\n program: async app => {\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied too late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as ApiPulumiApp);\n });\n }\n\n // Enables logs forwarding.\n // https://www.webiny.com/docs/how-to-guides/use-watch-command#enabling-logs-forwarding\n const WEBINY_LOGS_FORWARD_URL = String(process.env.WEBINY_LOGS_FORWARD_URL);\n\n // Register core output as a module available to all the other modules\n const core = app.addModule(CoreOutput);\n\n // Register VPC config module to be available to other modules\n app.addModule(VpcConfig, {\n enabled: app.getParam(projectAppParams.vpc)\n });\n\n const pageBuilder = app.addModule(ApiPageBuilder, {\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n DB_TABLE_ELASTICSEARCH: core.elasticsearchDynamodbTableName,\n ELASTIC_SEARCH_ENDPOINT: core.elasticsearchDomainEndpoint,\n\n // Not required. Useful for testing purposes / ephemeral environments.\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,\n\n S3_BUCKET: core.fileManagerBucketId,\n WEBINY_LOGS_FORWARD_URL\n }\n });\n\n const fileManager = app.addModule(ApiFileManager);\n\n const apwScheduler = app.addModule(ApiApwScheduler, {\n primaryDynamodbTableArn: core.primaryDynamodbTableArn,\n\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n S3_BUCKET: core.fileManagerBucketId,\n WEBINY_LOGS_FORWARD_URL\n }\n });\n\n const headlessCms = app.addModule(ApiHeadlessCMS, {\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n DB_TABLE_ELASTICSEARCH: core.elasticsearchDynamodbTableName,\n ELASTIC_SEARCH_ENDPOINT: core.elasticsearchDomainEndpoint,\n\n // Not required. Useful for testing purposes / ephemeral environments.\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,\n\n S3_BUCKET: core.fileManagerBucketId,\n // TODO: move to okta plugin\n OKTA_ISSUER: process.env[\"OKTA_ISSUER\"],\n WEBINY_LOGS_FORWARD_URL,\n /**\n * APW\n */\n APW_SCHEDULER_SCHEDULE_ACTION_HANDLER:\n apwScheduler.scheduleAction.lambda.output.arn\n }\n });\n\n const graphql = app.addModule(ApiGraphql, {\n env: {\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n DB_TABLE_ELASTICSEARCH: core.elasticsearchDynamodbTableName,\n ELASTIC_SEARCH_ENDPOINT: core.elasticsearchDomainEndpoint,\n\n // Not required. Useful for testing purposes / ephemeral environments.\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,\n\n S3_BUCKET: core.fileManagerBucketId,\n EVENT_BUS: core.eventBusArn,\n IMPORT_PAGES_CREATE_HANDLER:\n pageBuilder.importPages.functions.create.output.arn,\n EXPORT_PAGES_PROCESS_HANDLER:\n pageBuilder.exportPages.functions.process.output.arn,\n // TODO: move to okta plugin\n OKTA_ISSUER: process.env[\"OKTA_ISSUER\"],\n WEBINY_LOGS_FORWARD_URL,\n /**\n * APW\n */\n APW_SCHEDULER_SCHEDULE_ACTION_HANDLER:\n apwScheduler.scheduleAction.lambda.output.arn\n },\n apwSchedulerEventRule: apwScheduler.eventRule.output,\n apwSchedulerEventTarget: apwScheduler.eventTarget.output\n });\n\n const apiGateway = app.addModule(ApiGateway, {\n \"graphql-post\": {\n path: \"/graphql\",\n method: \"POST\",\n function: graphql.functions.graphql.output.arn\n },\n \"graphql-options\": {\n path: \"/graphql\",\n method: \"OPTIONS\",\n function: graphql.functions.graphql.output.arn\n },\n \"files-any\": {\n path: \"/files/{path}\",\n method: \"ANY\",\n function: fileManager.functions.download.output.arn\n },\n \"cms-post\": {\n path: \"/cms/{key+}\",\n method: \"POST\",\n function: headlessCms.functions.graphql.output.arn\n },\n \"cms-options\": {\n path: \"/cms/{key+}\",\n method: \"OPTIONS\",\n function: headlessCms.functions.graphql.output.arn\n }\n });\n\n const cloudfront = app.addModule(ApiCloudfront);\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(cloudfront, domains);\n }\n\n app.addOutputs({\n region: process.env.AWS_REGION,\n apiUrl: cloudfront.output.domainName.apply(value => `https://${value}`),\n apiDomain: cloudfront.output.domainName,\n cognitoUserPoolId: core.cognitoUserPoolId,\n cognitoAppClientId: core.cognitoAppClientId,\n cognitoUserPoolPasswordPolicy: core.cognitoUserPoolPasswordPolicy,\n apwSchedulerScheduleAction: apwScheduler.scheduleAction.lambda.output.arn,\n apwSchedulerExecuteAction: apwScheduler.executeAction.lambda.output.arn,\n apwSchedulerEventRule: apwScheduler.eventRule.output.name,\n apwSchedulerEventTargetId: apwScheduler.eventTarget.output.targetId,\n dynamoDbTable: core.primaryDynamodbTableName,\n dynamoDbElasticsearchTable: core.elasticsearchDynamodbTableName\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n fileManager,\n graphql,\n headlessCms,\n apiGateway,\n cloudfront,\n apwScheduler\n };\n }\n });\n\n return withCommonLambdaEnvVariables(app);\n};\n"],"mappings":";;;;;;;AAAA;;AACA;;AAWA;;AACA;;AAsBO,MAAMA,kBAAkB,GAAG,CAACC,gBAA0C,GAAG,EAA9C,KAAqD;EACnF,MAAMC,GAAG,GAAG,IAAAC,uBAAA,EAAgB;IACxBC,IAAI,EAAE,KADkB;IAExBC,IAAI,EAAE,UAFkB;IAGxBC,MAAM,EAAEL,gBAHgB;IAIxBM,OAAO,EAAE,MAAML,GAAN,IAAa;MAClB;MACA;MACA,IAAID,gBAAgB,CAACO,MAArB,EAA6B;QACzBN,GAAG,CAACO,UAAJ,CAAe,MAAM;UACjB,OAAOR,gBAAgB,CAACO,MAAjB,CAAyBN,GAAzB,CAAP;QACH,CAFD;MAGH,CAPiB,CASlB;MACA;;;MACA,MAAMQ,uBAAuB,GAAGC,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYH,uBAAb,CAAtC,CAXkB,CAalB;;MACA,MAAMI,IAAI,GAAGZ,GAAG,CAACa,SAAJ,CAAcC,YAAd,CAAb,CAdkB,CAgBlB;;MACAd,GAAG,CAACa,SAAJ,CAAcE,WAAd,EAAyB;QACrBC,OAAO,EAAEhB,GAAG,CAACiB,QAAJ,CAAalB,gBAAgB,CAACmB,GAA9B;MADY,CAAzB;MAIA,MAAMC,WAAW,GAAGnB,GAAG,CAACa,SAAJ,CAAcO,gBAAd,EAA8B;QAC9CT,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDC,sBAAsB,EAAEf,IAAI,CAACgB,8BAJ5B;UAKDC,uBAAuB,EAAEjB,IAAI,CAACkB,2BAL7B;UAOD;UACA;UACAC,2BAA2B,EAAErB,OAAO,CAACC,GAAR,CAAYoB,2BATxC;UAWDC,SAAS,EAAEpB,IAAI,CAACqB,mBAXf;UAYDzB;QAZC;MADyC,CAA9B,CAApB;MAiBA,MAAM0B,WAAW,GAAGlC,GAAG,CAACa,SAAJ,CAAcsB,gBAAd,CAApB;MAEA,MAAMC,YAAY,GAAGpC,GAAG,CAACa,SAAJ,CAAcwB,iBAAd,EAA+B;QAChDC,uBAAuB,EAAE1B,IAAI,CAAC0B,uBADkB;QAGhD3B,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDM,SAAS,EAAEpB,IAAI,CAACqB,mBAJf;UAKDzB;QALC;MAH2C,CAA/B,CAArB;MAYA,MAAM+B,WAAW,GAAGvC,GAAG,CAACa,SAAJ,CAAc2B,gBAAd,EAA8B;QAC9C7B,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDC,sBAAsB,EAAEf,IAAI,CAACgB,8BAJ5B;UAKDC,uBAAuB,EAAEjB,IAAI,CAACkB,2BAL7B;UAOD;UACA;UACAC,2BAA2B,EAAErB,OAAO,CAACC,GAAR,CAAYoB,2BATxC;UAWDC,SAAS,EAAEpB,IAAI,CAACqB,mBAXf;UAYD;UACAQ,WAAW,EAAE/B,OAAO,CAACC,GAAR,CAAY,aAAZ,CAbZ;UAcDH,uBAdC;;UAeD;AACpB;AACA;UACoBkC,qCAAqC,EACjCN,YAAY,CAACO,cAAb,CAA4BC,MAA5B,CAAmCC,MAAnC,CAA0CC;QAnB7C;MADyC,CAA9B,CAApB;MAwBA,MAAMC,OAAO,GAAG/C,GAAG,CAACa,SAAJ,CAAcmC,YAAd,EAA0B;QACtCrC,GAAG,EAAE;UACDU,cAAc,EAAEZ,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYW,UAAb,CADrB;UAEDC,oBAAoB,EAAEX,IAAI,CAACY,iBAF1B;UAGDC,QAAQ,EAAEb,IAAI,CAACc,wBAHd;UAIDC,sBAAsB,EAAEf,IAAI,CAACgB,8BAJ5B;UAKDC,uBAAuB,EAAEjB,IAAI,CAACkB,2BAL7B;UAOD;UACA;UACAC,2BAA2B,EAAErB,OAAO,CAACC,GAAR,CAAYoB,2BATxC;UAWDC,SAAS,EAAEpB,IAAI,CAACqB,mBAXf;UAYDgB,SAAS,EAAErC,IAAI,CAACsC,WAZf;UAaDC,2BAA2B,EACvBhC,WAAW,CAACiC,WAAZ,CAAwBC,SAAxB,CAAkCC,MAAlC,CAAyCT,MAAzC,CAAgDC,GAdnD;UAeDS,4BAA4B,EACxBpC,WAAW,CAACqC,WAAZ,CAAwBH,SAAxB,CAAkC3C,OAAlC,CAA0CmC,MAA1C,CAAiDC,GAhBpD;UAiBD;UACAL,WAAW,EAAE/B,OAAO,CAACC,GAAR,CAAY,aAAZ,CAlBZ;UAmBDH,uBAnBC;;UAoBD;AACpB;AACA;UACoBkC,qCAAqC,EACjCN,YAAY,CAACO,cAAb,CAA4BC,MAA5B,CAAmCC,MAAnC,CAA0CC;QAxB7C,CADiC;QA2BtCW,qBAAqB,EAAErB,YAAY,CAACsB,SAAb,CAAuBb,MA3BR;QA4BtCc,uBAAuB,EAAEvB,YAAY,CAACwB,WAAb,CAAyBf;MA5BZ,CAA1B,CAAhB;MA+BA,MAAMgB,UAAU,GAAG7D,GAAG,CAACa,SAAJ,CAAciD,YAAd,EAA0B;QACzC,gBAAgB;UACZ3D,IAAI,EAAE,UADM;UAEZ4D,MAAM,EAAE,MAFI;UAGZC,QAAQ,EAAEjB,OAAO,CAACM,SAAR,CAAkBN,OAAlB,CAA0BF,MAA1B,CAAiCC;QAH/B,CADyB;QAMzC,mBAAmB;UACf3C,IAAI,EAAE,UADS;UAEf4D,MAAM,EAAE,SAFO;UAGfC,QAAQ,EAAEjB,OAAO,CAACM,SAAR,CAAkBN,OAAlB,CAA0BF,MAA1B,CAAiCC;QAH5B,CANsB;QAWzC,aAAa;UACT3C,IAAI,EAAE,eADG;UAET4D,MAAM,EAAE,KAFC;UAGTC,QAAQ,EAAE9B,WAAW,CAACmB,SAAZ,CAAsBY,QAAtB,CAA+BpB,MAA/B,CAAsCC;QAHvC,CAX4B;QAgBzC,YAAY;UACR3C,IAAI,EAAE,aADE;UAER4D,MAAM,EAAE,MAFA;UAGRC,QAAQ,EAAEzB,WAAW,CAACc,SAAZ,CAAsBN,OAAtB,CAA8BF,MAA9B,CAAqCC;QAHvC,CAhB6B;QAqBzC,eAAe;UACX3C,IAAI,EAAE,aADK;UAEX4D,MAAM,EAAE,SAFG;UAGXC,QAAQ,EAAEzB,WAAW,CAACc,SAAZ,CAAsBN,OAAtB,CAA8BF,MAA9B,CAAqCC;QAHpC;MArB0B,CAA1B,CAAnB;MA4BA,MAAMoB,UAAU,GAAGlE,GAAG,CAACa,SAAJ,CAAcsD,eAAd,CAAnB;MAEA,MAAMC,OAAO,GAAGpE,GAAG,CAACiB,QAAJ,CAAalB,gBAAgB,CAACqE,OAA9B,CAAhB;;MACA,IAAIA,OAAJ,EAAa;QACT,IAAAC,+BAAA,EAAkBH,UAAlB,EAA8BE,OAA9B;MACH;;MAEDpE,GAAG,CAACsE,UAAJ,CAAe;QACXC,MAAM,EAAE7D,OAAO,CAACC,GAAR,CAAYW,UADT;QAEXkD,MAAM,EAAEN,UAAU,CAACrB,MAAX,CAAkB4B,UAAlB,CAA6BC,KAA7B,CAAmCC,KAAK,IAAK,WAAUA,KAAM,EAA7D,CAFG;QAGXC,SAAS,EAAEV,UAAU,CAACrB,MAAX,CAAkB4B,UAHlB;QAIXjD,iBAAiB,EAAEZ,IAAI,CAACY,iBAJb;QAKXqD,kBAAkB,EAAEjE,IAAI,CAACiE,kBALd;QAMXC,6BAA6B,EAAElE,IAAI,CAACkE,6BANzB;QAOXC,0BAA0B,EAAE3C,YAAY,CAACO,cAAb,CAA4BC,MAA5B,CAAmCC,MAAnC,CAA0CC,GAP3D;QAQXkC,yBAAyB,EAAE5C,YAAY,CAAC6C,aAAb,CAA2BrC,MAA3B,CAAkCC,MAAlC,CAAyCC,GARzD;QASXW,qBAAqB,EAAErB,YAAY,CAACsB,SAAb,CAAuBb,MAAvB,CAA8B3C,IAT1C;QAUXgF,yBAAyB,EAAE9C,YAAY,CAACwB,WAAb,CAAyBf,MAAzB,CAAgCsC,QAVhD;QAWXC,aAAa,EAAExE,IAAI,CAACc,wBAXT;QAYX2D,0BAA0B,EAAEzE,IAAI,CAACgB;MAZtB,CAAf;MAeA,IAAA0D,mBAAA,EAAa;QACTC,cAAc,EAAE9E,MAAM,CAACC,OAAO,CAACC,GAAR,CAAY,qBAAZ,CAAD,CADb;QAET6E,cAAc,EAAE/E,MAAM,CAACC,OAAO,CAACC,GAAR,CAAY,YAAZ,CAAD;MAFb,CAAb;MAKA,OAAO;QACHuB,WADG;QAEHa,OAFG;QAGHR,WAHG;QAIHsB,UAJG;QAKHK,UALG;QAMH9B;MANG,CAAP;IAQH;EA9KuB,CAAhB,CAAZ;EAiLA,OAAO,IAAAqD,mCAAA,EAA6BzF,GAA7B,CAAP;AACH,CAnLM"}
package/apps/common/VpcConfig.js CHANGED
@@ -18,7 +18,7 @@ const VpcConfig = (0, _pulumi.createAppModule)({
18
18
  subnetIds: [],
19
19
  securityGroupIds: []
20
20
  };
21
- const enabled = params.enabled !== false;
21
+ const enabled = Boolean(params.enabled);
22
22
 
23
23
  if (enabled) {
24
24
  // If VPC is not manually disabled we extract details from core.
package/apps/common/VpcConfig.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["VpcConfig","createAppModule","name","config","app","params","getModule","CoreOutput","apply","core","functionVpcConfig","subnetIds","securityGroupIds","enabled","vpcPrivateSubnetIds","vpcSecurityGroupIds"],"sources":["VpcConfig.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\n\nimport { createAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"./CoreOutput\";\n\nexport interface VpcParams {\n enabled: boolean | undefined;\n}\n\nexport const VpcConfig = createAppModule({\n name: \"VpcConfig\",\n config(app, params: VpcParams) {\n return app.getModule(CoreOutput).apply(core => {\n const functionVpcConfig: aws.types.input.lambda.FunctionVpcConfig = {\n subnetIds: [],\n securityGroupIds: []\n };\n\n const enabled = params.enabled !== false;\n\n if (enabled) {\n // If VPC is not manually disabled we extract details from core.\n functionVpcConfig.subnetIds = core.vpcPrivateSubnetIds || [];\n functionVpcConfig.securityGroupIds = core.vpcSecurityGroupIds || [];\n }\n\n return {\n functionVpcConfig,\n enabled\n };\n });\n }\n});\n"],"mappings":";;;;;;;AAEA;;AACA;;AAMO,MAAMA,SAAS,GAAG,IAAAC,uBAAA,EAAgB;EACrCC,IAAI,EAAE,WAD+B;;EAErCC,MAAM,CAACC,GAAD,EAAMC,MAAN,EAAyB;IAC3B,OAAOD,GAAG,CAACE,SAAJ,CAAcC,sBAAd,EAA0BC,KAA1B,CAAgCC,IAAI,IAAI;MAC3C,MAAMC,iBAA2D,GAAG;QAChEC,SAAS,EAAE,EADqD;QAEhEC,gBAAgB,EAAE;MAF8C,CAApE;MAKA,MAAMC,OAAO,GAAGR,MAAM,CAACQ,OAAP,KAAmB,KAAnC;;MAEA,IAAIA,OAAJ,EAAa;QACT;QACAH,iBAAiB,CAACC,SAAlB,GAA8BF,IAAI,CAACK,mBAAL,IAA4B,EAA1D;QACAJ,iBAAiB,CAACE,gBAAlB,GAAqCH,IAAI,CAACM,mBAAL,IAA4B,EAAjE;MACH;;MAED,OAAO;QACHL,iBADG;QAEHG;MAFG,CAAP;IAIH,CAlBM,CAAP;EAmBH;;AAtBoC,CAAhB,CAAlB"}
1
+ {"version":3,"names":["VpcConfig","createAppModule","name","config","app","params","getModule","CoreOutput","apply","core","functionVpcConfig","subnetIds","securityGroupIds","enabled","Boolean","vpcPrivateSubnetIds","vpcSecurityGroupIds"],"sources":["VpcConfig.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\n\nimport { createAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"./CoreOutput\";\n\nexport interface VpcParams {\n enabled: boolean | undefined;\n}\n\nexport const VpcConfig = createAppModule({\n name: \"VpcConfig\",\n config(app, params: VpcParams) {\n return app.getModule(CoreOutput).apply(core => {\n const functionVpcConfig: aws.types.input.lambda.FunctionVpcConfig = {\n subnetIds: [],\n securityGroupIds: []\n };\n\n const enabled = Boolean(params.enabled);\n\n if (enabled) {\n // If VPC is not manually disabled we extract details from core.\n functionVpcConfig.subnetIds = core.vpcPrivateSubnetIds || [];\n functionVpcConfig.securityGroupIds = core.vpcSecurityGroupIds || [];\n }\n\n return {\n functionVpcConfig,\n enabled\n };\n });\n }\n});\n"],"mappings":";;;;;;;AAEA;;AACA;;AAMO,MAAMA,SAAS,GAAG,IAAAC,uBAAA,EAAgB;EACrCC,IAAI,EAAE,WAD+B;;EAErCC,MAAM,CAACC,GAAD,EAAMC,MAAN,EAAyB;IAC3B,OAAOD,GAAG,CAACE,SAAJ,CAAcC,sBAAd,EAA0BC,KAA1B,CAAgCC,IAAI,IAAI;MAC3C,MAAMC,iBAA2D,GAAG;QAChEC,SAAS,EAAE,EADqD;QAEhEC,gBAAgB,EAAE;MAF8C,CAApE;MAKA,MAAMC,OAAO,GAAGC,OAAO,CAACT,MAAM,CAACQ,OAAR,CAAvB;;MAEA,IAAIA,OAAJ,EAAa;QACT;QACAH,iBAAiB,CAACC,SAAlB,GAA8BF,IAAI,CAACM,mBAAL,IAA4B,EAA1D;QACAL,iBAAiB,CAACE,gBAAlB,GAAqCH,IAAI,CAACO,mBAAL,IAA4B,EAAjE;MACH;;MAED,OAAO;QACHN,iBADG;QAEHG;MAFG,CAAP;IAIH,CAlBM,CAAP;EAmBH;;AAtBoC,CAAhB,CAAlB"}
package/apps/core/CoreElasticSearch.js CHANGED
@@ -72,7 +72,7 @@ const ElasticSearch = (0, _pulumi2.createAppModule)({
72
72
  name: domainName,
73
73
  config: {
74
74
  elasticsearchVersion: "7.10",
75
- clusterConfig: prod ? getDevClusterConfig() : getProdClusterConfig(),
75
+ clusterConfig: prod ? getProdClusterConfig() : getDevClusterConfig(),
76
76
  vpcOptions: vpc ? {
77
77
  subnetIds: vpc.subnets.private.map(s => s.output.id),
78
78
  securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]
@@ -175,14 +175,26 @@ const ElasticSearch = (0, _pulumi2.createAppModule)({
175
175
  role: role.output,
176
176
  policyArn: policy.output.arn
177
177
  }
178
- });
179
- app.addResource(aws.iam.RolePolicyAttachment, {
180
- name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,
181
- config: {
182
- role: role.output,
183
- policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole
184
- }
185
- });
178
+ }); // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.
179
+
180
+ if (vpc) {
181
+ app.addResource(aws.iam.RolePolicyAttachment, {
182
+ name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,
183
+ config: {
184
+ role: role.output,
185
+ policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole
186
+ }
187
+ });
188
+ } else {
189
+ app.addResource(aws.iam.RolePolicyAttachment, {
190
+ name: `${roleName}-AWSLambdaBasicExecutionRole`,
191
+ config: {
192
+ role: role.output,
193
+ policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole
194
+ }
195
+ });
196
+ }
197
+
186
198
  app.addResource(aws.iam.RolePolicyAttachment, {
187
199
  name: `${roleName}-AWSLambdaDynamoDBExecutionRole`,
188
200
  config: {
package/apps/core/CoreElasticSearch.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["getDevClusterConfig","instanceType","getProdClusterConfig","instanceCount","zoneAwarenessEnabled","zoneAwarenessConfig","availabilityZoneCount","ElasticSearch","createAppModule","name","config","app","params","domainName","accountId","getAwsAccountId","prod","run","env","vpc","getModule","CoreVpc","optional","domain","domainPolicy","process","AWS_ELASTIC_SEARCH_DOMAIN_NAME","String","addRemoteResource","aws","elasticsearch","getDomain","async","addResource","Domain","elasticsearchVersion","clusterConfig","vpcOptions","subnetIds","subnets","private","map","s","output","id","securityGroupIds","defaultSecurityGroupId","undefined","ebsOptions","ebsEnabled","volumeSize","volumeType","advancedOptions","snapshotOptions","automatedSnapshotStartHour","opts","protect","DomainPolicy","accessPolicies","Version","Statement","Effect","Principal","AWS","Action","Resource","pulumi","interpolate","arn","table","dynamodb","Table","attributes","type","streamEnabled","streamViewType","billingMode","hashKey","rangeKey","roleName","role","iam","Role","assumeRolePolicy","Service","policy","getDynamoDbToElasticLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaDynamoDBExecutionRole","lambda","Function","runtime","handler","timeout","memorySize","environment","variables","DEBUG","ELASTIC_SEARCH_ENDPOINT","endpoint","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","vpcConfig","eventSourceMapping","EventSourceMapping","eventSourceArn","streamArn","functionName","startingPosition","maximumRetryAttempts","batchSize","maximumBatchingWindowInSeconds","addOutputs","elasticsearchDomainArn","elasticsearchDomainEndpoint","elasticsearchDynamodbTableArn","elasticsearchDynamodbTableName","dynamoToElastic","Policy","Sid"],"sources":["CoreElasticSearch.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport {\n createAppModule,\n PulumiApp,\n PulumiAppResource,\n PulumiAppResourceConstructor,\n PulumiAppRemoteResource\n} from \"@webiny/pulumi\";\n\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { CoreVpc } from \"./CoreVpc\";\n\nexport interface ElasticSearchParams {\n protect: boolean;\n}\n\nfunction getDevClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n instanceType: \"t3.small.elasticsearch\"\n };\n}\n\nfunction getProdClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n // For production deployments, we create 2 instances and configure multi-AZ.\n instanceType: \"t3.medium.elasticsearch\",\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n zoneAwarenessConfig: {\n availabilityZoneCount: 2\n }\n };\n}\n\nexport const ElasticSearch = createAppModule({\n name: \"ElasticSearch\",\n config(app, params: ElasticSearchParams) {\n const domainName = \"webiny-js\";\n const accountId = getAwsAccountId(app);\n const prod = app.params.run.env === \"prod\";\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n // This needs to be implemented in order to be able to use a shared ElasticSearch cluster.\n let domain:\n | PulumiAppResource<PulumiAppResourceConstructor<aws.elasticsearch.Domain>>\n | PulumiAppRemoteResource<aws.elasticsearch.GetDomainResult>;\n\n let domainPolicy;\n\n if (process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME) {\n const domainName = String(process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME);\n // This can be useful for testing purposes in ephemeral environments. More information here:\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n domain = app.addRemoteResource(domainName, () => {\n return aws.elasticsearch.getDomain({ domainName }, { async: true });\n });\n } else {\n // Regular ElasticSearch deployment.\n domain = app.addResource(aws.elasticsearch.Domain, {\n name: domainName,\n config: {\n elasticsearchVersion: \"7.10\",\n clusterConfig: prod ? getDevClusterConfig() : getProdClusterConfig(),\n vpcOptions: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined,\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n volumeType: \"gp2\"\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\"\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23\n }\n },\n opts: { protect: params.protect }\n });\n\n /**\n * Domain policy defines who can access your Elasticsearch Domain.\n * For details on Elasticsearch security, read the official documentation:\n * https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/security.html\n */\n domainPolicy = app.addResource(aws.elasticsearch.DomainPolicy, {\n name: `${domainName}-policy`,\n config: {\n domainName: domain.output.domainName,\n accessPolicies: {\n Version: \"2012-10-17\",\n Statement: [\n /**\n * Allow requests signed with current account\n */\n {\n Effect: \"Allow\",\n Principal: {\n AWS: accountId\n },\n Action: \"es:*\",\n Resource: pulumi.interpolate`${domain.output.arn}/*`\n }\n ]\n }\n },\n opts: { protect: params.protect }\n });\n }\n\n /**\n * Create a table for Elasticsearch records. All ES records are stored in this table to dramatically improve\n * performance and stability on write operations (especially massive data imports). This table also serves as a backup and\n * a single source of truth for your Elasticsearch domain. Streaming is enabled on this table, and it will\n * allow asynchronous synchronization of data with Elasticsearch domain.\n */\n const table = app.addResource(aws.dynamodb.Table, {\n name: \"webiny-es\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" }\n ],\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\"\n },\n opts: { protect: params.protect }\n });\n\n const roleName = \"dynamo-to-elastic-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const policy = getDynamoDbToElasticLambdaPolicy(app, domain.output);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-DynamoDbToElasticLambdaPolicy`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaDynamoDBExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaDynamoDBExecutionRole\n }\n });\n\n /**\n * This Lambda will process the stream events from DynamoDB table that contains Elasticsearch items.\n * Elasticsearch can't take large amount of individual writes in a short period of time, so this way\n * we store data for Elasticsearch in a DynamoDB table, and asynchronously insert it into Elasticsearch\n * using batching.\n */\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"dynamo-to-elastic\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 600,\n memorySize: 512,\n environment: {\n variables: {\n DEBUG: String(process.env.DEBUG),\n ELASTIC_SEARCH_ENDPOINT: domain.output.endpoint\n }\n },\n description: \"Process DynamoDB Stream.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"dynamoToElastic/build\")\n )\n }),\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"dynamo-to-elastic\",\n config: {\n eventSourceArn: table.output.streamArn,\n functionName: lambda.output.arn,\n startingPosition: \"LATEST\",\n maximumRetryAttempts: 3,\n batchSize: 1000,\n maximumBatchingWindowInSeconds: 1\n }\n });\n\n app.addOutputs({\n elasticsearchDomainArn: domain.output.arn,\n elasticsearchDomainEndpoint: domain.output.endpoint,\n elasticsearchDynamodbTableArn: table.output.arn,\n elasticsearchDynamodbTableName: table.output.name\n });\n\n return {\n domain,\n domainPolicy,\n table,\n dynamoToElastic: {\n role,\n policy,\n lambda,\n eventSourceMapping\n }\n };\n }\n});\n\nfunction getDynamoDbToElasticLambdaPolicy(\n app: PulumiApp,\n domain: pulumi.Output<aws.elasticsearch.Domain | aws.elasticsearch.GetDomainResult>\n) {\n return app.addResource(aws.iam.Policy, {\n name: \"DynamoDbToElasticLambdaPolicy-updated\",\n config: {\n description: \"This policy enables access to ES and Dynamodb streams\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\",\n Action: [\n \"es:ESHttpDelete\",\n \"es:ESHttpPatch\",\n \"es:ESHttpPost\",\n \"es:ESHttpPut\"\n ],\n Resource: [\n pulumi.interpolate`${domain.arn}`,\n pulumi.interpolate`${domain.arn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AAQA;;AACA;;;;;;AAMA,SAASA,mBAAT,GAAkF;EAC9E,OAAO;IACHC,YAAY,EAAE;EADX,CAAP;AAGH;;AAED,SAASC,oBAAT,GAAmF;EAC/E,OAAO;IACH;IACAD,YAAY,EAAE,yBAFX;IAGHE,aAAa,EAAE,CAHZ;IAIHC,oBAAoB,EAAE,IAJnB;IAKHC,mBAAmB,EAAE;MACjBC,qBAAqB,EAAE;IADN;EALlB,CAAP;AASH;;AAEM,MAAMC,aAAa,GAAG,IAAAC,wBAAA,EAAgB;EACzCC,IAAI,EAAE,eADmC;;EAEzCC,MAAM,CAACC,GAAD,EAAMC,MAAN,EAAmC;IACrC,MAAMC,UAAU,GAAG,WAAnB;IACA,MAAMC,SAAS,GAAG,IAAAC,yBAAA,EAAgBJ,GAAhB,CAAlB;IACA,MAAMK,IAAI,GAAGL,GAAG,CAACC,MAAJ,CAAWK,GAAX,CAAeC,GAAf,KAAuB,MAApC;IACA,MAAMC,GAAG,GAAGR,GAAG,CAACS,SAAJ,CAAcC,gBAAd,EAAuB;MAAEC,QAAQ,EAAE;IAAZ,CAAvB,CAAZ,CAJqC,CAMrC;;IACA,IAAIC,MAAJ;IAIA,IAAIC,YAAJ;;IAEA,IAAIC,OAAO,CAACP,GAAR,CAAYQ,8BAAhB,EAAgD;MAC5C,MAAMb,UAAU,GAAGc,MAAM,CAACF,OAAO,CAACP,GAAR,CAAYQ,8BAAb,CAAzB,CAD4C,CAE5C;MACA;;MACAH,MAAM,GAAGZ,GAAG,CAACiB,iBAAJ,CAAsBf,UAAtB,EAAkC,MAAM;QAC7C,OAAOgB,GAAG,CAACC,aAAJ,CAAkBC,SAAlB,CAA4B;UAAElB;QAAF,CAA5B,EAA4C;UAAEmB,KAAK,EAAE;QAAT,CAA5C,CAAP;MACH,CAFQ,CAAT;IAGH,CAPD,MAOO;MACH;MACAT,MAAM,GAAGZ,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACC,aAAJ,CAAkBI,MAAlC,EAA0C;QAC/CzB,IAAI,EAAEI,UADyC;QAE/CH,MAAM,EAAE;UACJyB,oBAAoB,EAAE,MADlB;UAEJC,aAAa,EAAEpB,IAAI,GAAGhB,mBAAmB,EAAtB,GAA2BE,oBAAoB,EAF9D;UAGJmC,UAAU,EAAElB,GAAG,GACT;YACImB,SAAS,EAAEnB,GAAG,CAACoB,OAAJ,CAAYC,OAAZ,CAAoBC,GAApB,CAAwBC,CAAC,IAAIA,CAAC,CAACC,MAAF,CAASC,EAAtC,CADf;YAEIC,gBAAgB,EAAE,CAAC1B,GAAG,CAACA,GAAJ,CAAQwB,MAAR,CAAeG,sBAAhB;UAFtB,CADS,GAKTC,SARF;UASJC,UAAU,EAAE;YACRC,UAAU,EAAE,IADJ;YAERC,UAAU,EAAE,EAFJ;YAGRC,UAAU,EAAE;UAHJ,CATR;UAcJC,eAAe,EAAE;YACb,0CAA0C;UAD7B,CAdb;UAiBJC,eAAe,EAAE;YACbC,0BAA0B,EAAE;UADf;QAjBb,CAFuC;QAuB/CC,IAAI,EAAE;UAAEC,OAAO,EAAE5C,MAAM,CAAC4C;QAAlB;MAvByC,CAA1C,CAAT;MA0BA;AACZ;AACA;AACA;AACA;;MACYhC,YAAY,GAAGb,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACC,aAAJ,CAAkB2B,YAAlC,EAAgD;QAC3DhD,IAAI,EAAG,GAAEI,UAAW,SADuC;QAE3DH,MAAM,EAAE;UACJG,UAAU,EAAEU,MAAM,CAACoB,MAAP,CAAc9B,UADtB;UAEJ6C,cAAc,EAAE;YACZC,OAAO,EAAE,YADG;YAEZC,SAAS,EAAE;YACP;AAC5B;AACA;YAC4B;cACIC,MAAM,EAAE,OADZ;cAEIC,SAAS,EAAE;gBACPC,GAAG,EAAEjD;cADE,CAFf;cAKIkD,MAAM,EAAE,MALZ;cAMIC,QAAQ,EAAEC,MAAM,CAACC,WAAY,GAAE5C,MAAM,CAACoB,MAAP,CAAcyB,GAAI;YANrD,CAJO;UAFC;QAFZ,CAFmD;QAqB3Db,IAAI,EAAE;UAAEC,OAAO,EAAE5C,MAAM,CAAC4C;QAAlB;MArBqD,CAAhD,CAAf;IAuBH;IAED;AACR;AACA;AACA;AACA;AACA;;;IACQ,MAAMa,KAAK,GAAG1D,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACyC,QAAJ,CAAaC,KAA7B,EAAoC;MAC9C9D,IAAI,EAAE,WADwC;MAE9CC,MAAM,EAAE;QACJ8D,UAAU,EAAE,CACR;UAAE/D,IAAI,EAAE,IAAR;UAAcgE,IAAI,EAAE;QAApB,CADQ,EAER;UAAEhE,IAAI,EAAE,IAAR;UAAcgE,IAAI,EAAE;QAApB,CAFQ,CADR;QAKJC,aAAa,EAAE,IALX;QAMJC,cAAc,EAAE,oBANZ;QAOJC,WAAW,EAAE,iBAPT;QAQJC,OAAO,EAAE,IARL;QASJC,QAAQ,EAAE;MATN,CAFsC;MAa9CvB,IAAI,EAAE;QAAEC,OAAO,EAAE5C,MAAM,CAAC4C;MAAlB;IAbwC,CAApC,CAAd;IAgBA,MAAMuB,QAAQ,GAAG,+BAAjB;IAEA,MAAMC,IAAI,GAAGrE,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQC,IAAxB,EAA8B;MACvCzE,IAAI,EAAEsE,QADiC;MAEvCrE,MAAM,EAAE;QACJyE,gBAAgB,EAAE;UACdxB,OAAO,EAAE,YADK;UAEdC,SAAS,EAAE,CACP;YACII,MAAM,EAAE,gBADZ;YAEIF,SAAS,EAAE;cACPsB,OAAO,EAAE;YADF,CAFf;YAKIvB,MAAM,EAAE;UALZ,CADO;QAFG;MADd;IAF+B,CAA9B,CAAb;IAkBA,MAAMwB,MAAM,GAAGC,gCAAgC,CAAC3E,GAAD,EAAMY,MAAM,CAACoB,MAAb,CAA/C;IAEAhC,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQM,oBAAxB,EAA8C;MAC1C9E,IAAI,EAAG,GAAEsE,QAAS,gCADwB;MAE1CrE,MAAM,EAAE;QACJsE,IAAI,EAAEA,IAAI,CAACrC,MADP;QAEJ6C,SAAS,EAAEH,MAAM,CAAC1C,MAAP,CAAcyB;MAFrB;IAFkC,CAA9C;IAQAzD,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQM,oBAAxB,EAA8C;MAC1C9E,IAAI,EAAG,GAAEsE,QAAS,kCADwB;MAE1CrE,MAAM,EAAE;QACJsE,IAAI,EAAEA,IAAI,CAACrC,MADP;QAEJ6C,SAAS,EAAE3D,GAAG,CAACoD,GAAJ,CAAQQ,aAAR,CAAsBC;MAF7B;IAFkC,CAA9C;IAQA/E,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQM,oBAAxB,EAA8C;MAC1C9E,IAAI,EAAG,GAAEsE,QAAS,iCADwB;MAE1CrE,MAAM,EAAE;QACJsE,IAAI,EAAEA,IAAI,CAACrC,MADP;QAEJ6C,SAAS,EAAE3D,GAAG,CAACoD,GAAJ,CAAQQ,aAAR,CAAsBE;MAF7B;IAFkC,CAA9C;IAQA;AACR;AACA;AACA;AACA;AACA;;IACQ,MAAMC,MAAM,GAAGjF,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAAC+D,MAAJ,CAAWC,QAA3B,EAAqC;MAChDpF,IAAI,EAAE,mBAD0C;MAEhDC,MAAM,EAAE;QACJsE,IAAI,EAAEA,IAAI,CAACrC,MAAL,CAAYyB,GADd;QAEJ0B,OAAO,EAAE,YAFL;QAGJC,OAAO,EAAE,iBAHL;QAIJC,OAAO,EAAE,GAJL;QAKJC,UAAU,EAAE,GALR;QAMJC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,KAAK,EAAEzE,MAAM,CAACF,OAAO,CAACP,GAAR,CAAYkF,KAAb,CADN;YAEPC,uBAAuB,EAAE9E,MAAM,CAACoB,MAAP,CAAc2D;UAFhC;QADF,CANT;QAYJC,WAAW,EAAE,0BAZT;QAaJC,IAAI,EAAE,IAAItC,MAAM,CAACuC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIxC,MAAM,CAACuC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAUlG,GAAG,CAACmG,KAAJ,CAAUC,SAApB,EAA+B,uBAA/B,CADC;QAD2B,CAA9B,CAbF;QAkBJC,SAAS,EAAE7F,GAAG,GACR;UACImB,SAAS,EAAEnB,GAAG,CAACoB,OAAJ,CAAYC,OAAZ,CAAoBC,GAApB,CAAwBC,CAAC,IAAIA,CAAC,CAACC,MAAF,CAASC,EAAtC,CADf;UAEIC,gBAAgB,EAAE,CAAC1B,GAAG,CAACA,GAAJ,CAAQwB,MAAR,CAAeG,sBAAhB;QAFtB,CADQ,GAKRC;MAvBF;IAFwC,CAArC,CAAf;IA6BA,MAAMkE,kBAAkB,GAAGtG,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAAC+D,MAAJ,CAAWsB,kBAA3B,EAA+C;MACtEzG,IAAI,EAAE,mBADgE;MAEtEC,MAAM,EAAE;QACJyG,cAAc,EAAE9C,KAAK,CAAC1B,MAAN,CAAayE,SADzB;QAEJC,YAAY,EAAEzB,MAAM,CAACjD,MAAP,CAAcyB,GAFxB;QAGJkD,gBAAgB,EAAE,QAHd;QAIJC,oBAAoB,EAAE,CAJlB;QAKJC,SAAS,EAAE,IALP;QAMJC,8BAA8B,EAAE;MAN5B;IAF8D,CAA/C,CAA3B;IAYA9G,GAAG,CAAC+G,UAAJ,CAAe;MACXC,sBAAsB,EAAEpG,MAAM,CAACoB,MAAP,CAAcyB,GAD3B;MAEXwD,2BAA2B,EAAErG,MAAM,CAACoB,MAAP,CAAc2D,QAFhC;MAGXuB,6BAA6B,EAAExD,KAAK,CAAC1B,MAAN,CAAayB,GAHjC;MAIX0D,8BAA8B,EAAEzD,KAAK,CAAC1B,MAAN,CAAalC;IAJlC,CAAf;IAOA,OAAO;MACHc,MADG;MAEHC,YAFG;MAGH6C,KAHG;MAIH0D,eAAe,EAAE;QACb/C,IADa;QAEbK,MAFa;QAGbO,MAHa;QAIbqB;MAJa;IAJd,CAAP;EAWH;;AArNwC,CAAhB,CAAtB;;;AAwNP,SAAS3B,gCAAT,CACI3E,GADJ,EAEIY,MAFJ,EAGE;EACE,OAAOZ,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQ+C,MAAxB,EAAgC;IACnCvH,IAAI,EAAE,uCAD6B;IAEnCC,MAAM,EAAE;MACJ6F,WAAW,EAAE,uDADT;MAEJlB,MAAM,EAAE;QACJ1B,OAAO,EAAE,YADL;QAEJC,SAAS,EAAE,CACP;UACIqE,GAAG,EAAE,iBADT;UAEIpE,MAAM,EAAE,OAFZ;UAGIG,MAAM,EAAE,CACJ,iBADI,EAEJ,gBAFI,EAGJ,eAHI,EAIJ,cAJI,CAHZ;UASIC,QAAQ,EAAE,CACNC,MAAM,CAACC,WAAY,GAAE5C,MAAM,CAAC6C,GAAI,EAD1B,EAENF,MAAM,CAACC,WAAY,GAAE5C,MAAM,CAAC6C,GAAI,IAF1B;QATd,CADO;MAFP;IAFJ;EAF2B,CAAhC,CAAP;AAyBH"}
1
+ {"version":3,"names":["getDevClusterConfig","instanceType","getProdClusterConfig","instanceCount","zoneAwarenessEnabled","zoneAwarenessConfig","availabilityZoneCount","ElasticSearch","createAppModule","name","config","app","params","domainName","accountId","getAwsAccountId","prod","run","env","vpc","getModule","CoreVpc","optional","domain","domainPolicy","process","AWS_ELASTIC_SEARCH_DOMAIN_NAME","String","addRemoteResource","aws","elasticsearch","getDomain","async","addResource","Domain","elasticsearchVersion","clusterConfig","vpcOptions","subnetIds","subnets","private","map","s","output","id","securityGroupIds","defaultSecurityGroupId","undefined","ebsOptions","ebsEnabled","volumeSize","volumeType","advancedOptions","snapshotOptions","automatedSnapshotStartHour","opts","protect","DomainPolicy","accessPolicies","Version","Statement","Effect","Principal","AWS","Action","Resource","pulumi","interpolate","arn","table","dynamodb","Table","attributes","type","streamEnabled","streamViewType","billingMode","hashKey","rangeKey","roleName","role","iam","Role","assumeRolePolicy","Service","policy","getDynamoDbToElasticLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","AWSLambdaDynamoDBExecutionRole","lambda","Function","runtime","handler","timeout","memorySize","environment","variables","DEBUG","ELASTIC_SEARCH_ENDPOINT","endpoint","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","vpcConfig","eventSourceMapping","EventSourceMapping","eventSourceArn","streamArn","functionName","startingPosition","maximumRetryAttempts","batchSize","maximumBatchingWindowInSeconds","addOutputs","elasticsearchDomainArn","elasticsearchDomainEndpoint","elasticsearchDynamodbTableArn","elasticsearchDynamodbTableName","dynamoToElastic","Policy","Sid"],"sources":["CoreElasticSearch.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport {\n createAppModule,\n PulumiApp,\n PulumiAppResource,\n PulumiAppResourceConstructor,\n PulumiAppRemoteResource\n} from \"@webiny/pulumi\";\n\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { CoreVpc } from \"./CoreVpc\";\n\nexport interface ElasticSearchParams {\n protect: boolean;\n}\n\nfunction getDevClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n instanceType: \"t3.small.elasticsearch\"\n };\n}\n\nfunction getProdClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n // For production deployments, we create 2 instances and configure multi-AZ.\n instanceType: \"t3.medium.elasticsearch\",\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n zoneAwarenessConfig: {\n availabilityZoneCount: 2\n }\n };\n}\n\nexport const ElasticSearch = createAppModule({\n name: \"ElasticSearch\",\n config(app, params: ElasticSearchParams) {\n const domainName = \"webiny-js\";\n const accountId = getAwsAccountId(app);\n const prod = app.params.run.env === \"prod\";\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n // This needs to be implemented in order to be able to use a shared ElasticSearch cluster.\n let domain:\n | PulumiAppResource<PulumiAppResourceConstructor<aws.elasticsearch.Domain>>\n | PulumiAppRemoteResource<aws.elasticsearch.GetDomainResult>;\n\n let domainPolicy;\n\n if (process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME) {\n const domainName = String(process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME);\n // This can be useful for testing purposes in ephemeral environments. More information here:\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n domain = app.addRemoteResource(domainName, () => {\n return aws.elasticsearch.getDomain({ domainName }, { async: true });\n });\n } else {\n // Regular ElasticSearch deployment.\n domain = app.addResource(aws.elasticsearch.Domain, {\n name: domainName,\n config: {\n elasticsearchVersion: \"7.10\",\n clusterConfig: prod ? getProdClusterConfig() : getDevClusterConfig(),\n vpcOptions: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined,\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n volumeType: \"gp2\"\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\"\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23\n }\n },\n opts: { protect: params.protect }\n });\n\n /**\n * Domain policy defines who can access your Elasticsearch Domain.\n * For details on Elasticsearch security, read the official documentation:\n * https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/security.html\n */\n domainPolicy = app.addResource(aws.elasticsearch.DomainPolicy, {\n name: `${domainName}-policy`,\n config: {\n domainName: domain.output.domainName,\n accessPolicies: {\n Version: \"2012-10-17\",\n Statement: [\n /**\n * Allow requests signed with current account\n */\n {\n Effect: \"Allow\",\n Principal: {\n AWS: accountId\n },\n Action: \"es:*\",\n Resource: pulumi.interpolate`${domain.output.arn}/*`\n }\n ]\n }\n },\n opts: { protect: params.protect }\n });\n }\n\n /**\n * Create a table for Elasticsearch records. All ES records are stored in this table to dramatically improve\n * performance and stability on write operations (especially massive data imports). This table also serves as a backup and\n * a single source of truth for your Elasticsearch domain. Streaming is enabled on this table, and it will\n * allow asynchronous synchronization of data with Elasticsearch domain.\n */\n const table = app.addResource(aws.dynamodb.Table, {\n name: \"webiny-es\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" }\n ],\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\"\n },\n opts: { protect: params.protect }\n });\n\n const roleName = \"dynamo-to-elastic-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const policy = getDynamoDbToElasticLambdaPolicy(app, domain.output);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-DynamoDbToElasticLambdaPolicy`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaDynamoDBExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaDynamoDBExecutionRole\n }\n });\n\n /**\n * This Lambda will process the stream events from DynamoDB table that contains Elasticsearch items.\n * Elasticsearch can't take large amount of individual writes in a short period of time, so this way\n * we store data for Elasticsearch in a DynamoDB table, and asynchronously insert it into Elasticsearch\n * using batching.\n */\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"dynamo-to-elastic\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 600,\n memorySize: 512,\n environment: {\n variables: {\n DEBUG: String(process.env.DEBUG),\n ELASTIC_SEARCH_ENDPOINT: domain.output.endpoint\n }\n },\n description: \"Process DynamoDB Stream.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"dynamoToElastic/build\")\n )\n }),\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"dynamo-to-elastic\",\n config: {\n eventSourceArn: table.output.streamArn,\n functionName: lambda.output.arn,\n startingPosition: \"LATEST\",\n maximumRetryAttempts: 3,\n batchSize: 1000,\n maximumBatchingWindowInSeconds: 1\n }\n });\n\n app.addOutputs({\n elasticsearchDomainArn: domain.output.arn,\n elasticsearchDomainEndpoint: domain.output.endpoint,\n elasticsearchDynamodbTableArn: table.output.arn,\n elasticsearchDynamodbTableName: table.output.name\n });\n\n return {\n domain,\n domainPolicy,\n table,\n dynamoToElastic: {\n role,\n policy,\n lambda,\n eventSourceMapping\n }\n };\n }\n});\n\nfunction getDynamoDbToElasticLambdaPolicy(\n app: PulumiApp,\n domain: pulumi.Output<aws.elasticsearch.Domain | aws.elasticsearch.GetDomainResult>\n) {\n return app.addResource(aws.iam.Policy, {\n name: \"DynamoDbToElasticLambdaPolicy-updated\",\n config: {\n description: \"This policy enables access to ES and Dynamodb streams\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\",\n Action: [\n \"es:ESHttpDelete\",\n \"es:ESHttpPatch\",\n \"es:ESHttpPost\",\n \"es:ESHttpPut\"\n ],\n Resource: [\n pulumi.interpolate`${domain.arn}`,\n pulumi.interpolate`${domain.arn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AAQA;;AACA;;;;;;AAMA,SAASA,mBAAT,GAAkF;EAC9E,OAAO;IACHC,YAAY,EAAE;EADX,CAAP;AAGH;;AAED,SAASC,oBAAT,GAAmF;EAC/E,OAAO;IACH;IACAD,YAAY,EAAE,yBAFX;IAGHE,aAAa,EAAE,CAHZ;IAIHC,oBAAoB,EAAE,IAJnB;IAKHC,mBAAmB,EAAE;MACjBC,qBAAqB,EAAE;IADN;EALlB,CAAP;AASH;;AAEM,MAAMC,aAAa,GAAG,IAAAC,wBAAA,EAAgB;EACzCC,IAAI,EAAE,eADmC;;EAEzCC,MAAM,CAACC,GAAD,EAAMC,MAAN,EAAmC;IACrC,MAAMC,UAAU,GAAG,WAAnB;IACA,MAAMC,SAAS,GAAG,IAAAC,yBAAA,EAAgBJ,GAAhB,CAAlB;IACA,MAAMK,IAAI,GAAGL,GAAG,CAACC,MAAJ,CAAWK,GAAX,CAAeC,GAAf,KAAuB,MAApC;IACA,MAAMC,GAAG,GAAGR,GAAG,CAACS,SAAJ,CAAcC,gBAAd,EAAuB;MAAEC,QAAQ,EAAE;IAAZ,CAAvB,CAAZ,CAJqC,CAMrC;;IACA,IAAIC,MAAJ;IAIA,IAAIC,YAAJ;;IAEA,IAAIC,OAAO,CAACP,GAAR,CAAYQ,8BAAhB,EAAgD;MAC5C,MAAMb,UAAU,GAAGc,MAAM,CAACF,OAAO,CAACP,GAAR,CAAYQ,8BAAb,CAAzB,CAD4C,CAE5C;MACA;;MACAH,MAAM,GAAGZ,GAAG,CAACiB,iBAAJ,CAAsBf,UAAtB,EAAkC,MAAM;QAC7C,OAAOgB,GAAG,CAACC,aAAJ,CAAkBC,SAAlB,CAA4B;UAAElB;QAAF,CAA5B,EAA4C;UAAEmB,KAAK,EAAE;QAAT,CAA5C,CAAP;MACH,CAFQ,CAAT;IAGH,CAPD,MAOO;MACH;MACAT,MAAM,GAAGZ,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACC,aAAJ,CAAkBI,MAAlC,EAA0C;QAC/CzB,IAAI,EAAEI,UADyC;QAE/CH,MAAM,EAAE;UACJyB,oBAAoB,EAAE,MADlB;UAEJC,aAAa,EAAEpB,IAAI,GAAGd,oBAAoB,EAAvB,GAA4BF,mBAAmB,EAF9D;UAGJqC,UAAU,EAAElB,GAAG,GACT;YACImB,SAAS,EAAEnB,GAAG,CAACoB,OAAJ,CAAYC,OAAZ,CAAoBC,GAApB,CAAwBC,CAAC,IAAIA,CAAC,CAACC,MAAF,CAASC,EAAtC,CADf;YAEIC,gBAAgB,EAAE,CAAC1B,GAAG,CAACA,GAAJ,CAAQwB,MAAR,CAAeG,sBAAhB;UAFtB,CADS,GAKTC,SARF;UASJC,UAAU,EAAE;YACRC,UAAU,EAAE,IADJ;YAERC,UAAU,EAAE,EAFJ;YAGRC,UAAU,EAAE;UAHJ,CATR;UAcJC,eAAe,EAAE;YACb,0CAA0C;UAD7B,CAdb;UAiBJC,eAAe,EAAE;YACbC,0BAA0B,EAAE;UADf;QAjBb,CAFuC;QAuB/CC,IAAI,EAAE;UAAEC,OAAO,EAAE5C,MAAM,CAAC4C;QAAlB;MAvByC,CAA1C,CAAT;MA0BA;AACZ;AACA;AACA;AACA;;MACYhC,YAAY,GAAGb,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACC,aAAJ,CAAkB2B,YAAlC,EAAgD;QAC3DhD,IAAI,EAAG,GAAEI,UAAW,SADuC;QAE3DH,MAAM,EAAE;UACJG,UAAU,EAAEU,MAAM,CAACoB,MAAP,CAAc9B,UADtB;UAEJ6C,cAAc,EAAE;YACZC,OAAO,EAAE,YADG;YAEZC,SAAS,EAAE;YACP;AAC5B;AACA;YAC4B;cACIC,MAAM,EAAE,OADZ;cAEIC,SAAS,EAAE;gBACPC,GAAG,EAAEjD;cADE,CAFf;cAKIkD,MAAM,EAAE,MALZ;cAMIC,QAAQ,EAAEC,MAAM,CAACC,WAAY,GAAE5C,MAAM,CAACoB,MAAP,CAAcyB,GAAI;YANrD,CAJO;UAFC;QAFZ,CAFmD;QAqB3Db,IAAI,EAAE;UAAEC,OAAO,EAAE5C,MAAM,CAAC4C;QAAlB;MArBqD,CAAhD,CAAf;IAuBH;IAED;AACR;AACA;AACA;AACA;AACA;;;IACQ,MAAMa,KAAK,GAAG1D,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACyC,QAAJ,CAAaC,KAA7B,EAAoC;MAC9C9D,IAAI,EAAE,WADwC;MAE9CC,MAAM,EAAE;QACJ8D,UAAU,EAAE,CACR;UAAE/D,IAAI,EAAE,IAAR;UAAcgE,IAAI,EAAE;QAApB,CADQ,EAER;UAAEhE,IAAI,EAAE,IAAR;UAAcgE,IAAI,EAAE;QAApB,CAFQ,CADR;QAKJC,aAAa,EAAE,IALX;QAMJC,cAAc,EAAE,oBANZ;QAOJC,WAAW,EAAE,iBAPT;QAQJC,OAAO,EAAE,IARL;QASJC,QAAQ,EAAE;MATN,CAFsC;MAa9CvB,IAAI,EAAE;QAAEC,OAAO,EAAE5C,MAAM,CAAC4C;MAAlB;IAbwC,CAApC,CAAd;IAgBA,MAAMuB,QAAQ,GAAG,+BAAjB;IAEA,MAAMC,IAAI,GAAGrE,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQC,IAAxB,EAA8B;MACvCzE,IAAI,EAAEsE,QADiC;MAEvCrE,MAAM,EAAE;QACJyE,gBAAgB,EAAE;UACdxB,OAAO,EAAE,YADK;UAEdC,SAAS,EAAE,CACP;YACII,MAAM,EAAE,gBADZ;YAEIF,SAAS,EAAE;cACPsB,OAAO,EAAE;YADF,CAFf;YAKIvB,MAAM,EAAE;UALZ,CADO;QAFG;MADd;IAF+B,CAA9B,CAAb;IAkBA,MAAMwB,MAAM,GAAGC,gCAAgC,CAAC3E,GAAD,EAAMY,MAAM,CAACoB,MAAb,CAA/C;IAEAhC,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQM,oBAAxB,EAA8C;MAC1C9E,IAAI,EAAG,GAAEsE,QAAS,gCADwB;MAE1CrE,MAAM,EAAE;QACJsE,IAAI,EAAEA,IAAI,CAACrC,MADP;QAEJ6C,SAAS,EAAEH,MAAM,CAAC1C,MAAP,CAAcyB;MAFrB;IAFkC,CAA9C,EA1HqC,CAkIrC;;IACA,IAAIjD,GAAJ,EAAS;MACLR,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQM,oBAAxB,EAA8C;QAC1C9E,IAAI,EAAG,GAAEsE,QAAS,kCADwB;QAE1CrE,MAAM,EAAE;UACJsE,IAAI,EAAEA,IAAI,CAACrC,MADP;UAEJ6C,SAAS,EAAE3D,GAAG,CAACoD,GAAJ,CAAQQ,aAAR,CAAsBC;QAF7B;MAFkC,CAA9C;IAOH,CARD,MAQO;MACH/E,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQM,oBAAxB,EAA8C;QAC1C9E,IAAI,EAAG,GAAEsE,QAAS,8BADwB;QAE1CrE,MAAM,EAAE;UACJsE,IAAI,EAAEA,IAAI,CAACrC,MADP;UAEJ6C,SAAS,EAAE3D,GAAG,CAACoD,GAAJ,CAAQQ,aAAR,CAAsBE;QAF7B;MAFkC,CAA9C;IAOH;;IAEDhF,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQM,oBAAxB,EAA8C;MAC1C9E,IAAI,EAAG,GAAEsE,QAAS,iCADwB;MAE1CrE,MAAM,EAAE;QACJsE,IAAI,EAAEA,IAAI,CAACrC,MADP;QAEJ6C,SAAS,EAAE3D,GAAG,CAACoD,GAAJ,CAAQQ,aAAR,CAAsBG;MAF7B;IAFkC,CAA9C;IAQA;AACR;AACA;AACA;AACA;AACA;;IACQ,MAAMC,MAAM,GAAGlF,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACgE,MAAJ,CAAWC,QAA3B,EAAqC;MAChDrF,IAAI,EAAE,mBAD0C;MAEhDC,MAAM,EAAE;QACJsE,IAAI,EAAEA,IAAI,CAACrC,MAAL,CAAYyB,GADd;QAEJ2B,OAAO,EAAE,YAFL;QAGJC,OAAO,EAAE,iBAHL;QAIJC,OAAO,EAAE,GAJL;QAKJC,UAAU,EAAE,GALR;QAMJC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,KAAK,EAAE1E,MAAM,CAACF,OAAO,CAACP,GAAR,CAAYmF,KAAb,CADN;YAEPC,uBAAuB,EAAE/E,MAAM,CAACoB,MAAP,CAAc4D;UAFhC;QADF,CANT;QAYJC,WAAW,EAAE,0BAZT;QAaJC,IAAI,EAAE,IAAIvC,MAAM,CAACwC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIzC,MAAM,CAACwC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAUnG,GAAG,CAACoG,KAAJ,CAAUC,SAApB,EAA+B,uBAA/B,CADC;QAD2B,CAA9B,CAbF;QAkBJC,SAAS,EAAE9F,GAAG,GACR;UACImB,SAAS,EAAEnB,GAAG,CAACoB,OAAJ,CAAYC,OAAZ,CAAoBC,GAApB,CAAwBC,CAAC,IAAIA,CAAC,CAACC,MAAF,CAASC,EAAtC,CADf;UAEIC,gBAAgB,EAAE,CAAC1B,GAAG,CAACA,GAAJ,CAAQwB,MAAR,CAAeG,sBAAhB;QAFtB,CADQ,GAKRC;MAvBF;IAFwC,CAArC,CAAf;IA6BA,MAAMmE,kBAAkB,GAAGvG,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACgE,MAAJ,CAAWsB,kBAA3B,EAA+C;MACtE1G,IAAI,EAAE,mBADgE;MAEtEC,MAAM,EAAE;QACJ0G,cAAc,EAAE/C,KAAK,CAAC1B,MAAN,CAAa0E,SADzB;QAEJC,YAAY,EAAEzB,MAAM,CAAClD,MAAP,CAAcyB,GAFxB;QAGJmD,gBAAgB,EAAE,QAHd;QAIJC,oBAAoB,EAAE,CAJlB;QAKJC,SAAS,EAAE,IALP;QAMJC,8BAA8B,EAAE;MAN5B;IAF8D,CAA/C,CAA3B;IAYA/G,GAAG,CAACgH,UAAJ,CAAe;MACXC,sBAAsB,EAAErG,MAAM,CAACoB,MAAP,CAAcyB,GAD3B;MAEXyD,2BAA2B,EAAEtG,MAAM,CAACoB,MAAP,CAAc4D,QAFhC;MAGXuB,6BAA6B,EAAEzD,KAAK,CAAC1B,MAAN,CAAayB,GAHjC;MAIX2D,8BAA8B,EAAE1D,KAAK,CAAC1B,MAAN,CAAalC;IAJlC,CAAf;IAOA,OAAO;MACHc,MADG;MAEHC,YAFG;MAGH6C,KAHG;MAIH2D,eAAe,EAAE;QACbhD,IADa;QAEbK,MAFa;QAGbQ,MAHa;QAIbqB;MAJa;IAJd,CAAP;EAWH;;AAhOwC,CAAhB,CAAtB;;;AAmOP,SAAS5B,gCAAT,CACI3E,GADJ,EAEIY,MAFJ,EAGE;EACE,OAAOZ,GAAG,CAACsB,WAAJ,CAAgBJ,GAAG,CAACoD,GAAJ,CAAQgD,MAAxB,EAAgC;IACnCxH,IAAI,EAAE,uCAD6B;IAEnCC,MAAM,EAAE;MACJ8F,WAAW,EAAE,uDADT;MAEJnB,MAAM,EAAE;QACJ1B,OAAO,EAAE,YADL;QAEJC,SAAS,EAAE,CACP;UACIsE,GAAG,EAAE,iBADT;UAEIrE,MAAM,EAAE,OAFZ;UAGIG,MAAM,EAAE,CACJ,iBADI,EAEJ,gBAFI,EAGJ,eAHI,EAIJ,cAJI,CAHZ;UASIC,QAAQ,EAAE,CACNC,MAAM,CAACC,WAAY,GAAE5C,MAAM,CAAC6C,GAAI,EAD1B,EAENF,MAAM,CAACC,WAAY,GAAE5C,MAAM,CAAC6C,GAAI,IAF1B;QATd,CADO;MAFP;IAFJ;EAF2B,CAAhC,CAAP;AAyBH"}
package/apps/customDomain.js CHANGED
@@ -1,32 +1,11 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
4
-
5
3
  Object.defineProperty(exports, "__esModule", {
6
4
  value: true
7
5
  });
8
6
  exports.applyCustomDomain = applyCustomDomain;
9
7
 
10
- var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
11
-
12
- function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
13
-
14
- function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
15
-
16
8
  function applyCustomDomain(cloudfront, params) {
17
- cloudfront.config.defaultCacheBehavior(value => {
18
- var _value$forwardedValue, _value$forwardedValue2, _value$forwardedValue3;
19
-
20
- return _objectSpread(_objectSpread({}, value), {}, {
21
- forwardedValues: _objectSpread(_objectSpread({}, value.forwardedValues), {}, {
22
- queryString: ((_value$forwardedValue = value.forwardedValues) === null || _value$forwardedValue === void 0 ? void 0 : _value$forwardedValue.queryString) || false,
23
- cookies: ((_value$forwardedValue2 = value.forwardedValues) === null || _value$forwardedValue2 === void 0 ? void 0 : _value$forwardedValue2.cookies) || {
24
- forward: "none"
25
- },
26
- headers: [...(((_value$forwardedValue3 = value.forwardedValues) === null || _value$forwardedValue3 === void 0 ? void 0 : _value$forwardedValue3.headers) || []), "Host"]
27
- })
28
- });
29
- });
30
9
  cloudfront.config.aliases(params.domains);
31
10
  cloudfront.config.viewerCertificate({
32
11
  acmCertificateArn: params.acmCertificateArn,
package/apps/customDomain.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["applyCustomDomain","cloudfront","params","config","defaultCacheBehavior","value","forwardedValues","queryString","cookies","forward","headers","aliases","domains","viewerCertificate","acmCertificateArn","sslSupportMethod"],"sources":["customDomain.ts"],"sourcesContent":["import { Input } from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiAppResource } from \"@webiny/pulumi\";\n\nexport interface CustomDomainParams {\n domains: Input<string[]>;\n acmCertificateArn: Input<string>;\n sslSupportMethod?: Input<string>;\n}\n\nexport function applyCustomDomain(\n cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>,\n params: CustomDomainParams\n) {\n cloudfront.config.defaultCacheBehavior(value => {\n return {\n ...value,\n forwardedValues: {\n ...value.forwardedValues,\n queryString: value.forwardedValues?.queryString || false,\n cookies: value.forwardedValues?.cookies || { forward: \"none\" },\n headers: [...(value.forwardedValues?.headers || []), \"Host\"]\n }\n };\n });\n\n cloudfront.config.aliases(params.domains);\n\n cloudfront.config.viewerCertificate({\n acmCertificateArn: params.acmCertificateArn,\n sslSupportMethod: params.sslSupportMethod ?? \"sni-only\"\n });\n}\n"],"mappings":";;;;;;;;;;;;;;;AAUO,SAASA,iBAAT,CACHC,UADG,EAEHC,MAFG,EAGL;EACED,UAAU,CAACE,MAAX,CAAkBC,oBAAlB,CAAuCC,KAAK,IAAI;IAAA;;IAC5C,uCACOA,KADP;MAEIC,eAAe,kCACRD,KAAK,CAACC,eADE;QAEXC,WAAW,EAAE,0BAAAF,KAAK,CAACC,eAAN,gFAAuBC,WAAvB,KAAsC,KAFxC;QAGXC,OAAO,EAAE,2BAAAH,KAAK,CAACC,eAAN,kFAAuBE,OAAvB,KAAkC;UAAEC,OAAO,EAAE;QAAX,CAHhC;QAIXC,OAAO,EAAE,CAAC,IAAI,2BAAAL,KAAK,CAACC,eAAN,kFAAuBI,OAAvB,KAAkC,EAAtC,CAAD,EAA4C,MAA5C;MAJE;IAFnB;EASH,CAVD;EAYAT,UAAU,CAACE,MAAX,CAAkBQ,OAAlB,CAA0BT,MAAM,CAACU,OAAjC;EAEAX,UAAU,CAACE,MAAX,CAAkBU,iBAAlB,CAAoC;IAChCC,iBAAiB,EAAEZ,MAAM,CAACY,iBADM;IAEhCC,gBAAgB,EAAEb,MAAM,CAACa,gBAAP,IAA2B;EAFb,CAApC;AAIH"}
1
+ {"version":3,"names":["applyCustomDomain","cloudfront","params","config","aliases","domains","viewerCertificate","acmCertificateArn","sslSupportMethod"],"sources":["customDomain.ts"],"sourcesContent":["import { Input } from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiAppResource } from \"@webiny/pulumi\";\n\nexport interface CustomDomainParams {\n domains: Input<string[]>;\n acmCertificateArn: Input<string>;\n sslSupportMethod?: Input<string>;\n}\n\nexport function applyCustomDomain(\n cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>,\n params: CustomDomainParams\n) {\n cloudfront.config.aliases(params.domains);\n\n cloudfront.config.viewerCertificate({\n acmCertificateArn: params.acmCertificateArn,\n sslSupportMethod: params.sslSupportMethod ?? \"sni-only\"\n });\n}\n"],"mappings":";;;;;;;AAUO,SAASA,iBAAT,CACHC,UADG,EAEHC,MAFG,EAGL;EACED,UAAU,CAACE,MAAX,CAAkBC,OAAlB,CAA0BF,MAAM,CAACG,OAAjC;EAEAJ,UAAU,CAACE,MAAX,CAAkBG,iBAAlB,CAAoC;IAChCC,iBAAiB,EAAEL,MAAM,CAACK,iBADM;IAEhCC,gBAAgB,EAAEN,MAAM,CAACM,gBAAP,IAA2B;EAFb,CAApC;AAIH"}
package/apps/lambdaUtils.js CHANGED
@@ -74,7 +74,7 @@ function createLambdaRole(app, params) {
74
74
  name: `${params.name}-default-execution-role`,
75
75
  config: {
76
76
  role: role.output,
77
- policyArn: vpc.enabled ? aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole : aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole
77
+ policyArn: vpc.enabled.apply(enabled => enabled ? aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole : aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole)
78
78
  }
79
79
  });
80
80
  return role;
package/apps/lambdaUtils.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createLambdaRole","app","params","role","addResource","aws","iam","Role","name","config","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","policy","RolePolicyAttachment","output","policyArn","arn","executionRole","vpc","getModule","VpcConfig","enabled","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole"],"sources":["lambdaUtils.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiApp } from \"@webiny/pulumi\";\nexport * from \"../utils/lambdaEnvVariables\";\n\nimport { VpcConfig } from \"./common\";\n\ninterface LambdaRoleParams {\n name: string;\n policy?: pulumi.Output<aws.iam.Policy>;\n executionRole?: pulumi.Input<string>;\n}\n\nexport function createLambdaRole(app: PulumiApp, params: LambdaRoleParams) {\n const role = app.addResource(aws.iam.Role, {\n name: params.name,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n if (params.policy) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-policy`,\n config: {\n role: role.output,\n policyArn: params.policy.arn\n }\n });\n }\n\n if (params.executionRole) {\n // If execution role is set, use it.\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-execution-role`,\n config: {\n role: role.output,\n policyArn: params.executionRole\n }\n });\n }\n\n // Add default execution role.\n const vpc = app.getModule(VpcConfig);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-default-execution-role`,\n config: {\n role: role.output,\n policyArn: vpc.enabled\n ? aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n : aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n return role;\n}\n"],"mappings":";;;;;;;;;;AACA;;AAEA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AAEA;;;;;;AAQO,SAASA,gBAAT,CAA0BC,GAA1B,EAA0CC,MAA1C,EAAoE;EACvE,MAAMC,IAAI,GAAGF,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQC,IAAxB,EAA8B;IACvCC,IAAI,EAAEN,MAAM,CAACM,IAD0B;IAEvCC,MAAM,EAAE;MACJC,gBAAgB,EAAE;QACdC,OAAO,EAAE,YADK;QAEdC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBADZ;UAEIC,SAAS,EAAE;YACPC,OAAO,EAAE;UADF,CAFf;UAKIC,MAAM,EAAE;QALZ,CADO;MAFG;IADd;EAF+B,CAA9B,CAAb;;EAkBA,IAAId,MAAM,CAACe,MAAX,EAAmB;IACfhB,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQY,oBAAxB,EAA8C;MAC1CV,IAAI,EAAG,GAAEN,MAAM,CAACM,IAAK,SADqB;MAE1CC,MAAM,EAAE;QACJN,IAAI,EAAEA,IAAI,CAACgB,MADP;QAEJC,SAAS,EAAElB,MAAM,CAACe,MAAP,CAAcI;MAFrB;IAFkC,CAA9C;EAOH;;EAED,IAAInB,MAAM,CAACoB,aAAX,EAA0B;IACtB;IACArB,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQY,oBAAxB,EAA8C;MAC1CV,IAAI,EAAG,GAAEN,MAAM,CAACM,IAAK,iBADqB;MAE1CC,MAAM,EAAE;QACJN,IAAI,EAAEA,IAAI,CAACgB,MADP;QAEJC,SAAS,EAAElB,MAAM,CAACoB;MAFd;IAFkC,CAA9C;EAOH,CAtCsE,CAwCvE;;;EACA,MAAMC,GAAG,GAAGtB,GAAG,CAACuB,SAAJ,CAAcC,iBAAd,CAAZ;EAEAxB,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQY,oBAAxB,EAA8C;IAC1CV,IAAI,EAAG,GAAEN,MAAM,CAACM,IAAK,yBADqB;IAE1CC,MAAM,EAAE;MACJN,IAAI,EAAEA,IAAI,CAACgB,MADP;MAEJC,SAAS,EAAEG,GAAG,CAACG,OAAJ,GACLrB,GAAG,CAACC,GAAJ,CAAQqB,aAAR,CAAsBC,+BADjB,GAELvB,GAAG,CAACC,GAAJ,CAAQqB,aAAR,CAAsBE;IAJxB;EAFkC,CAA9C;EAUA,OAAO1B,IAAP;AACH"}
1
+ {"version":3,"names":["createLambdaRole","app","params","role","addResource","aws","iam","Role","name","config","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","policy","RolePolicyAttachment","output","policyArn","arn","executionRole","vpc","getModule","VpcConfig","enabled","apply","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole"],"sources":["lambdaUtils.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiApp } from \"@webiny/pulumi\";\nexport * from \"../utils/lambdaEnvVariables\";\n\nimport { VpcConfig } from \"./common\";\n\ninterface LambdaRoleParams {\n name: string;\n policy?: pulumi.Output<aws.iam.Policy>;\n executionRole?: pulumi.Input<string>;\n}\n\nexport function createLambdaRole(app: PulumiApp, params: LambdaRoleParams) {\n const role = app.addResource(aws.iam.Role, {\n name: params.name,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n if (params.policy) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-policy`,\n config: {\n role: role.output,\n policyArn: params.policy.arn\n }\n });\n }\n\n if (params.executionRole) {\n // If execution role is set, use it.\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-execution-role`,\n config: {\n role: role.output,\n policyArn: params.executionRole\n }\n });\n }\n\n // Add default execution role.\n const vpc = app.getModule(VpcConfig);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-default-execution-role`,\n config: {\n role: role.output,\n policyArn: vpc.enabled.apply(enabled =>\n enabled\n ? aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n : aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n )\n }\n });\n\n return role;\n}\n"],"mappings":";;;;;;;;;;AACA;;AAEA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AAEA;;;;;;AAQO,SAASA,gBAAT,CAA0BC,GAA1B,EAA0CC,MAA1C,EAAoE;EACvE,MAAMC,IAAI,GAAGF,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQC,IAAxB,EAA8B;IACvCC,IAAI,EAAEN,MAAM,CAACM,IAD0B;IAEvCC,MAAM,EAAE;MACJC,gBAAgB,EAAE;QACdC,OAAO,EAAE,YADK;QAEdC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBADZ;UAEIC,SAAS,EAAE;YACPC,OAAO,EAAE;UADF,CAFf;UAKIC,MAAM,EAAE;QALZ,CADO;MAFG;IADd;EAF+B,CAA9B,CAAb;;EAkBA,IAAId,MAAM,CAACe,MAAX,EAAmB;IACfhB,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQY,oBAAxB,EAA8C;MAC1CV,IAAI,EAAG,GAAEN,MAAM,CAACM,IAAK,SADqB;MAE1CC,MAAM,EAAE;QACJN,IAAI,EAAEA,IAAI,CAACgB,MADP;QAEJC,SAAS,EAAElB,MAAM,CAACe,MAAP,CAAcI;MAFrB;IAFkC,CAA9C;EAOH;;EAED,IAAInB,MAAM,CAACoB,aAAX,EAA0B;IACtB;IACArB,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQY,oBAAxB,EAA8C;MAC1CV,IAAI,EAAG,GAAEN,MAAM,CAACM,IAAK,iBADqB;MAE1CC,MAAM,EAAE;QACJN,IAAI,EAAEA,IAAI,CAACgB,MADP;QAEJC,SAAS,EAAElB,MAAM,CAACoB;MAFd;IAFkC,CAA9C;EAOH,CAtCsE,CAwCvE;;;EACA,MAAMC,GAAG,GAAGtB,GAAG,CAACuB,SAAJ,CAAcC,iBAAd,CAAZ;EAEAxB,GAAG,CAACG,WAAJ,CAAgBC,GAAG,CAACC,GAAJ,CAAQY,oBAAxB,EAA8C;IAC1CV,IAAI,EAAG,GAAEN,MAAM,CAACM,IAAK,yBADqB;IAE1CC,MAAM,EAAE;MACJN,IAAI,EAAEA,IAAI,CAACgB,MADP;MAEJC,SAAS,EAAEG,GAAG,CAACG,OAAJ,CAAYC,KAAZ,CAAkBD,OAAO,IAChCA,OAAO,GACDrB,GAAG,CAACC,GAAJ,CAAQsB,aAAR,CAAsBC,+BADrB,GAEDxB,GAAG,CAACC,GAAJ,CAAQsB,aAAR,CAAsBE,2BAHrB;IAFP;EAFkC,CAA9C;EAYA,OAAO3B,IAAP;AACH"}
package/apps/tenantRouter.js CHANGED
@@ -98,7 +98,17 @@ function applyTenantRouter(app, cloudfront) {
98
98
  });
99
99
  });
100
100
  cloudfront.config.defaultCacheBehavior(value => {
101
+ var _value$forwardedValue, _value$forwardedValue2, _value$forwardedValue3;
102
+
101
103
  return _objectSpread(_objectSpread({}, value), {}, {
104
+ // We need to forward the `Host` header so the Lambda@Edge knows what custom domain was requested.
105
+ forwardedValues: _objectSpread(_objectSpread({}, value.forwardedValues), {}, {
106
+ queryString: ((_value$forwardedValue = value.forwardedValues) === null || _value$forwardedValue === void 0 ? void 0 : _value$forwardedValue.queryString) || false,
107
+ cookies: ((_value$forwardedValue2 = value.forwardedValues) === null || _value$forwardedValue2 === void 0 ? void 0 : _value$forwardedValue2.cookies) || {
108
+ forward: "none"
109
+ },
110
+ headers: [...(((_value$forwardedValue3 = value.forwardedValues) === null || _value$forwardedValue3 === void 0 ? void 0 : _value$forwardedValue3.headers) || []), "Host"]
111
+ }),
102
112
  lambdaFunctionAssociations: [...(value.lambdaFunctionAssociations || []), {
103
113
  eventType: "origin-request",
104
114
  includeBody: false,
package/apps/tenantRouter.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createFunctionArchive","dynamoDbTable","region","handler","readFileSync","__dirname","source","replace","pulumi","asset","AssetArchive","StringAsset","PREFIX","applyTenantRouter","app","cloudfront","String","process","env","AWS_REGION","core","getModule","CoreOutput","primaryDynamodbTableName","inlinePolicies","all","aws","getCallerIdentity","apply","identity","name","policy","JSON","stringify","Version","Statement","Sid","Effect","Action","Resource","accountId","role","addResource","iam","Role","config","managedPolicyArns","ManagedPolicies","AWSLambdaBasicExecutionRole","assumeRolePolicy","Principal","Principals","LambdaPrincipal","EdgeLambdaPrincipal","originLambda","addHandler","awsUsEast1","Provider","lambda","Function","publish","runtime","output","arn","timeout","memorySize","code","provider","defaultCacheBehavior","value","lambdaFunctionAssociations","eventType","includeBody","lambdaArn","qualifiedArn"],"sources":["tenantRouter.ts"],"sourcesContent":["import { readFileSync } from \"fs\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiApp, PulumiAppResource } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"./common\";\n\ninterface Params {\n region: string;\n dynamoDbTable: string;\n}\n\nfunction createFunctionArchive({ dynamoDbTable, region }: Params) {\n const handler = readFileSync(\n __dirname + \"/../components/tenantRouter/functions/origin/request.js\",\n \"utf-8\"\n );\n\n const source = handler\n .replace(\"{DB_TABLE_NAME}\", dynamoDbTable)\n .replace(\"{DB_TABLE_REGION}\", region);\n\n return new pulumi.asset.AssetArchive({\n \"index.js\": new pulumi.asset.StringAsset(source)\n });\n}\n\nconst PREFIX = \"website-router\";\n\nexport function applyTenantRouter(\n app: PulumiApp,\n cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>\n) {\n const region = String(process.env.AWS_REGION);\n\n // Get Core app output\n const core = app.getModule(CoreOutput);\n\n // `primaryDynamodbTableName` is a string, hence the type cast here.\n const dynamoDbTable = core.primaryDynamodbTableName;\n\n // Because of JSON.stringify, we need to resolve promises upfront.\n const inlinePolicies = pulumi\n .all([aws.getCallerIdentity({}), dynamoDbTable])\n .apply(([identity, dynamoDbTable]) => [\n {\n name: \"tenant-router-policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}`,\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}/*`\n ]\n }\n ]\n })\n }\n ]);\n\n const role = app.addResource(aws.iam.Role, {\n name: `${PREFIX}-role`,\n config: {\n inlinePolicies,\n managedPolicyArns: [aws.iam.ManagedPolicies.AWSLambdaBasicExecutionRole],\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.LambdaPrincipal,\n Effect: \"Allow\"\n },\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.EdgeLambdaPrincipal,\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const originLambda = app.addHandler(() => {\n const awsUsEast1 = new aws.Provider(\"us-east-1\", { region: \"us-east-1\" });\n\n return new aws.lambda.Function(\n `${PREFIX}-origin-request`,\n {\n publish: true,\n runtime: \"nodejs14.x\",\n handler: \"index.handler\",\n role: role.output.arn,\n timeout: 5,\n memorySize: 128,\n code: dynamoDbTable.apply(dynamoDbTable => {\n return createFunctionArchive({\n region,\n dynamoDbTable\n });\n })\n },\n {\n provider: awsUsEast1\n }\n );\n });\n\n cloudfront.config.defaultCacheBehavior(value => {\n return {\n ...value,\n lambdaFunctionAssociations: [\n ...(value.lambdaFunctionAssociations || []),\n {\n eventType: \"origin-request\",\n includeBody: false,\n lambdaArn: originLambda.qualifiedArn\n }\n ]\n };\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAEA;;;;;;;;;;AAOA,SAASA,qBAAT,CAA+B;EAAEC,aAAF;EAAiBC;AAAjB,CAA/B,EAAkE;EAC9D,MAAMC,OAAO,GAAG,IAAAC,gBAAA,EACZC,SAAS,GAAG,yDADA,EAEZ,OAFY,CAAhB;EAKA,MAAMC,MAAM,GAAGH,OAAO,CACjBI,OADU,CACF,iBADE,EACiBN,aADjB,EAEVM,OAFU,CAEF,mBAFE,EAEmBL,MAFnB,CAAf;EAIA,OAAO,IAAIM,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;IACjC,YAAY,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CAA6BL,MAA7B;EADqB,CAA9B,CAAP;AAGH;;AAED,MAAMM,MAAM,GAAG,gBAAf;;AAEO,SAASC,iBAAT,CACHC,GADG,EAEHC,UAFG,EAGL;EACE,MAAMb,MAAM,GAAGc,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYC,UAAb,CAArB,CADF,CAGE;;EACA,MAAMC,IAAI,GAAGN,GAAG,CAACO,SAAJ,CAAcC,kBAAd,CAAb,CAJF,CAME;;EACA,MAAMrB,aAAa,GAAGmB,IAAI,CAACG,wBAA3B,CAPF,CASE;;EACA,MAAMC,cAAc,GAAGhB,MAAM,CACxBiB,GADkB,CACd,CAACC,GAAG,CAACC,iBAAJ,CAAsB,EAAtB,CAAD,EAA4B1B,aAA5B,CADc,EAElB2B,KAFkB,CAEZ,CAAC,CAACC,QAAD,EAAW5B,aAAX,CAAD,KAA+B,CAClC;IACI6B,IAAI,EAAE,sBADV;IAEIC,MAAM,EAAEC,IAAI,CAACC,SAAL,CAAe;MACnBC,OAAO,EAAE,YADU;MAEnBC,SAAS,EAAE,CACP;QACIC,GAAG,EAAE,uBADT;QAEIC,MAAM,EAAE,OAFZ;QAGIC,MAAM,EAAE,CAAC,kBAAD,EAAqB,gBAArB,CAHZ;QAIIC,QAAQ,EAAE,CACL,oBAAmBrC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,EADlE,EAEL,oBAAmBC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,IAFlE;MAJd,CADO;IAFQ,CAAf;EAFZ,CADkC,CAFnB,CAAvB;EAsBA,MAAMwC,IAAI,GAAG3B,GAAG,CAAC4B,WAAJ,CAAgBhB,GAAG,CAACiB,GAAJ,CAAQC,IAAxB,EAA8B;IACvCd,IAAI,EAAG,GAAElB,MAAO,OADuB;IAEvCiC,MAAM,EAAE;MACJrB,cADI;MAEJsB,iBAAiB,EAAE,CAACpB,GAAG,CAACiB,GAAJ,CAAQI,eAAR,CAAwBC,2BAAzB,CAFf;MAGJC,gBAAgB,EAAE;QACdf,OAAO,EAAE,YADK;QAEdC,SAAS,EAAE,CACP;UACIG,MAAM,EAAE,gBADZ;UAEIY,SAAS,EAAExB,GAAG,CAACiB,GAAJ,CAAQQ,UAAR,CAAmBC,eAFlC;UAGIf,MAAM,EAAE;QAHZ,CADO,EAMP;UACIC,MAAM,EAAE,gBADZ;UAEIY,SAAS,EAAExB,GAAG,CAACiB,GAAJ,CAAQQ,UAAR,CAAmBE,mBAFlC;UAGIhB,MAAM,EAAE;QAHZ,CANO;MAFG;IAHd;EAF+B,CAA9B,CAAb;EAuBA,MAAMiB,YAAY,GAAGxC,GAAG,CAACyC,UAAJ,CAAe,MAAM;IACtC,MAAMC,UAAU,GAAG,IAAI9B,GAAG,CAAC+B,QAAR,CAAiB,WAAjB,EAA8B;MAAEvD,MAAM,EAAE;IAAV,CAA9B,CAAnB;IAEA,OAAO,IAAIwB,GAAG,CAACgC,MAAJ,CAAWC,QAAf,CACF,GAAE/C,MAAO,iBADP,EAEH;MACIgD,OAAO,EAAE,IADb;MAEIC,OAAO,EAAE,YAFb;MAGI1D,OAAO,EAAE,eAHb;MAIIsC,IAAI,EAAEA,IAAI,CAACqB,MAAL,CAAYC,GAJtB;MAKIC,OAAO,EAAE,CALb;MAMIC,UAAU,EAAE,GANhB;MAOIC,IAAI,EAAEjE,aAAa,CAAC2B,KAAd,CAAoB3B,aAAa,IAAI;QACvC,OAAOD,qBAAqB,CAAC;UACzBE,MADyB;UAEzBD;QAFyB,CAAD,CAA5B;MAIH,CALK;IAPV,CAFG,EAgBH;MACIkE,QAAQ,EAAEX;IADd,CAhBG,CAAP;EAoBH,CAvBoB,CAArB;EAyBAzC,UAAU,CAAC8B,MAAX,CAAkBuB,oBAAlB,CAAuCC,KAAK,IAAI;IAC5C,uCACOA,KADP;MAEIC,0BAA0B,EAAE,CACxB,IAAID,KAAK,CAACC,0BAAN,IAAoC,EAAxC,CADwB,EAExB;QACIC,SAAS,EAAE,gBADf;QAEIC,WAAW,EAAE,KAFjB;QAGIC,SAAS,EAAEnB,YAAY,CAACoB;MAH5B,CAFwB;IAFhC;EAWH,CAZD;AAaH"}
1
+ {"version":3,"names":["createFunctionArchive","dynamoDbTable","region","handler","readFileSync","__dirname","source","replace","pulumi","asset","AssetArchive","StringAsset","PREFIX","applyTenantRouter","app","cloudfront","String","process","env","AWS_REGION","core","getModule","CoreOutput","primaryDynamodbTableName","inlinePolicies","all","aws","getCallerIdentity","apply","identity","name","policy","JSON","stringify","Version","Statement","Sid","Effect","Action","Resource","accountId","role","addResource","iam","Role","config","managedPolicyArns","ManagedPolicies","AWSLambdaBasicExecutionRole","assumeRolePolicy","Principal","Principals","LambdaPrincipal","EdgeLambdaPrincipal","originLambda","addHandler","awsUsEast1","Provider","lambda","Function","publish","runtime","output","arn","timeout","memorySize","code","provider","defaultCacheBehavior","value","forwardedValues","queryString","cookies","forward","headers","lambdaFunctionAssociations","eventType","includeBody","lambdaArn","qualifiedArn"],"sources":["tenantRouter.ts"],"sourcesContent":["import { readFileSync } from \"fs\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiApp, PulumiAppResource } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"./common\";\n\ninterface Params {\n region: string;\n dynamoDbTable: string;\n}\n\nfunction createFunctionArchive({ dynamoDbTable, region }: Params) {\n const handler = readFileSync(\n __dirname + \"/../components/tenantRouter/functions/origin/request.js\",\n \"utf-8\"\n );\n\n const source = handler\n .replace(\"{DB_TABLE_NAME}\", dynamoDbTable)\n .replace(\"{DB_TABLE_REGION}\", region);\n\n return new pulumi.asset.AssetArchive({\n \"index.js\": new pulumi.asset.StringAsset(source)\n });\n}\n\nconst PREFIX = \"website-router\";\n\nexport function applyTenantRouter(\n app: PulumiApp,\n cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>\n) {\n const region = String(process.env.AWS_REGION);\n\n // Get Core app output\n const core = app.getModule(CoreOutput);\n\n // `primaryDynamodbTableName` is a string, hence the type cast here.\n const dynamoDbTable = core.primaryDynamodbTableName;\n\n // Because of JSON.stringify, we need to resolve promises upfront.\n const inlinePolicies = pulumi\n .all([aws.getCallerIdentity({}), dynamoDbTable])\n .apply(([identity, dynamoDbTable]) => [\n {\n name: \"tenant-router-policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}`,\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}/*`\n ]\n }\n ]\n })\n }\n ]);\n\n const role = app.addResource(aws.iam.Role, {\n name: `${PREFIX}-role`,\n config: {\n inlinePolicies,\n managedPolicyArns: [aws.iam.ManagedPolicies.AWSLambdaBasicExecutionRole],\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.LambdaPrincipal,\n Effect: \"Allow\"\n },\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.EdgeLambdaPrincipal,\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const originLambda = app.addHandler(() => {\n const awsUsEast1 = new aws.Provider(\"us-east-1\", { region: \"us-east-1\" });\n\n return new aws.lambda.Function(\n `${PREFIX}-origin-request`,\n {\n publish: true,\n runtime: \"nodejs14.x\",\n handler: \"index.handler\",\n role: role.output.arn,\n timeout: 5,\n memorySize: 128,\n code: dynamoDbTable.apply(dynamoDbTable => {\n return createFunctionArchive({\n region,\n dynamoDbTable\n });\n })\n },\n {\n provider: awsUsEast1\n }\n );\n });\n\n cloudfront.config.defaultCacheBehavior(value => {\n return {\n ...value,\n // We need to forward the `Host` header so the Lambda@Edge knows what custom domain was requested.\n forwardedValues: {\n ...value.forwardedValues,\n queryString: value.forwardedValues?.queryString || false,\n cookies: value.forwardedValues?.cookies || { forward: \"none\" },\n headers: [...(value.forwardedValues?.headers || []), \"Host\"]\n },\n lambdaFunctionAssociations: [\n ...(value.lambdaFunctionAssociations || []),\n {\n eventType: \"origin-request\",\n includeBody: false,\n lambdaArn: originLambda.qualifiedArn\n }\n ]\n };\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAEA;;;;;;;;;;AAOA,SAASA,qBAAT,CAA+B;EAAEC,aAAF;EAAiBC;AAAjB,CAA/B,EAAkE;EAC9D,MAAMC,OAAO,GAAG,IAAAC,gBAAA,EACZC,SAAS,GAAG,yDADA,EAEZ,OAFY,CAAhB;EAKA,MAAMC,MAAM,GAAGH,OAAO,CACjBI,OADU,CACF,iBADE,EACiBN,aADjB,EAEVM,OAFU,CAEF,mBAFE,EAEmBL,MAFnB,CAAf;EAIA,OAAO,IAAIM,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;IACjC,YAAY,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CAA6BL,MAA7B;EADqB,CAA9B,CAAP;AAGH;;AAED,MAAMM,MAAM,GAAG,gBAAf;;AAEO,SAASC,iBAAT,CACHC,GADG,EAEHC,UAFG,EAGL;EACE,MAAMb,MAAM,GAAGc,MAAM,CAACC,OAAO,CAACC,GAAR,CAAYC,UAAb,CAArB,CADF,CAGE;;EACA,MAAMC,IAAI,GAAGN,GAAG,CAACO,SAAJ,CAAcC,kBAAd,CAAb,CAJF,CAME;;EACA,MAAMrB,aAAa,GAAGmB,IAAI,CAACG,wBAA3B,CAPF,CASE;;EACA,MAAMC,cAAc,GAAGhB,MAAM,CACxBiB,GADkB,CACd,CAACC,GAAG,CAACC,iBAAJ,CAAsB,EAAtB,CAAD,EAA4B1B,aAA5B,CADc,EAElB2B,KAFkB,CAEZ,CAAC,CAACC,QAAD,EAAW5B,aAAX,CAAD,KAA+B,CAClC;IACI6B,IAAI,EAAE,sBADV;IAEIC,MAAM,EAAEC,IAAI,CAACC,SAAL,CAAe;MACnBC,OAAO,EAAE,YADU;MAEnBC,SAAS,EAAE,CACP;QACIC,GAAG,EAAE,uBADT;QAEIC,MAAM,EAAE,OAFZ;QAGIC,MAAM,EAAE,CAAC,kBAAD,EAAqB,gBAArB,CAHZ;QAIIC,QAAQ,EAAE,CACL,oBAAmBrC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,EADlE,EAEL,oBAAmBC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,IAFlE;MAJd,CADO;IAFQ,CAAf;EAFZ,CADkC,CAFnB,CAAvB;EAsBA,MAAMwC,IAAI,GAAG3B,GAAG,CAAC4B,WAAJ,CAAgBhB,GAAG,CAACiB,GAAJ,CAAQC,IAAxB,EAA8B;IACvCd,IAAI,EAAG,GAAElB,MAAO,OADuB;IAEvCiC,MAAM,EAAE;MACJrB,cADI;MAEJsB,iBAAiB,EAAE,CAACpB,GAAG,CAACiB,GAAJ,CAAQI,eAAR,CAAwBC,2BAAzB,CAFf;MAGJC,gBAAgB,EAAE;QACdf,OAAO,EAAE,YADK;QAEdC,SAAS,EAAE,CACP;UACIG,MAAM,EAAE,gBADZ;UAEIY,SAAS,EAAExB,GAAG,CAACiB,GAAJ,CAAQQ,UAAR,CAAmBC,eAFlC;UAGIf,MAAM,EAAE;QAHZ,CADO,EAMP;UACIC,MAAM,EAAE,gBADZ;UAEIY,SAAS,EAAExB,GAAG,CAACiB,GAAJ,CAAQQ,UAAR,CAAmBE,mBAFlC;UAGIhB,MAAM,EAAE;QAHZ,CANO;MAFG;IAHd;EAF+B,CAA9B,CAAb;EAuBA,MAAMiB,YAAY,GAAGxC,GAAG,CAACyC,UAAJ,CAAe,MAAM;IACtC,MAAMC,UAAU,GAAG,IAAI9B,GAAG,CAAC+B,QAAR,CAAiB,WAAjB,EAA8B;MAAEvD,MAAM,EAAE;IAAV,CAA9B,CAAnB;IAEA,OAAO,IAAIwB,GAAG,CAACgC,MAAJ,CAAWC,QAAf,CACF,GAAE/C,MAAO,iBADP,EAEH;MACIgD,OAAO,EAAE,IADb;MAEIC,OAAO,EAAE,YAFb;MAGI1D,OAAO,EAAE,eAHb;MAIIsC,IAAI,EAAEA,IAAI,CAACqB,MAAL,CAAYC,GAJtB;MAKIC,OAAO,EAAE,CALb;MAMIC,UAAU,EAAE,GANhB;MAOIC,IAAI,EAAEjE,aAAa,CAAC2B,KAAd,CAAoB3B,aAAa,IAAI;QACvC,OAAOD,qBAAqB,CAAC;UACzBE,MADyB;UAEzBD;QAFyB,CAAD,CAA5B;MAIH,CALK;IAPV,CAFG,EAgBH;MACIkE,QAAQ,EAAEX;IADd,CAhBG,CAAP;EAoBH,CAvBoB,CAArB;EAyBAzC,UAAU,CAAC8B,MAAX,CAAkBuB,oBAAlB,CAAuCC,KAAK,IAAI;IAAA;;IAC5C,uCACOA,KADP;MAEI;MACAC,eAAe,kCACRD,KAAK,CAACC,eADE;QAEXC,WAAW,EAAE,0BAAAF,KAAK,CAACC,eAAN,gFAAuBC,WAAvB,KAAsC,KAFxC;QAGXC,OAAO,EAAE,2BAAAH,KAAK,CAACC,eAAN,kFAAuBE,OAAvB,KAAkC;UAAEC,OAAO,EAAE;QAAX,CAHhC;QAIXC,OAAO,EAAE,CAAC,IAAI,2BAAAL,KAAK,CAACC,eAAN,kFAAuBI,OAAvB,KAAkC,EAAtC,CAAD,EAA4C,MAA5C;MAJE,EAHnB;MASIC,0BAA0B,EAAE,CACxB,IAAIN,KAAK,CAACM,0BAAN,IAAoC,EAAxC,CADwB,EAExB;QACIC,SAAS,EAAE,gBADf;QAEIC,WAAW,EAAE,KAFjB;QAGIC,SAAS,EAAExB,YAAY,CAACyB;MAH5B,CAFwB;IAThC;EAkBH,CAnBD;AAoBH"}
package/apps/website/createWebsitePulumiApp.d.ts CHANGED
@@ -4,8 +4,14 @@ import { PulumiAppParamCallback, PulumiAppParam } from "@webiny/pulumi";
4
4
  import { CustomDomainParams } from "../customDomain";
5
5
  export declare type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;
6
6
  export interface CreateWebsitePulumiAppParams {
7
- /** Custom domain configuration */
7
+ /**
8
+ * Custom domain(s) configuration.
9
+ */
8
10
  domains?: PulumiAppParamCallback<CustomDomainParams>;
11
+ /**
12
+ * Custom preview domain(s) configuration.
13
+ */
14
+ previewDomains?: PulumiAppParamCallback<CustomDomainParams>;
9
15
  /**
10
16
  * Enables or disables VPC for the API.
11
17
  * For VPC to work you also have to enable it in the `core` application.
package/apps/website/createWebsitePulumiApp.js CHANGED
@@ -193,7 +193,13 @@ const createWebsitePulumiApp = (projectAppParams = {}) => {
193
193
  (0, _customDomain.applyCustomDomain)(deliveryCloudfront, domains);
194
194
  }
195
195
 
196
- if (process.env.WCP_PROJECT_ENVIRONMENT) {
196
+ const previewDomains = app.getParam(projectAppParams.previewDomains);
197
+
198
+ if (previewDomains) {
199
+ (0, _customDomain.applyCustomDomain)(appCloudfront, previewDomains);
200
+ }
201
+
202
+ if (process.env.WCP_PROJECT_ENVIRONMENT || process.env.WEBINY_MULTI_TENANCY === "true") {
197
203
  (0, _tenantRouter.applyTenantRouter)(app, deliveryCloudfront);
198
204
  }
199
205
 
package/apps/website/createWebsitePulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createWebsitePulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","pulumi","addHandler","core","addModule","CoreOutput","VpcConfig","enabled","getParam","vpc","appBucket","createPrivateAppBucket","appCloudfront","addResource","aws","cloudfront","Distribution","waitForDeployment","origins","origin","defaultRootObject","defaultCacheBehavior","compress","targetOriginId","originId","viewerProtocolPolicy","allowedMethods","cachedMethods","forwardedValues","cookies","forward","queryString","minTtl","defaultTtl","maxTtl","priceClass","customErrorResponses","errorCode","responseCode","responsePagePath","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","deliveryBucket","viewerRequest","Function","runtime","publish","code","fs","readFileSync","__dirname","deliveryCloudfront","originRequestPolicyId","functionAssociations","functionArn","output","arn","eventType","orderedCacheBehaviors","headers","pathPattern","prerendering","createPrerenderingService","dbTableName","primaryDynamodbTableName","dbTableHashKey","primaryDynamodbTableHashKey","dbTableRangeKey","primaryDynamodbTableRangeKey","appUrl","interpolate","domainName","deliveryUrl","bucket","cloudfrontId","id","domains","applyCustomDomain","process","env","WCP_PROJECT_ENVIRONMENT","applyTenantRouter","addOutputs","appId","appStorage","apply","value","appDomain","deliveryId","deliveryStorage","deliveryDomain","tagResources","WbyProjectName","String","WbyEnvironment","delivery","withCommonLambdaEnvVariables"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport fs from \"fs\";\nimport { createPulumiApp, PulumiAppParamCallback, PulumiAppParam } from \"@webiny/pulumi\";\nimport { createPrivateAppBucket } from \"../createAppBucket\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\nimport { createPrerenderingService } from \"./WebsitePrerendering\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { tagResources, withCommonLambdaEnvVariables } from \"~/utils\";\nimport { applyTenantRouter } from \"~/apps/tenantRouter\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport interface CreateWebsitePulumiAppParams {\n /** Custom domain configuration */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the `core` application.\n */\n vpc?: PulumiAppParam<boolean | undefined>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: WebsitePulumiApp) => void | Promise<void>;\n}\n\nexport const createWebsitePulumiApp = (projectAppParams: CreateWebsitePulumiAppParams = {}) => {\n const app = createPulumiApp({\n name: \"website\",\n path: \"apps/website\",\n config: projectAppParams,\n program: async app => {\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as WebsitePulumiApp);\n });\n }\n\n // Register core output as a module available for all other modules\n const core = app.addModule(CoreOutput);\n\n // Register VPC config module to be available to other modules\n app.addModule(VpcConfig, {\n enabled: app.getParam(projectAppParams.vpc)\n });\n\n const appBucket = createPrivateAppBucket(app, \"app\");\n\n const appCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"app\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: appBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: false\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 0\n },\n priceClass: \"PriceClass_100\",\n customErrorResponses: [\n { errorCode: 404, responseCode: 404, responsePagePath: \"/index.html\" }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const deliveryBucket = createPrivateAppBucket(app, \"delivery\");\n\n /**\n * We need to have a Cloudfront Function to perform a simple request rewrite, so the request always includes\n * an \"/index.html\". This is necessary because our buckets are not \"website\" buckets, and we need to\n * have an exact object key when requesting page paths.\n */\n const viewerRequest = app.addResource(aws.cloudfront.Function, {\n name: \"cfViewerRequest\",\n config: {\n runtime: \"cloudfront-js-1.0\",\n publish: true,\n code: fs.readFileSync(__dirname + `/deliveryViewerRequest.js`, \"utf8\")\n }\n });\n\n const deliveryCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"delivery\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [deliveryBucket.origin, appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: deliveryBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n originRequestPolicyId: \"\",\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 30,\n maxTtl: 30,\n functionAssociations: [\n { functionArn: viewerRequest.output.arn, eventType: \"viewer-request\" }\n ]\n },\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/static/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId,\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 2592000, // 30 days\n maxTtl: 2592000\n }\n ],\n customErrorResponses: [\n {\n errorCode: 404,\n responseCode: 404,\n responsePagePath: \"/_NOT_FOUND_PAGE_/index.html\"\n }\n ],\n priceClass: \"PriceClass_100\",\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const prerendering = createPrerenderingService(app, {\n dbTableName: core.primaryDynamodbTableName,\n dbTableHashKey: core.primaryDynamodbTableHashKey,\n dbTableRangeKey: core.primaryDynamodbTableRangeKey,\n appUrl: pulumi.interpolate`https://${appCloudfront.output.domainName}`,\n deliveryUrl: pulumi.interpolate`https://${deliveryCloudfront.output.domainName}`,\n bucket: deliveryBucket.bucket.output.bucket,\n cloudfrontId: deliveryCloudfront.output.id\n });\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(deliveryCloudfront, domains);\n }\n\n if (process.env.WCP_PROJECT_ENVIRONMENT) {\n applyTenantRouter(app, deliveryCloudfront);\n }\n\n app.addOutputs({\n // Cloudfront and S3 bucket used to host the single-page application (SPA). The URL of the distribution is mainly\n // utilized by the Page Builder app's prerendering engine. Using this URL, it accesses the SPA and creates HTML snapshots.\n // The files that are generated in that process are stored in the `deliveryStorage` S3 bucket further below.\n appId: appCloudfront.output.id,\n appStorage: appBucket.bucket.output.id,\n appUrl: appCloudfront.output.domainName.apply(value => `https://${value}`),\n appDomain: appCloudfront.output.domainName,\n // These are the Cloudfront and S3 bucket that will deliver static pages to the actual website visitors.\n // The static HTML snapshots delivered from them still rely on the app's S3 bucket\n // defined above, for serving static assets (JS, CSS, images).\n deliveryId: deliveryCloudfront.output.id,\n deliveryStorage: deliveryBucket.bucket.output.id,\n deliveryDomain: deliveryCloudfront.output.domainName,\n deliveryUrl: deliveryCloudfront.output.domainName.apply(value => `https://${value}`)\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n prerendering,\n app: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n delivery: {\n ...deliveryBucket,\n cloudfront: deliveryCloudfront\n }\n };\n }\n });\n\n return withCommonLambdaEnvVariables(app);\n};\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;;;;;AAqBO,MAAMA,sBAAsB,GAAG,CAACC,gBAA8C,GAAG,EAAlD,KAAyD;EAC3F,MAAMC,GAAG,GAAG,IAAAC,wBAAA,EAAgB;IACxBC,IAAI,EAAE,SADkB;IAExBC,IAAI,EAAE,cAFkB;IAGxBC,MAAM,EAAEL,gBAHgB;IAIxBM,OAAO,EAAE,MAAML,GAAN,IAAa;MAClB;MACA;MACA,IAAID,gBAAgB,CAACO,MAArB,EAA6B;QACzBN,GAAG,CAACO,UAAJ,CAAe,MAAM;UACjB,OAAOR,gBAAgB,CAACO,MAAjB,CAAyBN,GAAzB,CAAP;QACH,CAFD;MAGH,CAPiB,CASlB;;;MACA,MAAMQ,IAAI,GAAGR,GAAG,CAACS,SAAJ,CAAcC,YAAd,CAAb,CAVkB,CAYlB;;MACAV,GAAG,CAACS,SAAJ,CAAcE,WAAd,EAAyB;QACrBC,OAAO,EAAEZ,GAAG,CAACa,QAAJ,CAAad,gBAAgB,CAACe,GAA9B;MADY,CAAzB;MAIA,MAAMC,SAAS,GAAG,IAAAC,uCAAA,EAAuBhB,GAAvB,EAA4B,KAA5B,CAAlB;MAEA,MAAMiB,aAAa,GAAGjB,GAAG,CAACkB,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAeC,YAA/B,EAA6C;QAC/DnB,IAAI,EAAE,KADyD;QAE/DE,MAAM,EAAE;UACJQ,OAAO,EAAE,IADL;UAEJU,iBAAiB,EAAE,IAFf;UAGJC,OAAO,EAAE,CAACR,SAAS,CAACS,MAAX,CAHL;UAIJC,iBAAiB,EAAE,YAJf;UAKJC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IADQ;YAElBC,cAAc,EAAEb,SAAS,CAACS,MAAV,CAAiBK,QAFf;YAGlBC,oBAAoB,EAAE,mBAHJ;YAIlBC,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAJE;YAKlBC,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CALG;YAMlBC,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAX,CADI;cAEbC,WAAW,EAAE;YAFA,CANC;YAUlB;YACAC,MAAM,EAAE,CAXU;YAYlBC,UAAU,EAAE,CAZM;YAalBC,MAAM,EAAE;UAbU,CALlB;UAoBJC,UAAU,EAAE,gBApBR;UAqBJC,oBAAoB,EAAE,CAClB;YAAEC,SAAS,EAAE,GAAb;YAAkBC,YAAY,EAAE,GAAhC;YAAqCC,gBAAgB,EAAE;UAAvD,CADkB,CArBlB;UAwBJC,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YADL;UADN,CAxBV;UA6BJC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UADf;QA7Bf;MAFuD,CAA7C,CAAtB;MAqCA,MAAMC,cAAc,GAAG,IAAAlC,uCAAA,EAAuBhB,GAAvB,EAA4B,UAA5B,CAAvB;MAEA;AACZ;AACA;AACA;AACA;;MACY,MAAMmD,aAAa,GAAGnD,GAAG,CAACkB,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAegC,QAA/B,EAAyC;QAC3DlD,IAAI,EAAE,iBADqD;QAE3DE,MAAM,EAAE;UACJiD,OAAO,EAAE,mBADL;UAEJC,OAAO,EAAE,IAFL;UAGJC,IAAI,EAAEC,WAAA,CAAGC,YAAH,CAAgBC,SAAS,GAAI,2BAA7B,EAAyD,MAAzD;QAHF;MAFmD,CAAzC,CAAtB;MASA,MAAMC,kBAAkB,GAAG3D,GAAG,CAACkB,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAeC,YAA/B,EAA6C;QACpEnB,IAAI,EAAE,UAD8D;QAEpEE,MAAM,EAAE;UACJQ,OAAO,EAAE,IADL;UAEJU,iBAAiB,EAAE,IAFf;UAGJC,OAAO,EAAE,CAAC2B,cAAc,CAAC1B,MAAhB,EAAwBT,SAAS,CAACS,MAAlC,CAHL;UAIJC,iBAAiB,EAAE,YAJf;UAKJC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IADQ;YAElBC,cAAc,EAAEsB,cAAc,CAAC1B,MAAf,CAAsBK,QAFpB;YAGlBC,oBAAoB,EAAE,mBAHJ;YAIlBC,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAJE;YAKlBC,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CALG;YAMlB4B,qBAAqB,EAAE,EANL;YAOlB3B,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAX,CADI;cAEbC,WAAW,EAAE;YAFA,CAPC;YAWlB;YACAC,MAAM,EAAE,CAZU;YAalBC,UAAU,EAAE,EAbM;YAclBC,MAAM,EAAE,EAdU;YAelBsB,oBAAoB,EAAE,CAClB;cAAEC,WAAW,EAAEX,aAAa,CAACY,MAAd,CAAqBC,GAApC;cAAyCC,SAAS,EAAE;YAApD,CADkB;UAfJ,CALlB;UAwBJC,qBAAqB,EAAE,CACnB;YACIvC,QAAQ,EAAE,IADd;YAEII,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAFpB;YAGIC,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAHnB;YAIIC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cADJ,CADI;cAIbgC,OAAO,EAAE,EAJI;cAKb/B,WAAW,EAAE;YALA,CAJrB;YAWIgC,WAAW,EAAE,WAXjB;YAYItC,oBAAoB,EAAE,WAZ1B;YAaIF,cAAc,EAAEb,SAAS,CAACS,MAAV,CAAiBK,QAbrC;YAcI;YACAQ,MAAM,EAAE,CAfZ;YAgBIC,UAAU,EAAE,OAhBhB;YAgByB;YACrBC,MAAM,EAAE;UAjBZ,CADmB,CAxBnB;UA6CJE,oBAAoB,EAAE,CAClB;YACIC,SAAS,EAAE,GADf;YAEIC,YAAY,EAAE,GAFlB;YAGIC,gBAAgB,EAAE;UAHtB,CADkB,CA7ClB;UAoDJJ,UAAU,EAAE,gBApDR;UAqDJK,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YADL;UADN,CArDV;UA0DJC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UADf;QA1Df;MAF4D,CAA7C,CAA3B;MAkEA,MAAMoB,YAAY,GAAG,IAAAC,8CAAA,EAA0BtE,GAA1B,EAA+B;QAChDuE,WAAW,EAAE/D,IAAI,CAACgE,wBAD8B;QAEhDC,cAAc,EAAEjE,IAAI,CAACkE,2BAF2B;QAGhDC,eAAe,EAAEnE,IAAI,CAACoE,4BAH0B;QAIhDC,MAAM,EAAEvE,MAAM,CAACwE,WAAY,WAAU7D,aAAa,CAAC8C,MAAd,CAAqBgB,UAAW,EAJrB;QAKhDC,WAAW,EAAE1E,MAAM,CAACwE,WAAY,WAAUnB,kBAAkB,CAACI,MAAnB,CAA0BgB,UAAW,EAL/B;QAMhDE,MAAM,EAAE/B,cAAc,CAAC+B,MAAf,CAAsBlB,MAAtB,CAA6BkB,MANW;QAOhDC,YAAY,EAAEvB,kBAAkB,CAACI,MAAnB,CAA0BoB;MAPQ,CAA/B,CAArB;MAUA,MAAMC,OAAO,GAAGpF,GAAG,CAACa,QAAJ,CAAad,gBAAgB,CAACqF,OAA9B,CAAhB;;MACA,IAAIA,OAAJ,EAAa;QACT,IAAAC,+BAAA,EAAkB1B,kBAAlB,EAAsCyB,OAAtC;MACH;;MAED,IAAIE,OAAO,CAACC,GAAR,CAAYC,uBAAhB,EAAyC;QACrC,IAAAC,+BAAA,EAAkBzF,GAAlB,EAAuB2D,kBAAvB;MACH;;MAED3D,GAAG,CAAC0F,UAAJ,CAAe;QACX;QACA;QACA;QACAC,KAAK,EAAE1E,aAAa,CAAC8C,MAAd,CAAqBoB,EAJjB;QAKXS,UAAU,EAAE7E,SAAS,CAACkE,MAAV,CAAiBlB,MAAjB,CAAwBoB,EALzB;QAMXN,MAAM,EAAE5D,aAAa,CAAC8C,MAAd,CAAqBgB,UAArB,CAAgCc,KAAhC,CAAsCC,KAAK,IAAK,WAAUA,KAAM,EAAhE,CANG;QAOXC,SAAS,EAAE9E,aAAa,CAAC8C,MAAd,CAAqBgB,UAPrB;QAQX;QACA;QACA;QACAiB,UAAU,EAAErC,kBAAkB,CAACI,MAAnB,CAA0BoB,EAX3B;QAYXc,eAAe,EAAE/C,cAAc,CAAC+B,MAAf,CAAsBlB,MAAtB,CAA6BoB,EAZnC;QAaXe,cAAc,EAAEvC,kBAAkB,CAACI,MAAnB,CAA0BgB,UAb/B;QAcXC,WAAW,EAAErB,kBAAkB,CAACI,MAAnB,CAA0BgB,UAA1B,CAAqCc,KAArC,CAA2CC,KAAK,IAAK,WAAUA,KAAM,EAArE;MAdF,CAAf;MAiBA,IAAAK,mBAAA,EAAa;QACTC,cAAc,EAAEC,MAAM,CAACf,OAAO,CAACC,GAAR,CAAY,qBAAZ,CAAD,CADb;QAETe,cAAc,EAAED,MAAM,CAACf,OAAO,CAACC,GAAR,CAAY,YAAZ,CAAD;MAFb,CAAb;MAKA,OAAO;QACHlB,YADG;QAEHrE,GAAG,kCACIe,SADJ;UAECK,UAAU,EAAEH;QAFb,EAFA;QAMHsF,QAAQ,kCACDrD,cADC;UAEJ9B,UAAU,EAAEuC;QAFR;MANL,CAAP;IAWH;EAlMuB,CAAhB,CAAZ;EAqMA,OAAO,IAAA6C,mCAAA,EAA6BxG,GAA7B,CAAP;AACH,CAvMM"}
1
+ {"version":3,"names":["createWebsitePulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","pulumi","addHandler","core","addModule","CoreOutput","VpcConfig","enabled","getParam","vpc","appBucket","createPrivateAppBucket","appCloudfront","addResource","aws","cloudfront","Distribution","waitForDeployment","origins","origin","defaultRootObject","defaultCacheBehavior","compress","targetOriginId","originId","viewerProtocolPolicy","allowedMethods","cachedMethods","forwardedValues","cookies","forward","queryString","minTtl","defaultTtl","maxTtl","priceClass","customErrorResponses","errorCode","responseCode","responsePagePath","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","deliveryBucket","viewerRequest","Function","runtime","publish","code","fs","readFileSync","__dirname","deliveryCloudfront","originRequestPolicyId","functionAssociations","functionArn","output","arn","eventType","orderedCacheBehaviors","headers","pathPattern","prerendering","createPrerenderingService","dbTableName","primaryDynamodbTableName","dbTableHashKey","primaryDynamodbTableHashKey","dbTableRangeKey","primaryDynamodbTableRangeKey","appUrl","interpolate","domainName","deliveryUrl","bucket","cloudfrontId","id","domains","applyCustomDomain","previewDomains","process","env","WCP_PROJECT_ENVIRONMENT","WEBINY_MULTI_TENANCY","applyTenantRouter","addOutputs","appId","appStorage","apply","value","appDomain","deliveryId","deliveryStorage","deliveryDomain","tagResources","WbyProjectName","String","WbyEnvironment","delivery","withCommonLambdaEnvVariables"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport fs from \"fs\";\nimport { createPulumiApp, PulumiAppParamCallback, PulumiAppParam } from \"@webiny/pulumi\";\nimport { createPrivateAppBucket } from \"../createAppBucket\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\nimport { createPrerenderingService } from \"./WebsitePrerendering\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { tagResources, withCommonLambdaEnvVariables } from \"~/utils\";\nimport { applyTenantRouter } from \"~/apps/tenantRouter\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport interface CreateWebsitePulumiAppParams {\n /**\n * Custom domain(s) configuration.\n */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Custom preview domain(s) configuration.\n */\n previewDomains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the `core` application.\n */\n vpc?: PulumiAppParam<boolean | undefined>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: WebsitePulumiApp) => void | Promise<void>;\n}\n\nexport const createWebsitePulumiApp = (projectAppParams: CreateWebsitePulumiAppParams = {}) => {\n const app = createPulumiApp({\n name: \"website\",\n path: \"apps/website\",\n config: projectAppParams,\n program: async app => {\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as WebsitePulumiApp);\n });\n }\n\n // Register core output as a module available for all other modules\n const core = app.addModule(CoreOutput);\n\n // Register VPC config module to be available to other modules\n app.addModule(VpcConfig, {\n enabled: app.getParam(projectAppParams.vpc)\n });\n\n const appBucket = createPrivateAppBucket(app, \"app\");\n\n const appCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"app\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: appBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: false\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 0\n },\n priceClass: \"PriceClass_100\",\n customErrorResponses: [\n { errorCode: 404, responseCode: 404, responsePagePath: \"/index.html\" }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const deliveryBucket = createPrivateAppBucket(app, \"delivery\");\n\n /**\n * We need to have a Cloudfront Function to perform a simple request rewrite, so the request always includes\n * an \"/index.html\". This is necessary because our buckets are not \"website\" buckets, and we need to\n * have an exact object key when requesting page paths.\n */\n const viewerRequest = app.addResource(aws.cloudfront.Function, {\n name: \"cfViewerRequest\",\n config: {\n runtime: \"cloudfront-js-1.0\",\n publish: true,\n code: fs.readFileSync(__dirname + `/deliveryViewerRequest.js`, \"utf8\")\n }\n });\n\n const deliveryCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"delivery\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [deliveryBucket.origin, appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: deliveryBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n originRequestPolicyId: \"\",\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 30,\n maxTtl: 30,\n functionAssociations: [\n { functionArn: viewerRequest.output.arn, eventType: \"viewer-request\" }\n ]\n },\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/static/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId,\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 2592000, // 30 days\n maxTtl: 2592000\n }\n ],\n customErrorResponses: [\n {\n errorCode: 404,\n responseCode: 404,\n responsePagePath: \"/_NOT_FOUND_PAGE_/index.html\"\n }\n ],\n priceClass: \"PriceClass_100\",\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const prerendering = createPrerenderingService(app, {\n dbTableName: core.primaryDynamodbTableName,\n dbTableHashKey: core.primaryDynamodbTableHashKey,\n dbTableRangeKey: core.primaryDynamodbTableRangeKey,\n appUrl: pulumi.interpolate`https://${appCloudfront.output.domainName}`,\n deliveryUrl: pulumi.interpolate`https://${deliveryCloudfront.output.domainName}`,\n bucket: deliveryBucket.bucket.output.bucket,\n cloudfrontId: deliveryCloudfront.output.id\n });\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(deliveryCloudfront, domains);\n }\n\n const previewDomains = app.getParam(projectAppParams.previewDomains);\n if (previewDomains) {\n applyCustomDomain(appCloudfront, previewDomains);\n }\n\n if (\n process.env.WCP_PROJECT_ENVIRONMENT ||\n process.env.WEBINY_MULTI_TENANCY === \"true\"\n ) {\n applyTenantRouter(app, deliveryCloudfront);\n }\n\n app.addOutputs({\n // Cloudfront and S3 bucket used to host the single-page application (SPA). The URL of the distribution is mainly\n // utilized by the Page Builder app's prerendering engine. Using this URL, it accesses the SPA and creates HTML snapshots.\n // The files that are generated in that process are stored in the `deliveryStorage` S3 bucket further below.\n appId: appCloudfront.output.id,\n appStorage: appBucket.bucket.output.id,\n appUrl: appCloudfront.output.domainName.apply(value => `https://${value}`),\n appDomain: appCloudfront.output.domainName,\n // These are the Cloudfront and S3 bucket that will deliver static pages to the actual website visitors.\n // The static HTML snapshots delivered from them still rely on the app's S3 bucket\n // defined above, for serving static assets (JS, CSS, images).\n deliveryId: deliveryCloudfront.output.id,\n deliveryStorage: deliveryBucket.bucket.output.id,\n deliveryDomain: deliveryCloudfront.output.domainName,\n deliveryUrl: deliveryCloudfront.output.domainName.apply(value => `https://${value}`)\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n prerendering,\n app: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n delivery: {\n ...deliveryBucket,\n cloudfront: deliveryCloudfront\n }\n };\n }\n });\n\n return withCommonLambdaEnvVariables(app);\n};\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;;;;;AA4BO,MAAMA,sBAAsB,GAAG,CAACC,gBAA8C,GAAG,EAAlD,KAAyD;EAC3F,MAAMC,GAAG,GAAG,IAAAC,wBAAA,EAAgB;IACxBC,IAAI,EAAE,SADkB;IAExBC,IAAI,EAAE,cAFkB;IAGxBC,MAAM,EAAEL,gBAHgB;IAIxBM,OAAO,EAAE,MAAML,GAAN,IAAa;MAClB;MACA;MACA,IAAID,gBAAgB,CAACO,MAArB,EAA6B;QACzBN,GAAG,CAACO,UAAJ,CAAe,MAAM;UACjB,OAAOR,gBAAgB,CAACO,MAAjB,CAAyBN,GAAzB,CAAP;QACH,CAFD;MAGH,CAPiB,CASlB;;;MACA,MAAMQ,IAAI,GAAGR,GAAG,CAACS,SAAJ,CAAcC,YAAd,CAAb,CAVkB,CAYlB;;MACAV,GAAG,CAACS,SAAJ,CAAcE,WAAd,EAAyB;QACrBC,OAAO,EAAEZ,GAAG,CAACa,QAAJ,CAAad,gBAAgB,CAACe,GAA9B;MADY,CAAzB;MAIA,MAAMC,SAAS,GAAG,IAAAC,uCAAA,EAAuBhB,GAAvB,EAA4B,KAA5B,CAAlB;MAEA,MAAMiB,aAAa,GAAGjB,GAAG,CAACkB,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAeC,YAA/B,EAA6C;QAC/DnB,IAAI,EAAE,KADyD;QAE/DE,MAAM,EAAE;UACJQ,OAAO,EAAE,IADL;UAEJU,iBAAiB,EAAE,IAFf;UAGJC,OAAO,EAAE,CAACR,SAAS,CAACS,MAAX,CAHL;UAIJC,iBAAiB,EAAE,YAJf;UAKJC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IADQ;YAElBC,cAAc,EAAEb,SAAS,CAACS,MAAV,CAAiBK,QAFf;YAGlBC,oBAAoB,EAAE,mBAHJ;YAIlBC,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAJE;YAKlBC,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CALG;YAMlBC,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAX,CADI;cAEbC,WAAW,EAAE;YAFA,CANC;YAUlB;YACAC,MAAM,EAAE,CAXU;YAYlBC,UAAU,EAAE,CAZM;YAalBC,MAAM,EAAE;UAbU,CALlB;UAoBJC,UAAU,EAAE,gBApBR;UAqBJC,oBAAoB,EAAE,CAClB;YAAEC,SAAS,EAAE,GAAb;YAAkBC,YAAY,EAAE,GAAhC;YAAqCC,gBAAgB,EAAE;UAAvD,CADkB,CArBlB;UAwBJC,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YADL;UADN,CAxBV;UA6BJC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UADf;QA7Bf;MAFuD,CAA7C,CAAtB;MAqCA,MAAMC,cAAc,GAAG,IAAAlC,uCAAA,EAAuBhB,GAAvB,EAA4B,UAA5B,CAAvB;MAEA;AACZ;AACA;AACA;AACA;;MACY,MAAMmD,aAAa,GAAGnD,GAAG,CAACkB,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAegC,QAA/B,EAAyC;QAC3DlD,IAAI,EAAE,iBADqD;QAE3DE,MAAM,EAAE;UACJiD,OAAO,EAAE,mBADL;UAEJC,OAAO,EAAE,IAFL;UAGJC,IAAI,EAAEC,WAAA,CAAGC,YAAH,CAAgBC,SAAS,GAAI,2BAA7B,EAAyD,MAAzD;QAHF;MAFmD,CAAzC,CAAtB;MASA,MAAMC,kBAAkB,GAAG3D,GAAG,CAACkB,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAeC,YAA/B,EAA6C;QACpEnB,IAAI,EAAE,UAD8D;QAEpEE,MAAM,EAAE;UACJQ,OAAO,EAAE,IADL;UAEJU,iBAAiB,EAAE,IAFf;UAGJC,OAAO,EAAE,CAAC2B,cAAc,CAAC1B,MAAhB,EAAwBT,SAAS,CAACS,MAAlC,CAHL;UAIJC,iBAAiB,EAAE,YAJf;UAKJC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IADQ;YAElBC,cAAc,EAAEsB,cAAc,CAAC1B,MAAf,CAAsBK,QAFpB;YAGlBC,oBAAoB,EAAE,mBAHJ;YAIlBC,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAJE;YAKlBC,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CALG;YAMlB4B,qBAAqB,EAAE,EANL;YAOlB3B,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAX,CADI;cAEbC,WAAW,EAAE;YAFA,CAPC;YAWlB;YACAC,MAAM,EAAE,CAZU;YAalBC,UAAU,EAAE,EAbM;YAclBC,MAAM,EAAE,EAdU;YAelBsB,oBAAoB,EAAE,CAClB;cAAEC,WAAW,EAAEX,aAAa,CAACY,MAAd,CAAqBC,GAApC;cAAyCC,SAAS,EAAE;YAApD,CADkB;UAfJ,CALlB;UAwBJC,qBAAqB,EAAE,CACnB;YACIvC,QAAQ,EAAE,IADd;YAEII,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAFpB;YAGIC,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAHnB;YAIIC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cADJ,CADI;cAIbgC,OAAO,EAAE,EAJI;cAKb/B,WAAW,EAAE;YALA,CAJrB;YAWIgC,WAAW,EAAE,WAXjB;YAYItC,oBAAoB,EAAE,WAZ1B;YAaIF,cAAc,EAAEb,SAAS,CAACS,MAAV,CAAiBK,QAbrC;YAcI;YACAQ,MAAM,EAAE,CAfZ;YAgBIC,UAAU,EAAE,OAhBhB;YAgByB;YACrBC,MAAM,EAAE;UAjBZ,CADmB,CAxBnB;UA6CJE,oBAAoB,EAAE,CAClB;YACIC,SAAS,EAAE,GADf;YAEIC,YAAY,EAAE,GAFlB;YAGIC,gBAAgB,EAAE;UAHtB,CADkB,CA7ClB;UAoDJJ,UAAU,EAAE,gBApDR;UAqDJK,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YADL;UADN,CArDV;UA0DJC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UADf;QA1Df;MAF4D,CAA7C,CAA3B;MAkEA,MAAMoB,YAAY,GAAG,IAAAC,8CAAA,EAA0BtE,GAA1B,EAA+B;QAChDuE,WAAW,EAAE/D,IAAI,CAACgE,wBAD8B;QAEhDC,cAAc,EAAEjE,IAAI,CAACkE,2BAF2B;QAGhDC,eAAe,EAAEnE,IAAI,CAACoE,4BAH0B;QAIhDC,MAAM,EAAEvE,MAAM,CAACwE,WAAY,WAAU7D,aAAa,CAAC8C,MAAd,CAAqBgB,UAAW,EAJrB;QAKhDC,WAAW,EAAE1E,MAAM,CAACwE,WAAY,WAAUnB,kBAAkB,CAACI,MAAnB,CAA0BgB,UAAW,EAL/B;QAMhDE,MAAM,EAAE/B,cAAc,CAAC+B,MAAf,CAAsBlB,MAAtB,CAA6BkB,MANW;QAOhDC,YAAY,EAAEvB,kBAAkB,CAACI,MAAnB,CAA0BoB;MAPQ,CAA/B,CAArB;MAUA,MAAMC,OAAO,GAAGpF,GAAG,CAACa,QAAJ,CAAad,gBAAgB,CAACqF,OAA9B,CAAhB;;MACA,IAAIA,OAAJ,EAAa;QACT,IAAAC,+BAAA,EAAkB1B,kBAAlB,EAAsCyB,OAAtC;MACH;;MAED,MAAME,cAAc,GAAGtF,GAAG,CAACa,QAAJ,CAAad,gBAAgB,CAACuF,cAA9B,CAAvB;;MACA,IAAIA,cAAJ,EAAoB;QAChB,IAAAD,+BAAA,EAAkBpE,aAAlB,EAAiCqE,cAAjC;MACH;;MAED,IACIC,OAAO,CAACC,GAAR,CAAYC,uBAAZ,IACAF,OAAO,CAACC,GAAR,CAAYE,oBAAZ,KAAqC,MAFzC,EAGE;QACE,IAAAC,+BAAA,EAAkB3F,GAAlB,EAAuB2D,kBAAvB;MACH;;MAED3D,GAAG,CAAC4F,UAAJ,CAAe;QACX;QACA;QACA;QACAC,KAAK,EAAE5E,aAAa,CAAC8C,MAAd,CAAqBoB,EAJjB;QAKXW,UAAU,EAAE/E,SAAS,CAACkE,MAAV,CAAiBlB,MAAjB,CAAwBoB,EALzB;QAMXN,MAAM,EAAE5D,aAAa,CAAC8C,MAAd,CAAqBgB,UAArB,CAAgCgB,KAAhC,CAAsCC,KAAK,IAAK,WAAUA,KAAM,EAAhE,CANG;QAOXC,SAAS,EAAEhF,aAAa,CAAC8C,MAAd,CAAqBgB,UAPrB;QAQX;QACA;QACA;QACAmB,UAAU,EAAEvC,kBAAkB,CAACI,MAAnB,CAA0BoB,EAX3B;QAYXgB,eAAe,EAAEjD,cAAc,CAAC+B,MAAf,CAAsBlB,MAAtB,CAA6BoB,EAZnC;QAaXiB,cAAc,EAAEzC,kBAAkB,CAACI,MAAnB,CAA0BgB,UAb/B;QAcXC,WAAW,EAAErB,kBAAkB,CAACI,MAAnB,CAA0BgB,UAA1B,CAAqCgB,KAArC,CAA2CC,KAAK,IAAK,WAAUA,KAAM,EAArE;MAdF,CAAf;MAiBA,IAAAK,mBAAA,EAAa;QACTC,cAAc,EAAEC,MAAM,CAAChB,OAAO,CAACC,GAAR,CAAY,qBAAZ,CAAD,CADb;QAETgB,cAAc,EAAED,MAAM,CAAChB,OAAO,CAACC,GAAR,CAAY,YAAZ,CAAD;MAFb,CAAb;MAKA,OAAO;QACHnB,YADG;QAEHrE,GAAG,kCACIe,SADJ;UAECK,UAAU,EAAEH;QAFb,EAFA;QAMHwF,QAAQ,kCACDvD,cADC;UAEJ9B,UAAU,EAAEuC;QAFR;MANL,CAAP;IAWH;EA1MuB,CAAhB,CAAZ;EA6MA,OAAO,IAAA+C,mCAAA,EAA6B1G,GAA7B,CAAP;AACH,CA/MM"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@webiny/pulumi-aws",
3
- "version": "5.32.0-beta.0",
3
+ "version": "5.33.0-beta.0",
4
4
  "repository": {
5
5
  "type": "git",
6
6
  "url": "https://github.com/webiny/webiny-js.git"
@@ -15,8 +15,8 @@
15
15
  "dependencies": {
16
16
  "@pulumi/aws": "^5.8.0",
17
17
  "@pulumi/pulumi": "^3.34.0",
18
- "@webiny/cli-plugin-deploy-pulumi": "5.32.0-beta.0",
19
- "@webiny/pulumi": "5.32.0-beta.0",
18
+ "@webiny/cli-plugin-deploy-pulumi": "5.33.0-beta.0",
19
+ "@webiny/pulumi": "5.33.0-beta.0",
20
20
  "form-data": "4.0.0",
21
21
  "node-fetch": "2.6.7"
22
22
  },
@@ -26,10 +26,10 @@
26
26
  "@babel/preset-env": "^7.16.4",
27
27
  "@babel/preset-typescript": "^7.16.0",
28
28
  "@babel/runtime": "^7.16.3",
29
- "@webiny/api-page-builder": "^5.32.0-beta.0",
30
- "@webiny/aws-layers": "^5.32.0-beta.0",
31
- "@webiny/cli": "^5.32.0-beta.0",
32
- "@webiny/project-utils": "^5.32.0-beta.0",
29
+ "@webiny/api-page-builder": "^5.33.0-beta.0",
30
+ "@webiny/aws-layers": "^5.33.0-beta.0",
31
+ "@webiny/cli": "^5.33.0-beta.0",
32
+ "@webiny/project-utils": "^5.33.0-beta.0",
33
33
  "chalk": "^4.1.0",
34
34
  "lodash": "^4.5.0",
35
35
  "mime": "2.5.2",
@@ -49,5 +49,5 @@
49
49
  ]
50
50
  }
51
51
  },
52
- "gitHead": "01b97900303977e0b418d60aa1c789fad71f5cef"
52
+ "gitHead": "8809a70796e5117e92416d6859c1f5dcae2a8c98"
53
53
  }
package/utils/uploadFolderToS3.js CHANGED
@@ -139,7 +139,7 @@ const uploadFolderToS3 = async ({
139
139
  const data = _objectSpread(_objectSpread({}, fields), {}, {
140
140
  "Content-Type": contentType || "",
141
141
  "X-Amz-Meta-Checksum": checksum,
142
- file: _fs.default.readFileSync(path, "utf8")
142
+ file: _fs.default.readFileSync(path)
143
143
  });
144
144
 
145
145
  if (cacheControl) {
package/utils/uploadFolderToS3.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["getFileChecksum","file","crypto","require","hash","createHash","Promise","resolve","stream","fs","createReadStream","on","data","update","digest","uploadFolderToS3","path","root","bucket","onFileUploadSuccess","onFileUploadError","onFileUploadSkip","acl","cacheControl","s3","S3Client","region","process","env","AWS_REGION","existsSync","Error","paths","crawlDirectory","push","pathsChunks","chunk","cacheControls","pattern","value","Array","isArray","i","length","promises","j","key","relative","replace","checksum","skipUpload","existingObject","headObject","Bucket","Key","promise","Metadata","full","find","item","test","contentType","mime","getType","url","fields","getPresignedPost","undefined","readFileSync","formData","FormData","Object","keys","forEach","append","res","fetch","method","body","status","statusText","text","e","error","all"],"sources":["uploadFolderToS3.ts"],"sourcesContent":["import fs from \"fs\";\nimport fetch from \"node-fetch\";\nimport FormData from \"form-data\";\nimport S3Client from \"aws-sdk/clients/s3\";\nimport mime from \"mime\";\nimport chunk from \"lodash/chunk\";\nimport { relative } from \"path\";\nimport { crawlDirectory } from \"./crawlDirectory\";\nimport { getPresignedPost } from \"./getPresignedPost\";\n\nfunction getFileChecksum(file: string): Promise<string> {\n const crypto = require(\"crypto\");\n const hash = crypto.createHash(\"md5\");\n\n return new Promise(resolve => {\n const stream = fs.createReadStream(file);\n stream.on(\"data\", function (data: any) {\n hash.update(data, \"utf8\");\n });\n\n stream.on(\"end\", function () {\n resolve(hash.digest(\"hex\"));\n });\n });\n}\n\nimport { BucketName, CacheControl } from \"aws-sdk/clients/s3\";\n\nexport interface Paths {\n full: string;\n relative: string;\n}\n\nexport type CacheControls = Array<{ pattern: RegExp; value: CacheControl }>;\n\nexport interface UploadFolderToS3Params {\n // Path to the folder that needs to be uploaded.\n path: string;\n\n // Object ACL.\n acl: string;\n\n // A callback that gets called every time a file has been uploaded successfully.\n onFileUploadSuccess: (params: { paths: Paths }) => void;\n\n // A callback that gets called every time a file has not been uploaded successfully.\n onFileUploadError: (params: { paths: Paths; error: Error }) => void;\n\n // A callback that gets called every time a file upload has been skipped.\n onFileUploadSkip: (params: { paths: Paths }) => void;\n\n // Target bucket\n bucket: BucketName;\n\n // Cache control to apply to each uploaded file\n cacheControl?: CacheControl | CacheControls;\n}\n\nexport const uploadFolderToS3 = async ({\n path: root,\n bucket,\n onFileUploadSuccess,\n onFileUploadError,\n onFileUploadSkip,\n // For backwards compatibility, we need to leave ACL on \"public-read\".\n acl = \"public-read\",\n cacheControl = \"max-age=31536000\"\n}: UploadFolderToS3Params) => {\n const s3 = new S3Client({ region: process.env.AWS_REGION });\n\n if (!fs.existsSync(root)) {\n throw new Error(\"Cannot continue, folder does not exist.\");\n }\n\n const paths: string[] = [];\n\n await crawlDirectory(root, async (path: string) => {\n paths.push(path);\n });\n\n const pathsChunks = chunk(paths, 20);\n\n const cacheControls: CacheControls = [];\n if (typeof cacheControl === \"string\") {\n cacheControls.push({ pattern: /.*/, value: cacheControl });\n } else if (Array.isArray(cacheControls)) {\n cacheControls.push(...cacheControl);\n }\n\n for (let i = 0; i < pathsChunks.length; i++) {\n const chunk = pathsChunks[i];\n\n const promises = [];\n for (let j = 0; j < chunk.length; j++) {\n const path = chunk[j];\n\n promises.push(\n new Promise<void>(async resolve => {\n // We also replace \"\\\" with \"/\", which is a path separator on Windows' CMD or Powershell.\n const key = relative(root, path).replace(/\\\\/g, \"/\");\n try {\n // Get file checksum so that we can check if a file needs to be uploaded or not.\n const checksum = await getFileChecksum(path);\n\n let skipUpload = false;\n try {\n const existingObject = await s3\n .headObject({\n Bucket: bucket,\n Key: key\n })\n .promise();\n\n if (existingObject.Metadata?.checksum === checksum) {\n skipUpload = true;\n }\n } catch {\n // Do nothing.\n }\n\n if (skipUpload) {\n if (typeof onFileUploadSkip === \"function\") {\n await onFileUploadSkip({ paths: { full: path, relative: key } });\n }\n } else {\n const cacheControl = cacheControls.find(item => item.pattern.test(key));\n const contentType = mime.getType(path);\n\n const { url, fields } = await getPresignedPost({\n bucket,\n key,\n acl,\n checksum,\n contentType,\n cacheControl: cacheControl ? cacheControl.value : undefined\n });\n\n const data: Record<string, string> = {\n ...fields,\n \"Content-Type\": contentType || \"\",\n \"X-Amz-Meta-Checksum\": checksum,\n file: fs.readFileSync(path, \"utf8\")\n };\n\n if (cacheControl) {\n data[\"Cache-Control\"] = cacheControl.value;\n }\n\n const formData = new FormData();\n Object.keys(data).forEach(key => {\n formData.append(key, data[key]);\n });\n\n const res = await fetch(url, {\n method: \"POST\",\n body: formData\n });\n\n if (res.status > 299) {\n throw new Error(`${res.statusText}\\n${await res.text()}`);\n }\n\n if (typeof onFileUploadSuccess === \"function\") {\n await onFileUploadSuccess({ paths: { full: path, relative: key } });\n }\n }\n resolve();\n } catch (e) {\n if (typeof onFileUploadError === \"function\") {\n await onFileUploadError({\n paths: { full: path, relative: key },\n error: e\n });\n }\n resolve();\n }\n })\n );\n }\n\n await Promise.all(promises);\n }\n};\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;AAEA,SAASA,eAAT,CAAyBC,IAAzB,EAAwD;EACpD,MAAMC,MAAM,GAAGC,OAAO,CAAC,QAAD,CAAtB;;EACA,MAAMC,IAAI,GAAGF,MAAM,CAACG,UAAP,CAAkB,KAAlB,CAAb;EAEA,OAAO,IAAIC,OAAJ,CAAYC,OAAO,IAAI;IAC1B,MAAMC,MAAM,GAAGC,WAAA,CAAGC,gBAAH,CAAoBT,IAApB,CAAf;;IACAO,MAAM,CAACG,EAAP,CAAU,MAAV,EAAkB,UAAUC,IAAV,EAAqB;MACnCR,IAAI,CAACS,MAAL,CAAYD,IAAZ,EAAkB,MAAlB;IACH,CAFD;IAIAJ,MAAM,CAACG,EAAP,CAAU,KAAV,EAAiB,YAAY;MACzBJ,OAAO,CAACH,IAAI,CAACU,MAAL,CAAY,KAAZ,CAAD,CAAP;IACH,CAFD;EAGH,CATM,CAAP;AAUH;;AAkCM,MAAMC,gBAAgB,GAAG,OAAO;EACnCC,IAAI,EAAEC,IAD6B;EAEnCC,MAFmC;EAGnCC,mBAHmC;EAInCC,iBAJmC;EAKnCC,gBALmC;EAMnC;EACAC,GAAG,GAAG,aAP6B;EAQnCC,YAAY,GAAG;AARoB,CAAP,KASF;EAC1B,MAAMC,EAAE,GAAG,IAAIC,UAAJ,CAAa;IAAEC,MAAM,EAAEC,OAAO,CAACC,GAAR,CAAYC;EAAtB,CAAb,CAAX;;EAEA,IAAI,CAACpB,WAAA,CAAGqB,UAAH,CAAcb,IAAd,CAAL,EAA0B;IACtB,MAAM,IAAIc,KAAJ,CAAU,yCAAV,CAAN;EACH;;EAED,MAAMC,KAAe,GAAG,EAAxB;EAEA,MAAM,IAAAC,8BAAA,EAAehB,IAAf,EAAqB,MAAOD,IAAP,IAAwB;IAC/CgB,KAAK,CAACE,IAAN,CAAWlB,IAAX;EACH,CAFK,CAAN;EAIA,MAAMmB,WAAW,GAAG,IAAAC,cAAA,EAAMJ,KAAN,EAAa,EAAb,CAApB;EAEA,MAAMK,aAA4B,GAAG,EAArC;;EACA,IAAI,OAAOd,YAAP,KAAwB,QAA5B,EAAsC;IAClCc,aAAa,CAACH,IAAd,CAAmB;MAAEI,OAAO,EAAE,IAAX;MAAiBC,KAAK,EAAEhB;IAAxB,CAAnB;EACH,CAFD,MAEO,IAAIiB,KAAK,CAACC,OAAN,CAAcJ,aAAd,CAAJ,EAAkC;IACrCA,aAAa,CAACH,IAAd,CAAmB,GAAGX,YAAtB;EACH;;EAED,KAAK,IAAImB,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGP,WAAW,CAACQ,MAAhC,EAAwCD,CAAC,EAAzC,EAA6C;IACzC,MAAMN,KAAK,GAAGD,WAAW,CAACO,CAAD,CAAzB;IAEA,MAAME,QAAQ,GAAG,EAAjB;;IACA,KAAK,IAAIC,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGT,KAAK,CAACO,MAA1B,EAAkCE,CAAC,EAAnC,EAAuC;MACnC,MAAM7B,IAAI,GAAGoB,KAAK,CAACS,CAAD,CAAlB;MAEAD,QAAQ,CAACV,IAAT,CACI,IAAI5B,OAAJ,CAAkB,MAAMC,OAAN,IAAiB;QAC/B;QACA,MAAMuC,GAAG,GAAG,IAAAC,cAAA,EAAS9B,IAAT,EAAeD,IAAf,EAAqBgC,OAArB,CAA6B,KAA7B,EAAoC,GAApC,CAAZ;;QACA,IAAI;UACA;UACA,MAAMC,QAAQ,GAAG,MAAMjD,eAAe,CAACgB,IAAD,CAAtC;UAEA,IAAIkC,UAAU,GAAG,KAAjB;;UACA,IAAI;YAAA;;YACA,MAAMC,cAAc,GAAG,MAAM3B,EAAE,CAC1B4B,UADwB,CACb;cACRC,MAAM,EAAEnC,MADA;cAERoC,GAAG,EAAER;YAFG,CADa,EAKxBS,OALwB,EAA7B;;YAOA,IAAI,0BAAAJ,cAAc,CAACK,QAAf,gFAAyBP,QAAzB,MAAsCA,QAA1C,EAAoD;cAChDC,UAAU,GAAG,IAAb;YACH;UACJ,CAXD,CAWE,MAAM,CACJ;UACH;;UAED,IAAIA,UAAJ,EAAgB;YACZ,IAAI,OAAO7B,gBAAP,KAA4B,UAAhC,EAA4C;cACxC,MAAMA,gBAAgB,CAAC;gBAAEW,KAAK,EAAE;kBAAEyB,IAAI,EAAEzC,IAAR;kBAAc+B,QAAQ,EAAED;gBAAxB;cAAT,CAAD,CAAtB;YACH;UACJ,CAJD,MAIO;YACH,MAAMvB,YAAY,GAAGc,aAAa,CAACqB,IAAd,CAAmBC,IAAI,IAAIA,IAAI,CAACrB,OAAL,CAAasB,IAAb,CAAkBd,GAAlB,CAA3B,CAArB;;YACA,MAAMe,WAAW,GAAGC,aAAA,CAAKC,OAAL,CAAa/C,IAAb,CAApB;;YAEA,MAAM;cAAEgD,GAAF;cAAOC;YAAP,IAAkB,MAAM,IAAAC,kCAAA,EAAiB;cAC3ChD,MAD2C;cAE3C4B,GAF2C;cAG3CxB,GAH2C;cAI3C2B,QAJ2C;cAK3CY,WAL2C;cAM3CtC,YAAY,EAAEA,YAAY,GAAGA,YAAY,CAACgB,KAAhB,GAAwB4B;YANP,CAAjB,CAA9B;;YASA,MAAMvD,IAA4B,mCAC3BqD,MAD2B;cAE9B,gBAAgBJ,WAAW,IAAI,EAFD;cAG9B,uBAAuBZ,QAHO;cAI9BhD,IAAI,EAAEQ,WAAA,CAAG2D,YAAH,CAAgBpD,IAAhB,EAAsB,MAAtB;YAJwB,EAAlC;;YAOA,IAAIO,YAAJ,EAAkB;cACdX,IAAI,CAAC,eAAD,CAAJ,GAAwBW,YAAY,CAACgB,KAArC;YACH;;YAED,MAAM8B,QAAQ,GAAG,IAAIC,iBAAJ,EAAjB;YACAC,MAAM,CAACC,IAAP,CAAY5D,IAAZ,EAAkB6D,OAAlB,CAA0B3B,GAAG,IAAI;cAC7BuB,QAAQ,CAACK,MAAT,CAAgB5B,GAAhB,EAAqBlC,IAAI,CAACkC,GAAD,CAAzB;YACH,CAFD;YAIA,MAAM6B,GAAG,GAAG,MAAM,IAAAC,kBAAA,EAAMZ,GAAN,EAAW;cACzBa,MAAM,EAAE,MADiB;cAEzBC,IAAI,EAAET;YAFmB,CAAX,CAAlB;;YAKA,IAAIM,GAAG,CAACI,MAAJ,GAAa,GAAjB,EAAsB;cAClB,MAAM,IAAIhD,KAAJ,CAAW,GAAE4C,GAAG,CAACK,UAAW,KAAI,MAAML,GAAG,CAACM,IAAJ,EAAW,EAAjD,CAAN;YACH;;YAED,IAAI,OAAO9D,mBAAP,KAA+B,UAAnC,EAA+C;cAC3C,MAAMA,mBAAmB,CAAC;gBAAEa,KAAK,EAAE;kBAAEyB,IAAI,EAAEzC,IAAR;kBAAc+B,QAAQ,EAAED;gBAAxB;cAAT,CAAD,CAAzB;YACH;UACJ;;UACDvC,OAAO;QACV,CAnED,CAmEE,OAAO2E,CAAP,EAAU;UACR,IAAI,OAAO9D,iBAAP,KAA6B,UAAjC,EAA6C;YACzC,MAAMA,iBAAiB,CAAC;cACpBY,KAAK,EAAE;gBAAEyB,IAAI,EAAEzC,IAAR;gBAAc+B,QAAQ,EAAED;cAAxB,CADa;cAEpBqC,KAAK,EAAED;YAFa,CAAD,CAAvB;UAIH;;UACD3E,OAAO;QACV;MACJ,CA/ED,CADJ;IAkFH;;IAED,MAAMD,OAAO,CAAC8E,GAAR,CAAYxC,QAAZ,CAAN;EACH;AACJ,CA5HM"}
1
+ {"version":3,"names":["getFileChecksum","file","crypto","require","hash","createHash","Promise","resolve","stream","fs","createReadStream","on","data","update","digest","uploadFolderToS3","path","root","bucket","onFileUploadSuccess","onFileUploadError","onFileUploadSkip","acl","cacheControl","s3","S3Client","region","process","env","AWS_REGION","existsSync","Error","paths","crawlDirectory","push","pathsChunks","chunk","cacheControls","pattern","value","Array","isArray","i","length","promises","j","key","relative","replace","checksum","skipUpload","existingObject","headObject","Bucket","Key","promise","Metadata","full","find","item","test","contentType","mime","getType","url","fields","getPresignedPost","undefined","readFileSync","formData","FormData","Object","keys","forEach","append","res","fetch","method","body","status","statusText","text","e","error","all"],"sources":["uploadFolderToS3.ts"],"sourcesContent":["import fs from \"fs\";\nimport fetch from \"node-fetch\";\nimport FormData from \"form-data\";\nimport S3Client from \"aws-sdk/clients/s3\";\nimport mime from \"mime\";\nimport chunk from \"lodash/chunk\";\nimport { relative } from \"path\";\nimport { crawlDirectory } from \"./crawlDirectory\";\nimport { getPresignedPost } from \"./getPresignedPost\";\n\nfunction getFileChecksum(file: string): Promise<string> {\n const crypto = require(\"crypto\");\n const hash = crypto.createHash(\"md5\");\n\n return new Promise(resolve => {\n const stream = fs.createReadStream(file);\n stream.on(\"data\", function (data: any) {\n hash.update(data, \"utf8\");\n });\n\n stream.on(\"end\", function () {\n resolve(hash.digest(\"hex\"));\n });\n });\n}\n\nimport { BucketName, CacheControl } from \"aws-sdk/clients/s3\";\n\nexport interface Paths {\n full: string;\n relative: string;\n}\n\nexport type CacheControls = Array<{ pattern: RegExp; value: CacheControl }>;\n\nexport interface UploadFolderToS3Params {\n // Path to the folder that needs to be uploaded.\n path: string;\n\n // Object ACL.\n acl: string;\n\n // A callback that gets called every time a file has been uploaded successfully.\n onFileUploadSuccess: (params: { paths: Paths }) => void;\n\n // A callback that gets called every time a file has not been uploaded successfully.\n onFileUploadError: (params: { paths: Paths; error: Error }) => void;\n\n // A callback that gets called every time a file upload has been skipped.\n onFileUploadSkip: (params: { paths: Paths }) => void;\n\n // Target bucket\n bucket: BucketName;\n\n // Cache control to apply to each uploaded file\n cacheControl?: CacheControl | CacheControls;\n}\n\nexport const uploadFolderToS3 = async ({\n path: root,\n bucket,\n onFileUploadSuccess,\n onFileUploadError,\n onFileUploadSkip,\n // For backwards compatibility, we need to leave ACL on \"public-read\".\n acl = \"public-read\",\n cacheControl = \"max-age=31536000\"\n}: UploadFolderToS3Params) => {\n const s3 = new S3Client({ region: process.env.AWS_REGION });\n\n if (!fs.existsSync(root)) {\n throw new Error(\"Cannot continue, folder does not exist.\");\n }\n\n const paths: string[] = [];\n\n await crawlDirectory(root, async (path: string) => {\n paths.push(path);\n });\n\n const pathsChunks = chunk(paths, 20);\n\n const cacheControls: CacheControls = [];\n if (typeof cacheControl === \"string\") {\n cacheControls.push({ pattern: /.*/, value: cacheControl });\n } else if (Array.isArray(cacheControls)) {\n cacheControls.push(...cacheControl);\n }\n\n for (let i = 0; i < pathsChunks.length; i++) {\n const chunk = pathsChunks[i];\n\n const promises = [];\n for (let j = 0; j < chunk.length; j++) {\n const path = chunk[j];\n\n promises.push(\n new Promise<void>(async resolve => {\n // We also replace \"\\\" with \"/\", which is a path separator on Windows' CMD or Powershell.\n const key = relative(root, path).replace(/\\\\/g, \"/\");\n try {\n // Get file checksum so that we can check if a file needs to be uploaded or not.\n const checksum = await getFileChecksum(path);\n\n let skipUpload = false;\n try {\n const existingObject = await s3\n .headObject({\n Bucket: bucket,\n Key: key\n })\n .promise();\n\n if (existingObject.Metadata?.checksum === checksum) {\n skipUpload = true;\n }\n } catch {\n // Do nothing.\n }\n\n if (skipUpload) {\n if (typeof onFileUploadSkip === \"function\") {\n await onFileUploadSkip({ paths: { full: path, relative: key } });\n }\n } else {\n const cacheControl = cacheControls.find(item => item.pattern.test(key));\n const contentType = mime.getType(path);\n\n const { url, fields } = await getPresignedPost({\n bucket,\n key,\n acl,\n checksum,\n contentType,\n cacheControl: cacheControl ? cacheControl.value : undefined\n });\n\n const data: Record<string, string | Buffer> = {\n ...fields,\n \"Content-Type\": contentType || \"\",\n \"X-Amz-Meta-Checksum\": checksum,\n file: fs.readFileSync(path)\n };\n\n if (cacheControl) {\n data[\"Cache-Control\"] = cacheControl.value;\n }\n\n const formData = new FormData();\n Object.keys(data).forEach(key => {\n formData.append(key, data[key]);\n });\n\n const res = await fetch(url, {\n method: \"POST\",\n body: formData\n });\n\n if (res.status > 299) {\n throw new Error(`${res.statusText}\\n${await res.text()}`);\n }\n\n if (typeof onFileUploadSuccess === \"function\") {\n await onFileUploadSuccess({ paths: { full: path, relative: key } });\n }\n }\n resolve();\n } catch (e) {\n if (typeof onFileUploadError === \"function\") {\n await onFileUploadError({\n paths: { full: path, relative: key },\n error: e\n });\n }\n resolve();\n }\n })\n );\n }\n\n await Promise.all(promises);\n }\n};\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;AAEA,SAASA,eAAT,CAAyBC,IAAzB,EAAwD;EACpD,MAAMC,MAAM,GAAGC,OAAO,CAAC,QAAD,CAAtB;;EACA,MAAMC,IAAI,GAAGF,MAAM,CAACG,UAAP,CAAkB,KAAlB,CAAb;EAEA,OAAO,IAAIC,OAAJ,CAAYC,OAAO,IAAI;IAC1B,MAAMC,MAAM,GAAGC,WAAA,CAAGC,gBAAH,CAAoBT,IAApB,CAAf;;IACAO,MAAM,CAACG,EAAP,CAAU,MAAV,EAAkB,UAAUC,IAAV,EAAqB;MACnCR,IAAI,CAACS,MAAL,CAAYD,IAAZ,EAAkB,MAAlB;IACH,CAFD;IAIAJ,MAAM,CAACG,EAAP,CAAU,KAAV,EAAiB,YAAY;MACzBJ,OAAO,CAACH,IAAI,CAACU,MAAL,CAAY,KAAZ,CAAD,CAAP;IACH,CAFD;EAGH,CATM,CAAP;AAUH;;AAkCM,MAAMC,gBAAgB,GAAG,OAAO;EACnCC,IAAI,EAAEC,IAD6B;EAEnCC,MAFmC;EAGnCC,mBAHmC;EAInCC,iBAJmC;EAKnCC,gBALmC;EAMnC;EACAC,GAAG,GAAG,aAP6B;EAQnCC,YAAY,GAAG;AARoB,CAAP,KASF;EAC1B,MAAMC,EAAE,GAAG,IAAIC,UAAJ,CAAa;IAAEC,MAAM,EAAEC,OAAO,CAACC,GAAR,CAAYC;EAAtB,CAAb,CAAX;;EAEA,IAAI,CAACpB,WAAA,CAAGqB,UAAH,CAAcb,IAAd,CAAL,EAA0B;IACtB,MAAM,IAAIc,KAAJ,CAAU,yCAAV,CAAN;EACH;;EAED,MAAMC,KAAe,GAAG,EAAxB;EAEA,MAAM,IAAAC,8BAAA,EAAehB,IAAf,EAAqB,MAAOD,IAAP,IAAwB;IAC/CgB,KAAK,CAACE,IAAN,CAAWlB,IAAX;EACH,CAFK,CAAN;EAIA,MAAMmB,WAAW,GAAG,IAAAC,cAAA,EAAMJ,KAAN,EAAa,EAAb,CAApB;EAEA,MAAMK,aAA4B,GAAG,EAArC;;EACA,IAAI,OAAOd,YAAP,KAAwB,QAA5B,EAAsC;IAClCc,aAAa,CAACH,IAAd,CAAmB;MAAEI,OAAO,EAAE,IAAX;MAAiBC,KAAK,EAAEhB;IAAxB,CAAnB;EACH,CAFD,MAEO,IAAIiB,KAAK,CAACC,OAAN,CAAcJ,aAAd,CAAJ,EAAkC;IACrCA,aAAa,CAACH,IAAd,CAAmB,GAAGX,YAAtB;EACH;;EAED,KAAK,IAAImB,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGP,WAAW,CAACQ,MAAhC,EAAwCD,CAAC,EAAzC,EAA6C;IACzC,MAAMN,KAAK,GAAGD,WAAW,CAACO,CAAD,CAAzB;IAEA,MAAME,QAAQ,GAAG,EAAjB;;IACA,KAAK,IAAIC,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGT,KAAK,CAACO,MAA1B,EAAkCE,CAAC,EAAnC,EAAuC;MACnC,MAAM7B,IAAI,GAAGoB,KAAK,CAACS,CAAD,CAAlB;MAEAD,QAAQ,CAACV,IAAT,CACI,IAAI5B,OAAJ,CAAkB,MAAMC,OAAN,IAAiB;QAC/B;QACA,MAAMuC,GAAG,GAAG,IAAAC,cAAA,EAAS9B,IAAT,EAAeD,IAAf,EAAqBgC,OAArB,CAA6B,KAA7B,EAAoC,GAApC,CAAZ;;QACA,IAAI;UACA;UACA,MAAMC,QAAQ,GAAG,MAAMjD,eAAe,CAACgB,IAAD,CAAtC;UAEA,IAAIkC,UAAU,GAAG,KAAjB;;UACA,IAAI;YAAA;;YACA,MAAMC,cAAc,GAAG,MAAM3B,EAAE,CAC1B4B,UADwB,CACb;cACRC,MAAM,EAAEnC,MADA;cAERoC,GAAG,EAAER;YAFG,CADa,EAKxBS,OALwB,EAA7B;;YAOA,IAAI,0BAAAJ,cAAc,CAACK,QAAf,gFAAyBP,QAAzB,MAAsCA,QAA1C,EAAoD;cAChDC,UAAU,GAAG,IAAb;YACH;UACJ,CAXD,CAWE,MAAM,CACJ;UACH;;UAED,IAAIA,UAAJ,EAAgB;YACZ,IAAI,OAAO7B,gBAAP,KAA4B,UAAhC,EAA4C;cACxC,MAAMA,gBAAgB,CAAC;gBAAEW,KAAK,EAAE;kBAAEyB,IAAI,EAAEzC,IAAR;kBAAc+B,QAAQ,EAAED;gBAAxB;cAAT,CAAD,CAAtB;YACH;UACJ,CAJD,MAIO;YACH,MAAMvB,YAAY,GAAGc,aAAa,CAACqB,IAAd,CAAmBC,IAAI,IAAIA,IAAI,CAACrB,OAAL,CAAasB,IAAb,CAAkBd,GAAlB,CAA3B,CAArB;;YACA,MAAMe,WAAW,GAAGC,aAAA,CAAKC,OAAL,CAAa/C,IAAb,CAApB;;YAEA,MAAM;cAAEgD,GAAF;cAAOC;YAAP,IAAkB,MAAM,IAAAC,kCAAA,EAAiB;cAC3ChD,MAD2C;cAE3C4B,GAF2C;cAG3CxB,GAH2C;cAI3C2B,QAJ2C;cAK3CY,WAL2C;cAM3CtC,YAAY,EAAEA,YAAY,GAAGA,YAAY,CAACgB,KAAhB,GAAwB4B;YANP,CAAjB,CAA9B;;YASA,MAAMvD,IAAqC,mCACpCqD,MADoC;cAEvC,gBAAgBJ,WAAW,IAAI,EAFQ;cAGvC,uBAAuBZ,QAHgB;cAIvChD,IAAI,EAAEQ,WAAA,CAAG2D,YAAH,CAAgBpD,IAAhB;YAJiC,EAA3C;;YAOA,IAAIO,YAAJ,EAAkB;cACdX,IAAI,CAAC,eAAD,CAAJ,GAAwBW,YAAY,CAACgB,KAArC;YACH;;YAED,MAAM8B,QAAQ,GAAG,IAAIC,iBAAJ,EAAjB;YACAC,MAAM,CAACC,IAAP,CAAY5D,IAAZ,EAAkB6D,OAAlB,CAA0B3B,GAAG,IAAI;cAC7BuB,QAAQ,CAACK,MAAT,CAAgB5B,GAAhB,EAAqBlC,IAAI,CAACkC,GAAD,CAAzB;YACH,CAFD;YAIA,MAAM6B,GAAG,GAAG,MAAM,IAAAC,kBAAA,EAAMZ,GAAN,EAAW;cACzBa,MAAM,EAAE,MADiB;cAEzBC,IAAI,EAAET;YAFmB,CAAX,CAAlB;;YAKA,IAAIM,GAAG,CAACI,MAAJ,GAAa,GAAjB,EAAsB;cAClB,MAAM,IAAIhD,KAAJ,CAAW,GAAE4C,GAAG,CAACK,UAAW,KAAI,MAAML,GAAG,CAACM,IAAJ,EAAW,EAAjD,CAAN;YACH;;YAED,IAAI,OAAO9D,mBAAP,KAA+B,UAAnC,EAA+C;cAC3C,MAAMA,mBAAmB,CAAC;gBAAEa,KAAK,EAAE;kBAAEyB,IAAI,EAAEzC,IAAR;kBAAc+B,QAAQ,EAAED;gBAAxB;cAAT,CAAD,CAAzB;YACH;UACJ;;UACDvC,OAAO;QACV,CAnED,CAmEE,OAAO2E,CAAP,EAAU;UACR,IAAI,OAAO9D,iBAAP,KAA6B,UAAjC,EAA6C;YACzC,MAAMA,iBAAiB,CAAC;cACpBY,KAAK,EAAE;gBAAEyB,IAAI,EAAEzC,IAAR;gBAAc+B,QAAQ,EAAED;cAAxB,CADa;cAEpBqC,KAAK,EAAED;YAFa,CAAD,CAAvB;UAIH;;UACD3E,OAAO;QACV;MACJ,CA/ED,CADJ;IAkFH;;IAED,MAAMD,OAAO,CAAC8E,GAAR,CAAYxC,QAAZ,CAAN;EACH;AACJ,CA5HM"}