fjall 0.89.6 → 0.94.1

package/bin/assets/generators/account/files/infrastructure.ts

@@ -0,0 +1,17 @@
+#!/usr/bin/env node
+
+import {
+  App,
+  OrganisationFactory,
+  getConfig
+} from "@fjall/components-infrastructure";
+
+const config = getConfig();
+
+if (config.environment !== "platform" && config.environment !== "root") {
+  const app = App.getInstance();
+  const buildAccount = OrganisationFactory.build("Account", {
+    type: "account"
+  });
+  buildAccount(app);
+}

package/bin/assets/generators/account/generator.d.ts

@@ -0,0 +1,8 @@
+import { type Tree } from "@nx/devkit";
+import { z } from "zod";
+export declare const AccountGeneratorSchema: z.ZodObject<{
+    primaryRegion: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+}, z.core.$strict>;
+export type AccountGeneratorOptions = z.infer<typeof AccountGeneratorSchema>;
+export declare function accountGenerator(tree: Tree, options: AccountGeneratorOptions): Promise<void>;
+export default accountGenerator;

package/bin/assets/generators/account/generator.js

@@ -0,0 +1,2 @@
+import{join as i}from"path";import{renderEjsTemplates as m}from"../utils/renderEjs.js";import{copySharedCdkFiles as s}from"../utils/copySharedFiles.js";import{getOrganisationComponentPath as p}from"../../src/util/pathHelpers.js";import{z as a}from"zod";import{getZodErrorMessage as c,DEFAULT_REGION as f}from"@fjall/generator";const g=import.meta.dirname,d=a.object({primaryRegion:a.string().optional().default(f)}).strict();async function l(o,n){const r=d.safeParse(n);if(!r.success)throw new Error(`Invalid account generator options:
+${c(r.error)}`);const t=p("account"),e={primaryRegion:r.data.primaryRegion};m(o,i(g,"files"),t,e),s(o,t,{...e,packageName:"infra-app"})}var x=l;export{d as AccountGeneratorSchema,l as accountGenerator,x as default};

package/bin/assets/generators/account/index.d.ts

@@ -0,0 +1 @@
+export { accountGenerator, AccountGeneratorSchema, type AccountGeneratorOptions } from "./generator.js";

package/bin/assets/generators/account/index.js

@@ -0,0 +1 @@
+import{accountGenerator as r,AccountGeneratorSchema as c}from"./generator.js";export{c as AccountGeneratorSchema,r as accountGenerator};

package/bin/assets/generators/application/generator.d.ts

@@ -0,0 +1,4 @@
+import { type Tree } from "@nx/devkit";
+import { type ApplicationGeneratorOptions } from "@fjall/generator";
+export declare function applicationGenerator(tree: Tree, options: ApplicationGeneratorOptions): Promise<void>;
+export default applicationGenerator;

package/bin/assets/generators/application/generator.js

@@ -0,0 +1,28 @@
+import{join as m}from"path";import{copySharedCdkFiles as u}from"../utils/copySharedFiles.js";import{getInfrastructurePath as d,getAppPath as l}from"../../src/util/pathHelpers.js";import{planApplicationResources as f,planOpenNextResources as g,generateInfrastructureFromPlan as b,ApplicationGeneratorSchema as w,getZodErrorMessage as h}from"@fjall/generator";import{z as y}from"zod";async function C(n,r){let e;try{e=w.parse(r)}catch(t){throw t instanceof y.ZodError?new Error(`Invalid application generator options:
+${h(t)}`):t}let o;if(e.pattern){const t=e.includeDatabase??!0,a=e.patternTier||"standard",c=t?a==="custom"&&e.customDatabase?{type:e.customDatabase.type,instanceType:e.customDatabase.instanceType,databaseName:e.databaseName,backupRetention:e.customDatabase.backupRetention,deletionProtection:e.customDatabase.deletionProtection,encryption:e.customDatabase.encryption}:{databaseName:e.databaseName}:void 0,p=a==="custom"&&e.customCompute?{memorySize:e.customCompute.memorySize,timeout:e.customCompute.timeout}:void 0,i=g(e.name,e.pattern,{tier:a,domain:e.patternDomain,database:c,compute:p});if(!i.success)throw new Error(i.error.message);o=i.data}else if(e.type==="custom")o=await k(e);else{const t=e.services?.map(a=>({name:a.name,dockerfilePath:a.dockerfilePath,containerPort:a.containerPort,needsDatabaseConnection:a.needsDatabaseConnection,routing:a.routing}));o=f(e.name,e.type,e.includeDatabase??!0,t,{snapshotIdentifier:e.snapshotIdentifier,snapshotUsername:e.snapshotUsername})}e.owner&&(o.owner=e.owner),e.vpcId&&(o.vpcId=e.vpcId),e.network!==void 0&&(o.network=e.network===!1?void 0:e.network);const s=b(o);if(!s.success)throw new Error(s.error.message);if(n.write(d(e.name),s.data),e.pattern==="payload"||e.pattern==="nextjs"){const t=m(l(e.name),"open-next.config.ts");n.write(t,D())}u(n,e.name,{name:e.name,type:e.type,packageName:e.name})}async function k(n){const r=n.network||void 0;return{appName:n.name,type:"custom",owner:n.owner,network:r,database:[],s3:[],compute:[]}}function D(){return`// OpenNext configuration - Generated by Fjall CLI
+const sharpInstallConfig = {
+  packages: ["sharp@0.34.2", "typescript@5.7.3"],
+  arch: "arm64" as const,
+  nodeVersion: "20.0.0",
+  libc: "glibc" as const,
+};
+
+const config = {
+  default: {
+    install: sharpInstallConfig,
+    override: {
+      wrapper: "aws-lambda-streaming",
+      converter: "aws-apigw-v2",
+      incrementalCache: "s3-lite",
+      tagCache: "dynamodb-lite",
+      queue: "sqs-lite",
+    },
+  },
+  imageOptimization: {
+    loader: "s3",
+    install: sharpInstallConfig,
+  },
+};
+
+export default config;
+`}var R=C;export{C as applicationGenerator,R as default};

package/bin/assets/generators/application/index.d.ts

@@ -0,0 +1 @@
+export { applicationGenerator } from "./generator.js";

package/bin/assets/generators/application/index.js

@@ -0,0 +1 @@
+import{applicationGenerator as a}from"./generator.js";export{a as applicationGenerator};

package/bin/assets/generators/cdn/generator.d.ts

@@ -0,0 +1,4 @@
+import { type Tree } from "@nx/devkit";
+import { type CdnGeneratorOptions } from "@fjall/generator";
+export declare function cdnGenerator(tree: Tree, options: CdnGeneratorOptions): Promise<void>;
+export default cdnGenerator;

package/bin/assets/generators/cdn/generator.js

@@ -0,0 +1,4 @@
+import{withInfrastructurePlan as g}from"../utils/planning/generatorHelpers.js";import{CdnGeneratorSchema as p,toPascalCase as w}from"@fjall/generator";import{promptForConnection as b}from"../utils/prompts.js";import s from"prompts";function R(o){const n=[];for(const e of o.s3)n.push({name:e.name,description:"S3 Storage"});for(const e of o.compute)e.type==="lambda"?e.functionUrl&&n.push({name:e.name,description:"Lambda"}):e.type==="ecs"&&n.push({name:e.name,description:"ECS with ALB"});return n}function d(o,n){if(!n.some(i=>i.name===o)){const i=n.map(t=>t.name).join(", ");throw new Error(`Origin "${o}" not found in infrastructure. Available origins: ${i}`)}}async function y(o,n){const e=R(o);if(e.length===0)throw new Error("No available CDN origins found. Add an S3 bucket or compute resource with ALB/function URL first.");if(n.defaultOriginRef){if(d(n.defaultOriginRef,e),n.behaviours)for(const r of n.behaviours)d(r.originRef,e);return{defaultOriginRef:n.defaultOriginRef,behaviours:n.behaviours,...n.customDomain&&{customDomain:n.customDomain}}}if(n.nameProvidedByFlag)throw new Error("Default origin must be specified in non-interactive mode");let i;if(e.length===1)i=e[0].name,process.stdout.write(`
+  Auto-selected origin: ${i}
+`);else if(i=(await s([{type:"select",name:"origin",message:"Select the default origin:",choices:e.map(c=>({title:`${c.name} (${c.description})`,value:c.name}))}])).origin,!i)throw new Error("Origin selection cancelled");let t;const a=e.filter(r=>r.name!==i);if(a.length>0&&await b(a.length,"origin","Add path-based routing to another origin?","Add path-based routing to other origins?")){t=[];let c=!0;for(;c&&a.length>0;){const h=(await s([{type:"text",name:"pathPattern",message:"Path pattern (e.g., /static/*):"}])).pathPattern;if(!h)break;let m;if(a.length===1)m=a[0].name,process.stdout.write(`  Auto-selected origin: ${m}
+`);else if(m=(await s([{type:"select",name:"origin",message:"Origin for this path:",choices:a.map(f=>({title:`${f.name} (${f.description})`,value:f.name}))}])).origin,!m)break;const l=(await s([{type:"select",name:"cachePolicy",message:"Cache policy:",choices:[{title:"Caching Optimised",value:"CACHING_OPTIMIZED",description:"Best for static assets"},{title:"Caching Disabled",value:"CACHING_DISABLED",description:"Best for dynamic APIs"}]}])).cachePolicy;t.push({pathPattern:h,originRef:m,...l!==void 0&&{cachePolicy:l}}),c=(await s([{type:"confirm",name:"addMore",message:"Add another path route?",initial:!1}])).addMore}t.length===0&&(t=void 0)}let u;return(await s([{type:"confirm",name:"wantDomain",message:"Add a custom domain?",initial:!1}])).wantDomain&&(u=(await s([{type:"text",name:"domain",message:"Enter custom domain:"}])).domain||void 0),{defaultOriginRef:i,behaviours:t,...u!==void 0&&{customDomain:u}}}async function A(o,n){await g(o,p,n,"CDN",async({validated:e,plan:i})=>{if(i.cdn)throw new Error("A CDN is already configured for this application. Remove the existing CDN first.");const t=await y(i,e),a=e.name??`${w(e.appName)}Cdn`;return{...i,cdn:{name:a,defaultOriginRef:t.defaultOriginRef,...t.behaviours&&t.behaviours.length>0&&{behaviours:t.behaviours},...t.customDomain!==void 0&&{customDomain:t.customDomain},...e.certificateArn!==void 0&&{certificateArn:e.certificateArn},...e.accessGate!==void 0&&{accessGate:e.accessGate}}}})}var S=A;export{A as cdnGenerator,S as default};

package/bin/assets/generators/cdn/index.d.ts

@@ -0,0 +1 @@
+export { cdnGenerator } from "./generator.js";

package/bin/assets/generators/cdn/index.js

@@ -0,0 +1 @@
+import{cdnGenerator as o}from"./generator.js";export{o as cdnGenerator};

package/bin/assets/generators/compute/computeIntegrationHelpers.d.ts

@@ -0,0 +1,134 @@
+/**
+ * Shared helpers for compute integration tests.
+ *
+ * Extracted to allow splitting compute tests across multiple files
+ * for parallel execution without duplicating helper functions.
+ */
+import { type TierName, type EC2InstanceType, type EnvironmentValue } from "@fjall/generator";
+import { FileSystemTree } from "../utils/tree.js";
+import { type CfnTemplate, type ResourceEntry } from "../utils/integrationTestUtils.js";
+export { CLI_ROOT } from "../utils/integrationTestUtils.js";
+export declare function createTree(): FileSystemTree;
+/**
+ * Create a test app with the application generator
+ */
+export declare function createTestApp(tree: FileSystemTree, appName: string, tier: TierName | "custom"): Promise<void>;
+/**
+ * Add ECS compute to an existing app
+ */
+export declare function addEcsCompute(tree: FileSystemTree, appName: string, options: {
+    computeName: string;
+    capacityProvider?: "FARGATE" | "FARGATE_SPOT" | "EC2";
+    containerPort?: number;
+    containers?: Array<{
+        name: string;
+        image?: string;
+        port?: number;
+        environment?: Record<string, EnvironmentValue>;
+        essential?: boolean;
+    }>;
+    desiredCount?: number;
+    cpu?: number;
+    memoryLimitMiB?: number;
+    ec2Config?: {
+        instanceType?: string;
+        amiHardwareType?: "ARM" | "STANDARD";
+        minCapacity?: number;
+        maxCapacity?: number;
+        memoryLimitMiB?: number;
+    };
+}): Promise<void>;
+/**
+ * Add Lambda compute to an existing app
+ */
+export declare function addLambdaCompute(tree: FileSystemTree, appName: string, options: {
+    computeName: string;
+    timeout?: number;
+    memory?: number;
+    handler?: string;
+    runtime?: string;
+}): Promise<void>;
+/**
+ * Add ECS compute with multiple services to an existing app
+ */
+export declare function addMultiServiceEcsCompute(tree: FileSystemTree, appName: string, options: {
+    computeName: string;
+    capacityProvider?: "FARGATE" | "FARGATE_SPOT" | "EC2";
+    cluster?: {
+        domain?: string;
+        loadBalancer?: false | "public" | "internal";
+        directAccess?: boolean;
+    };
+    ec2Config?: {
+        instanceType?: string;
+        amiHardwareType?: "ARM" | "STANDARD";
+        minCapacity?: number;
+        maxCapacity?: number;
+        memoryLimitMiB?: number;
+    };
+    services: Array<{
+        name: string;
+        containers?: Array<{
+            name?: string;
+            port?: number;
+            image?: string;
+            ssmSecrets?: string[];
+        }>;
+        routing?: {
+            path?: string;
+            host?: string;
+            priority?: number;
+        } | Array<{
+            path?: string;
+            host?: string;
+            priority?: number;
+        }>;
+        cpu?: number;
+        memoryLimitMiB?: number;
+        desiredCount?: number;
+        ssmSecretsPath?: string;
+        capacityProvider?: "FARGATE" | "FARGATE_SPOT" | "EC2";
+        ec2Config?: {
+            instanceType?: string;
+            amiHardwareType?: "ARM" | "STANDARD";
+            minCapacity?: number;
+            maxCapacity?: number;
+            memoryLimitMiB?: number;
+        };
+    }>;
+}): Promise<void>;
+/**
+ * Add EC2 compute to an existing app
+ */
+export declare function addEc2Compute(tree: FileSystemTree, appName: string, options: {
+    computeName: string;
+    instanceType?: EC2InstanceType;
+    enableSSH?: boolean;
+}): Promise<void>;
+/**
+ * Expected configuration derived from tier preset
+ */
+export interface ExpectedEcsConfig {
+    capacityProvider: "FARGATE" | "FARGATE_SPOT" | "EC2";
+    cpu: string;
+    memory: string;
+    desiredCount: number;
+    isEc2Based: boolean;
+}
+/**
+ * Derive expected ECS configuration from tier preset
+ */
+export declare function getExpectedComputeConfigFromPreset(tier: TierName): ExpectedEcsConfig;
+/**
+ * ECS tiers - all tiers support ECS
+ */
+export declare const ECS_TIER_SUPPORT: TierName[];
+export declare function findEcsCluster(template: CfnTemplate): ResourceEntry | undefined;
+export declare function findEcsService(template: CfnTemplate): ResourceEntry | undefined;
+export declare function findEcsTaskDefinition(template: CfnTemplate): ResourceEntry | undefined;
+export declare function findLoadBalancer(template: CfnTemplate): ResourceEntry | undefined;
+export declare function findLambdaFunction(template: CfnTemplate): ResourceEntry | undefined;
+export declare function findAutoScalingGroup(template: CfnTemplate): ResourceEntry | undefined;
+export declare function findSecurityGroups(template: CfnTemplate): ResourceEntry[];
+export declare function findTargetGroups(template: CfnTemplate): ResourceEntry[];
+export declare function findListenerRules(template: CfnTemplate): ResourceEntry[];

package/bin/assets/generators/compute/computeIntegrationHelpers.js

@@ -0,0 +1 @@
+import{applicationGenerator as u}from"../application/generator.js";import{computeGenerator as o}from"./generator.js";import{getEcsPreset as m}from"@fjall/generator";import{FileSystemTree as d}from"../utils/tree.js";import{CLI_ROOT as p,findResourcesByType as n}from"../utils/integrationTestUtils.js";import{CLI_ROOT as h}from"../utils/integrationTestUtils.js";function g(){return new d(p)}async function S(t,r,e){await u(t,{name:r,type:e,includeDatabase:!1,network:{maxAzs:2,natGateways:{count:1},flowLogs:!1}})}async function v(t,r,e){const a=e.capacityProvider??"FARGATE";let c;e.containers?c=[{name:"TestService",capacityProvider:a,ec2Config:e.ec2Config,containers:e.containers,cpu:e.cpu,memoryLimitMiB:e.memoryLimitMiB,desiredCount:e.desiredCount}]:e.containerPort?c=[{name:"TestService",capacityProvider:a,ec2Config:e.ec2Config,containers:[{port:e.containerPort}],cpu:e.cpu,memoryLimitMiB:e.memoryLimitMiB,desiredCount:e.desiredCount}]:c=[{name:"TestService",capacityProvider:a,ec2Config:e.ec2Config}],await o(t,{appName:r,computeName:e.computeName,type:"ecs",nameProvidedByFlag:!0,connectionConfig:{connectToDatabase:[]},services:c})}async function E(t,r,e){await o(t,{appName:r,computeName:e.computeName,type:"lambda",nameProvidedByFlag:!0,connectionConfig:{connectToDatabase:[]},timeout:e.timeout,memory:e.memory,handler:e.handler,runtime:e.runtime})}async function T(t,r,e){const a=e.capacityProvider??"FARGATE",c=e.services.map(i=>({...i,capacityProvider:i.capacityProvider??a,ec2Config:i.ec2Config??(i.capacityProvider==="EC2"||!i.capacityProvider&&a==="EC2"?e.ec2Config:void 0)}));await o(t,{appName:r,computeName:e.computeName,type:"ecs",nameProvidedByFlag:!0,connectionConfig:{connectToDatabase:[]},cluster:e.cluster,services:c})}async function P(t,r,e){await o(t,{appName:r,computeName:e.computeName,type:"ec2",nameProvidedByFlag:!0,connectionConfig:{connectToDatabase:[]},instanceType:e.instanceType,enableSSH:e.enableSSH})}function x(t){const e=m(t).services[0];return{capacityProvider:e.capacityProvider,cpu:String(e.cpu??256),memory:String(e.memoryLimitMiB??512),desiredCount:e.desiredCount??1,isEc2Based:e.capacityProvider==="EC2"}}const A=["tinkerer","lightweight","standard","resilient","enterprise"];function L(t){return n(t,"AWS::ECS::Cluster")[0]}function B(t){return n(t,"AWS::ECS::Service")[0]}function b(t){return n(t,"AWS::ECS::TaskDefinition")[0]}function G(t){return n(t,"AWS::ElasticLoadBalancingV2::LoadBalancer")[0]}function w(t){return n(t,"AWS::Lambda::Function")[0]}function F(t){return n(t,"AWS::AutoScaling::AutoScalingGroup")[0]}function W(t){return n(t,"AWS::EC2::SecurityGroup")}function R(t){return n(t,"AWS::ElasticLoadBalancingV2::TargetGroup")}function N(t){return n(t,"AWS::ElasticLoadBalancingV2::ListenerRule")}export{h as CLI_ROOT,A as ECS_TIER_SUPPORT,P as addEc2Compute,v as addEcsCompute,E as addLambdaCompute,T as addMultiServiceEcsCompute,S as createTestApp,g as createTree,F as findAutoScalingGroup,L as findEcsCluster,B as findEcsService,b as findEcsTaskDefinition,w as findLambdaFunction,N as findListenerRules,G as findLoadBalancer,W as findSecurityGroups,R as findTargetGroups,x as getExpectedComputeConfigFromPreset};

package/bin/assets/generators/compute/generator.d.ts

@@ -0,0 +1,4 @@
+import { type Tree } from "@nx/devkit";
+import { type ComputeGeneratorOptions } from "@fjall/generator";
+export declare function computeGenerator(tree: Tree, options: ComputeGeneratorOptions): Promise<void>;
+export default computeGenerator;

package/bin/assets/generators/compute/generator.js

@@ -0,0 +1 @@
+import{assertResourceNameUnique as o}from"../utils/resources/resourceDetection.js";import{withInfrastructurePlan as s}from"../utils/planning/generatorHelpers.js";import{ComputeGeneratorSchema as i}from"@fjall/generator";import{ensureUniqueResourceName as f}from"../utils/resources/resourceNaming.js";import{promptForConnection as y,selectResources as h}from"../utils/prompts.js";function p(r,e,n){const t=n.length>0;switch(e.type){case"ecs":return{name:r,type:"ecs",needsConnection:t,connectedDatabase:n,cluster:e.cluster,services:e.services,dockerfilePath:e.dockerfilePath};case"lambda":return{name:r,type:"lambda",needsConnection:t,connectedDatabase:n,timeout:e.timeout,memory:e.memory,handler:e.handler,runtime:e.runtime,environment:e.environment,secrets:e.secrets};case"ec2":return{name:r,type:"ec2",needsConnection:t,connectedDatabase:n,instanceType:e.instanceType,enableSSH:e.enableSSH,keyName:e.keyName,userData:e.userData,securityGroups:e.securityGroups};default:return e}}async function C(r,e){await s(r,i,e,"compute",async({tree:n,validated:t,plan:a})=>{t.nameProvidedByFlag||o(n,t.appName,t.computeName);const c=t.nameProvidedByFlag?f(n,t.appName,t.computeName):t.computeName,m=await b(t,a),u=p(c,t,m);return{...a,compute:[...a.compute,u]}})}async function b(r,e){return r.connectionConfig?r.connectionConfig.connectToDatabase??[]:e.database.length>0&&!r.nameProvidedByFlag&&await y(e.database.length,"database","Connect to existing database?","Found {count} databases. Configure connections?")?h(e.database,"Select databases to connect:",t=>`${t.type} - ${t.databaseName}`):[]}var w=C;export{C as computeGenerator,w as default};

package/bin/assets/generators/compute/index.d.ts

@@ -0,0 +1 @@
+export { computeGenerator } from "./generator.js";

package/bin/assets/generators/compute/index.js

@@ -0,0 +1 @@
+import{computeGenerator as r}from"./generator.js";export{r as computeGenerator};

package/bin/assets/generators/compute/service/generator.d.ts

@@ -0,0 +1,4 @@
+import { type Tree } from "@nx/devkit";
+import { type AddServiceGeneratorOptions } from "@fjall/generator";
+export declare function serviceGenerator(tree: Tree, options: AddServiceGeneratorOptions): Promise<void>;
+export default serviceGenerator;

package/bin/assets/generators/compute/service/generator.js

@@ -0,0 +1 @@
+import{AddServiceGeneratorSchema as g}from"@fjall/generator";import{withInfrastructurePlan as p,pickDefined as h}from"../../utils/planning/generatorHelpers.js";async function l(m,f){await p(m,g,f,"service",({validated:n,plan:o})=>{const t=o.compute.find(e=>e.name===n.clusterName&&e.type==="ecs");if(!t)throw new Error(`ECS cluster '${n.clusterName}' not found. Available clusters: ${o.compute.filter(e=>e.type==="ecs").map(e=>e.name).join(", ")||"none"}`);const c=t.services||[];if(c.some(e=>e.name===n.serviceName))throw new Error(`Service '${n.serviceName}' already exists in cluster '${n.clusterName}'`);const i={name:n.serviceName,capacityProvider:n.capacityProvider,...h(n,"dockerfilePath","dockerTarget","cpu","memoryLimitMiB","desiredCount","ec2Config","routing")};if(n.containerPort&&(i.containers=[{port:n.containerPort}]),n.connectionConfig?.connectToDatabase?.length){i.needsDatabaseConnection=!0;const e=t.connectedDatabase||[],r=n.connectionConfig.connectToDatabase.filter(a=>!e.includes(a));r.length>0&&(t.connectedDatabase=[...e,...r],t.needsConnection=!0)}t.services=[...c,i];const s=t.services.filter(e=>e.containers?.some(r=>r.port));if(s.length>1){const e=s.filter(r=>!(Array.isArray(r.routing)?r.routing:r.routing?[r.routing]:[]).some(u=>u.path||u.host));if(e.length>0)throw new Error(`Multiple services have container ports \u2014 all must have routing configuration. Services missing routing: ${e.map(r=>r.name).join(", ")}`)}return o})}var y=l;export{y as default,l as serviceGenerator};

package/bin/assets/generators/compute/service/index.d.ts

@@ -0,0 +1 @@
+export { serviceGenerator, serviceGenerator as default } from "./generator.js";

package/bin/assets/generators/compute/service/index.js

@@ -0,0 +1 @@
+import{serviceGenerator as a,serviceGenerator as o}from"./generator.js";export{o as default,a as serviceGenerator};

package/bin/assets/generators/database/databaseIntegrationTestUtils.d.ts

@@ -0,0 +1,134 @@
+/**
+ * Database Integration Test Utilities
+ *
+ * Shared utilities for database integration tests.
+ * Extracted to enable parallel test execution across split test files.
+ *
+ * @see aiDocs/architecture/TESTING_STRATEGY.md
+ */
+import { type TierName } from "@fjall/generator";
+import type { FileSystemTree } from "../utils/tree.js";
+import { type CfnTemplate, type ResourceEntry } from "../utils/integrationTestUtils.js";
+export { CLI_ROOT, findSecurityGroupByDescription } from "../utils/integrationTestUtils.js";
+export type { TierName } from "@fjall/generator";
+/**
+ * Assert that a security group has a self-referencing ingress rule,
+ * optionally checking the port matches.
+ */
+export declare function expectSecurityGroupSelfReferencing(template: CfnTemplate, description: string, options?: {
+    port?: number;
+    checkToPort?: boolean;
+}): void;
+/**
+ * Create a test app with the application generator
+ */
+export declare function createTestApp(tree: FileSystemTree, appName: string, tier: TierName | "custom"): Promise<void>;
+/**
+ * Database options for addDatabase helper
+ */
+export interface AddDatabaseOptions {
+    databaseName: string;
+    databaseType: "Instance" | "Aurora" | "GlobalAurora";
+    resourceName: string;
+    tier?: TierName;
+    instanceType?: string;
+    multiAz?: boolean;
+    readReplica?: {
+        instanceType?: string;
+    } | false;
+    publiclyAccessible?: boolean;
+    readers?: {
+        count: number;
+    } | false;
+    backupRetention?: number;
+    primaryRegion?: string;
+    secondaryRegions?: string[];
+    enableGlobalWriteForwarding?: boolean;
+    port?: number;
+    proxy?: {
+        requireTLS?: boolean;
+        maxConnections?: number;
+    } | false;
+    credentials?: {
+        username?: string;
+        secretRotation?: {
+            automaticallyAfterDays?: number;
+        } | false;
+    };
+    databaseInsights?: {
+        mode?: "standard" | "advanced";
+        encryptionKey?: {
+            useCMK: true;
+        } | {
+            awsManaged: true;
+        };
+    } | false;
+    encryption?: {
+        storageKey?: {
+            useCMK: true;
+        } | {
+            awsManaged: true;
+        };
+    };
+}
+/**
+ * Add a database to an existing app
+ */
+export declare function addDatabase(tree: FileSystemTree, appName: string, options: AddDatabaseOptions): Promise<void>;
+/**
+ * Find the primary RDS Instance (not a read replica)
+ */
+export declare function findPrimaryDbInstance(template: CfnTemplate): ResourceEntry | undefined;
+/**
+ * Find read replica RDS Instances
+ */
+export declare function findReadReplicas(template: CfnTemplate): ResourceEntry[];
+/**
+ * Find Aurora DB Cluster
+ */
+export declare function findAuroraCluster(template: CfnTemplate): ResourceEntry | undefined;
+/**
+ * Find Aurora DB Instances (writer + readers)
+ */
+export declare function findAuroraInstances(template: CfnTemplate): ResourceEntry[];
+/**
+ * Find RDS Proxy resources
+ */
+export declare function findRdsProxy(template: CfnTemplate): ResourceEntry | undefined;
+/**
+ * Find KMS Keys (for encryption validation)
+ */
+export declare function findKmsKeys(template: CfnTemplate): ResourceEntry[];
+/**
+ * Find Security Groups
+ */
+export declare function findSecurityGroups(template: CfnTemplate): ResourceEntry[];
+/**
+ * Extract security group logical ID from a CloudFormation reference
+ * Handles both { Ref: logicalId } and { "Fn::GetAtt": [logicalId, "GroupId"] }
+ */
+export declare function extractSecurityGroupRef(ref: unknown): string | undefined;
+/**
+ * Find Security Group Ingress rules
+ * Returns rules that reference the given security group (self-referencing)
+ */
+export declare function findSelfReferencingIngressRules(template: CfnTemplate, securityGroupLogicalId: string): ResourceEntry[];
+/**
+ * Expected database configuration interface
+ */
+export interface ExpectedDatabaseConfig {
+    port: number;
+    deletionProtection: boolean;
+    hasProxy: boolean;
+    proxyRequireTLS: boolean;
+    hasReadReplica: boolean;
+    multiAz: boolean;
+    storageEncrypted: boolean;
+    databaseInsightsEnabled: boolean;
+    backupRetentionPeriod: number;
+}
+/**
+ * Derive expected configuration from tier preset
+ * This ensures tests validate against the same source of truth as production code
+ */
+export declare function getExpectedConfigFromPreset(tier: TierName, databaseType: "Instance" | "Aurora" | "GlobalAurora"): ExpectedDatabaseConfig;

package/bin/assets/generators/database/databaseIntegrationTestUtils.js

@@ -0,0 +1 @@
+import{applicationGenerator as R}from"../application/generator.js";import{databaseGenerator as x}from"./generator.js";import{DEFAULT_DATABASE_PORT as S,getDatabasePreset as u}from"@fjall/generator";import{expect as a}from"vitest";import{findResourcesByType as s,findSecurityGroupByDescription as A}from"../utils/integrationTestUtils.js";import{CLI_ROOT as K,findSecurityGroupByDescription as L}from"../utils/integrationTestUtils.js";function T(t,r,e){const n=b(t),i=A(n,r);a(i).toBeDefined();const o=m(t,i.logicalId);a(o.length).toBeGreaterThan(0),e?.port!==void 0&&(a(Number(o[0].properties.FromPort)).toBe(e.port),e.checkToPort&&a(Number(o[0].properties.ToPort)).toBe(e.port))}async function P(t,r,e){await R(t,{name:r,type:e,includeDatabase:!1,network:{maxAzs:2,natGateways:{count:1},flowLogs:!1}})}async function h(t,r,e){const n=e.tier?u(e.tier,e.databaseType):void 0,{tier:i,databaseName:o,databaseType:c,resourceName:f,...d}=e,l=n?{port:n.port,proxy:n.proxy,databaseInsights:n.databaseInsights,encryption:n.encryption,backupRetention:n.backupRetention,...c==="Instance"&&{instanceType:n.instanceType,multiAz:n.multiAz,readReplica:n.readReplica,publiclyAccessible:n.publiclyAccessible},...(c==="Aurora"||c==="GlobalAurora")&&{readers:n.readers}}:{},y={appName:r,databaseName:o,databaseType:c,resourceName:f,nameProvidedByFlag:!0,connectionConfig:{connectToCompute:[]},...l,...d};await x(t,y)}function C(t){return s(t,"AWS::RDS::DBInstance").find(e=>!e.properties.SourceDBInstanceIdentifier)}function E(t){return s(t,"AWS::RDS::DBInstance").filter(e=>e.properties.SourceDBInstanceIdentifier)}function W(t){return s(t,"AWS::RDS::DBCluster")[0]}function w(t){return s(t,"AWS::RDS::DBInstance").filter(e=>e.properties.DBClusterIdentifier)}function k(t){return s(t,"AWS::RDS::DBProxy")[0]}function F(t){return s(t,"AWS::KMS::Key")}function b(t){return s(t,"AWS::EC2::SecurityGroup")}function p(t){if(!t||typeof t!="object")return;const r=t;if(typeof r.Ref=="string")return r.Ref;const e=r["Fn::GetAtt"];if(Array.isArray(e)&&typeof e[0]=="string")return e[0]}function m(t,r){return s(t,"AWS::EC2::SecurityGroupIngress").filter(n=>{const i=p(n.properties.SourceSecurityGroupId),o=p(n.properties.GroupId);return i===r&&o===r})}function O(t,r){const e=u(t,r);if(!e)throw new Error(`No preset found for ${t}/${r}`);const n=e.port??S,i=e.proxy!==!1&&e.proxy!==void 0,o=i&&typeof e.proxy=="object"?e.proxy.requireTLS??!0:!0;return{port:n,deletionProtection:!0,hasProxy:i,proxyRequireTLS:o,hasReadReplica:r==="Instance"&&e.readReplica!==!1&&e.readReplica!==void 0,multiAz:e.multiAz!==!1,storageEncrypted:!0,databaseInsightsEnabled:e.databaseInsights!==!1,backupRetentionPeriod:e.backupRetention??14}}export{K as CLI_ROOT,h as addDatabase,P as createTestApp,T as expectSecurityGroupSelfReferencing,p as extractSecurityGroupRef,W as findAuroraCluster,w as findAuroraInstances,F as findKmsKeys,C as findPrimaryDbInstance,k as findRdsProxy,E as findReadReplicas,L as findSecurityGroupByDescription,b as findSecurityGroups,m as findSelfReferencingIngressRules,O as getExpectedConfigFromPreset};

package/bin/assets/generators/database/generator.d.ts

@@ -0,0 +1,4 @@
+import { type Tree } from "@nx/devkit";
+import { type DatabaseGeneratorOptions } from "@fjall/generator";
+export declare function databaseGenerator(tree: Tree, options: DatabaseGeneratorOptions): Promise<void>;
+export default databaseGenerator;

package/bin/assets/generators/database/generator.js

@@ -0,0 +1 @@
+import{assertResourceNameUnique as u,databaseExists as m}from"../utils/resources/resourceDetection.js";import{pickDefined as s,withInfrastructurePlan as b}from"../utils/planning/generatorHelpers.js";import{DatabaseGeneratorSchema as p}from"@fjall/generator";import{handleResourceConnections as d}from"../utils/resources/connectionHelpers.js";function f(t,e){const r={name:t,type:e.databaseType,databaseName:e.databaseName,...s(e,"databaseInsights","port","proxy","credentials","encryption","deletionProtection")};switch(e.databaseType){case"Instance":return{...r,...s(e,"instanceType","multiAz","readReplica","publiclyAccessible","backupRetention","snapshotIdentifier","snapshotUsername")};case"Aurora":return{...r,...s(e,"writer","readers","backupRetention","preferredMaintenanceWindow","snapshotIdentifier","snapshotUsername")};case"GlobalAurora":return{...r,primaryRegion:e.primaryRegion,...e.secondaryRegions&&e.secondaryRegions.length>0&&{secondaryRegions:e.secondaryRegions},...s(e,"globalClusterIdentifier","enableGlobalWriteForwarding","writer","readers","backupRetention","preferredMaintenanceWindow","snapshotIdentifier","snapshotUsername")};default:return e}}async function l(t,e){await b(t,p,e,"database",async({tree:r,validated:a,plan:o})=>{const n=a.resourceName||`${a.appName}Database`;if(u(r,a.appName,n),m(r,a.appName,a.databaseName))throw new Error(`Database name '${a.databaseName}' already exists in ${a.appName}. Please choose a different database name.`);const i=f(n,a),c={...o,database:[...o.database,i]};return await d(c,a,n,"database",{singularPrompt:"Found an existing compute resource. Configure database access for it?",pluralPrompt:"Found {count} compute resources. Configure database access for them?"}),c})}var w=l;export{l as databaseGenerator,w as default};

package/bin/assets/generators/database/index.d.ts

@@ -0,0 +1 @@
+export { databaseGenerator } from "./generator.js";

package/bin/assets/generators/database/index.js

@@ -0,0 +1 @@
+import{databaseGenerator as r}from"./generator.js";export{r as databaseGenerator};

package/bin/assets/generators/database/proxy/generator.d.ts

@@ -0,0 +1,4 @@
+import { type Tree } from "@nx/devkit";
+import { type AddProxyGeneratorOptions } from "@fjall/generator";
+export declare function proxyGenerator(tree: Tree, options: AddProxyGeneratorOptions): Promise<void>;
+export default proxyGenerator;

package/bin/assets/generators/database/proxy/generator.js

@@ -0,0 +1 @@
+import{AddProxyGeneratorSchema as i}from"@fjall/generator";import{withInfrastructurePlan as m,pickDefined as b}from"../../utils/planning/generatorHelpers.js";async function f(t,s){await m(t,i,s,"proxy",({validated:e,plan:r})=>{const a=r.database.find(o=>o.name===e.databaseName||o.databaseName===e.databaseName);if(!a)throw new Error(`Database '${e.databaseName}' not found. Available databases: ${r.database.map(o=>o.name).join(", ")||"none"}`);if(a.proxy!==void 0&&a.proxy!==!1)throw new Error(`Database '${a.name}' already has RDS Proxy enabled.`);const n=b(e,"maxConnections","maxIdleConnections","connectionBorrowTimeout","requireTLS");return a.proxy=Object.keys(n).length>0?n:{},r})}var x=f;export{x as default,f as proxyGenerator};

package/bin/assets/generators/database/proxy/index.d.ts

@@ -0,0 +1 @@
+export { proxyGenerator, proxyGenerator as default } from "./generator.js";

package/bin/assets/generators/database/proxy/index.js

@@ -0,0 +1 @@
+import{proxyGenerator as o,proxyGenerator as a}from"./generator.js";export{a as default,o as proxyGenerator};

package/bin/assets/generators/domain/files/infrastructure.ts.ejs

@@ -0,0 +1,22 @@
+import {
+  App,
+  Domain,
+} from "@fjall/components-infrastructure";
+
+// Fjall-managed domain — edit this file to add or change records.
+// See docs/domains.md for the Domain construct API.
+
+const app = App.getApp("<%= safeZoneName %>Domain");
+
+new Domain(app, "<%= safeZoneName %>", {
+  registrar: "route53",
+  zoneName: "<%= domainName %>",
+<% if (hostedZoneId) { -%>
+  hostedZoneId: "<%= hostedZoneId %>",
+<% } -%>
+  certificates: [
+    { domainName: "<%= domainName %>" },
+  ],
+  records: [],
+  delegations: [],
+});

package/bin/assets/generators/domain/files/zone.bind.ejs

@@ -0,0 +1,14 @@
+; zone.bind — managed by fjall
+; Edit this file and run 'fjall deploy domain' to apply changes
+$ORIGIN <%= domainName %>.
+$TTL 300
+
+; Certificate for this domain
+$FJALL-CERT <%= domainName %>
+
+; Add your DNS records below
+; Examples:
+; @       IN  A       ALIAS fjall:cdn:my-app
+; www     IN  CNAME   <%= domainName %>.
+; api     IN  A       ALIAS fjall:ecs:my-api
+; @       IN  MX  10  mail.<%= domainName %>.

package/bin/assets/generators/domain/generator.d.ts

@@ -0,0 +1,10 @@
+import { type Tree } from "@nx/devkit";
+import { z } from "zod";
+export declare const DomainGeneratorSchema: z.ZodObject<{
+    domainName: z.ZodString;
+    hostedZoneId: z.ZodOptional<z.ZodString>;
+    infrastructureTs: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+export type DomainGeneratorOptions = z.infer<typeof DomainGeneratorSchema>;
+export declare function domainGenerator(tree: Tree, options: DomainGeneratorOptions): Promise<void>;
+export default domainGenerator;

package/bin/assets/generators/domain/generator.js

@@ -0,0 +1,2 @@
+import{join as i}from"path";import{renderEjsTemplates as d}from"../utils/renderEjs.js";import{copySharedCdkFiles as p}from"../utils/copySharedFiles.js";import{getDomainComponentPath as c}from"../../src/util/pathHelpers.js";import{z as e}from"zod";import{VALIDATION_PATTERNS as f,VALIDATION_MESSAGES as l,getZodErrorMessage as u}from"@fjall/generator";import{toPascalCase as N}from"../../src/util/caseConversion.js";const g=import.meta.dirname,I=e.object({domainName:e.string().regex(f.DOMAIN,l.DOMAIN),hostedZoneId:e.string().optional(),infrastructureTs:e.string().optional()}).strict();async function h(t,s){const r=I.safeParse(s);if(!r.success)throw new Error(`Invalid domain generator options:
+${u(r.error)}`);const o=r.data,m=N(o.domainName.split(".").join("")),a=c(o.domainName),n={domainName:o.domainName,safeZoneName:m,hostedZoneId:o.hostedZoneId??""};d(t,i(g,"files"),a,n),o.infrastructureTs!==void 0&&t.write(i(a,"infrastructure.ts"),o.infrastructureTs),p(t,a,{...n,packageName:`domain-${o.domainName}`})}var Z=h;export{I as DomainGeneratorSchema,Z as default,h as domainGenerator};

package/bin/assets/generators/domain/index.d.ts

@@ -0,0 +1 @@
+export { domainGenerator, DomainGeneratorSchema, type DomainGeneratorOptions } from "./generator.js";

package/bin/assets/generators/domain/index.js

@@ -0,0 +1 @@
+import{domainGenerator as r,DomainGeneratorSchema as a}from"./generator.js";export{a as DomainGeneratorSchema,r as domainGenerator};

package/bin/assets/generators/messaging/index.d.ts

@@ -0,0 +1 @@
+export {};

package/bin/assets/generators/network/generator.d.ts

@@ -0,0 +1,4 @@
+import { type Tree } from "@nx/devkit";
+import { type NetworkGeneratorOptions } from "@fjall/generator";
+export declare function networkGenerator(tree: Tree, options: NetworkGeneratorOptions): Promise<void>;
+export default networkGenerator;

package/bin/assets/generators/network/generator.js

@@ -0,0 +1 @@
+import{pickDefined as a,withInfrastructurePlan as w}from"../utils/planning/generatorHelpers.js";import{NetworkGeneratorSchema as k}from"@fjall/generator";async function i(r,n){await w(r,k,n,"network",({validated:t,plan:o})=>{const e=a(t,"maxAzs","natGateways","flowLogs","vpcEndpoints");return t.networkName?{...o,additionalNetworks:[...o.additionalNetworks??[],{name:t.networkName,...e}]}:{...o,network:{...o.network??{},...e}}})}var c=i;export{c as default,i as networkGenerator};

package/bin/assets/generators/network/index.d.ts

@@ -0,0 +1 @@
+export { networkGenerator } from "./generator.js";

package/bin/assets/generators/network/index.js

@@ -0,0 +1 @@
+import{networkGenerator as o}from"./generator.js";export{o as networkGenerator};

package/bin/assets/generators/organisation/files/account/infrastructure.ts

@@ -0,0 +1,25 @@
+#!/usr/bin/env node
+
+import { App, OrganisationFactory, getConfig } from "@fjall/components-infrastructure";
+
+const config = getConfig();
+
+if (config.environment !== "platform" && config.environment !== "root") {
+  const app = App.getInstance();
+  const account = OrganisationFactory.build("Account", { type: "account" })(app);
+<% if (security === "foundation" || security === "compliance" || security === "hardened") { -%>
+
+  account.enableGuardDuty();
+  account.enableSecurityHub();
+  account.enableConfigRecorder();
+  account.enableAccessAnalyser();
+<% } -%>
+<% if (security === "compliance") { -%>
+  account.enableInspector();
+  account.enableConfigRules({ preset: "essential" });
+<% } -%>
+<% if (security === "hardened") { -%>
+  account.enableInspector();
+  account.enableConfigRules({ preset: "production" });
+<% } -%>
+}

package/bin/assets/generators/organisation/files/organisation/infrastructure.ts

@@ -0,0 +1,46 @@
+#!/usr/bin/env node
+
+import { OrganisationFactory, getConfig, env } from "@fjall/components-infrastructure";
+
+export const ACCOUNTS = {
+  security: [],
+  workloads: {
+    production: ["Production"],
+    staging: ["Staging"],
+    development: ["Development"],
+    compliance: ["BusinessContinuity"]
+  },
+  platform: "Platform",
+  suspended: []
+};
+
+const config = getConfig();
+
+const ALLOWED_REGIONS = env({
+  default: [] as string[]
+});
+
+if (config.environment === "root") {
+  const organisation = OrganisationFactory.build("Organisation", {
+    type: "organisation",
+    accounts: ACCOUNTS,
+    organisationName: "<%= name %>",
+    orgEmail: "<%= email %>"
+  });
+<% if (security === "compliance") { -%>
+
+  organisation.enableScps({
+    preset: "standard",
+    rootId: organisation.node.tryGetContext("rootId"),
+    allowedRegions: ALLOWED_REGIONS
+  });
+<% } -%>
+<% if (security === "hardened") { -%>
+
+  organisation.enableScps({
+    preset: "hardened",
+    rootId: organisation.node.tryGetContext("rootId"),
+    allowedRegions: ALLOWED_REGIONS
+  });
+<% } -%>
+}