npm - kybernus - Versions diffs - 2.2.0 → 2.3.0 - Mend

kybernus 2.2.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (101) hide show

package/templates/java-spring/clean/src/main/java/{{packagePath}}/application/usecase/PaymentUseCase.java.hbs ADDED Viewed

@@ -0,0 +1,89 @@
+package {{packageName}}.application.usecase;
+import {{packageName}}.domain.entity.User;
+import {{packageName}}.domain.repository.UserRepository;
+import {{packageName}}.infrastructure.stripe.StripeGateway;
+import com.stripe.model.Event;
+import com.stripe.model.checkout.Session;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+@Service
+public class PaymentUseCase {
+    private static final Logger logger = LoggerFactory.getLogger(PaymentUseCase.class);
+    private final UserRepository userRepository;
+    private final StripeGateway stripeGateway;
+    public PaymentUseCase(UserRepository userRepository, StripeGateway stripeGateway) {
+        this.userRepository = userRepository;
+        this.stripeGateway = stripeGateway;
+    }
+    public String createCheckoutSession(String userId, String pricpackage {{packageName}}.application.usecase;
+import {{packageName}}.domain.l.UUID.fromString(userId))
+                .orElseThrow(() -> new RuntimeException("User not found"));
+        String customerId = user.getStripeCustomerId();
+        if (customerId == null || customerId.isEmpty()) {
+            cuimport com.stripeGateway.createCustomer(user.getEmail(), userId).getId();
+            user.setStripeCustomerId(customerId);
+            userRepository.save(user);
+        }
+        Session session = stripeGateway.createCheckoutSession(customerId, priceId, userId);
+        retu
+    private final UserRepository userRString createPortalSession(String userId) throws Exception {
+        User user = userRepository.findById(java.util.UUID.fromString(userId))
+                .orElseThrow(() -> new RuntimeException("User not found"));
+        if (user.getStripeCustomerId() == null) {
+            throw new RuntimeException("No Stripe customer found for this user");
+        }
+        return stripeGateway.createPortalSession(user.getStripeCustomerId()).getUrl();
+    }
+    public void handleWebhook(String payload, String sigHeader) throws Exception {
+        Event event = stripeGateway.constructWebhookEvent(payload, sigHeader);
+        switch (event.getType()) {
+            case "checkout.session.completed": {
+                Session session = (Session) event.getDataObjectDeserializer().getObject().orElse(null);
+                if (session != null && session.getClientReferenceId() != null) {
+                    String userId = session.getClientReferenceId();
+                    userRepository.findById(java.util.UUID.fromString(userId)).ifPresent(user -> {
+                        user.setStripeCustomerId(session.getCustomer());
+                        userRepository.save(user);
+                    });
+                    logger.info("Checkout completed for user: {}", userId);
+                }
+                break;
+            }
+            case "customer.subscription.updated": {
+                com.stripe.model.Subscription sub =
+                        (com.stripe.model.Subscription) event.getDataObjectDeserializer().getObject().orElse(null);
+                if (sub != null) logger.info("Subscription updated: {} | Status: {}", sub.getId(), sub.getStatus());
+                break;
+            }
+            case "customer.subscription.deleted": {
+                com.stripe.model.Subscription sub =
+                        (com.stripe.model.Subscription) event.getDataObjectDeserializer().getObject().orElse(null);
+                if (sub != null) logger.info("Subscription deleted: {}", sub.getId());
+                break;
+            }
+            case "invoice.payment_failed": {
+                com.stripe.model.Invoice invoice =
+                        (com.stripe.model.Invoice) event.getDataObjectDeserializer().getObject().orElse(null);
+                if (invoice != null) logger.info("Payment failed for invoice: {}", invoice.getId());
+                break;
+            }
+            default:
+                logger.info("Unhandled Stripe event: {}", event.getType());
+        }
+    }
+}

package/templates/java-spring/clean/src/main/java/{{packagePath}}/infrastructure/web/payment/PaymentController.java.hbs ADDED Viewed

@@ -0,0 +1,78 @@
+package {{packageName}}.infrastructure.web.payment;
+import {{packageName}}.application.usecase.PaymentUseCase;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.*;
+import java.util.Map;
+@RestController
+@RequestMapping("/api/payments")
+public class PaymentController {
+    private static final Logger logger = LoggerFactory.getLogger(PaymentController.class);
+    private final PaymentUseCase paymentUseCase;
+    public PaymentController(PaymentUseCase paymentUseCase) {
+        this.paymentUseCase = paymentUseCase;
+    }
+    /**
+     * POST /api/payments/checkout
+     * Requires authentication.
+     */
+    @PostMapping("/checkout")
+    public ResponseEntity<?> createCheckout(
+            @AuthenticationPrincipal UserDetails userDetails,
+            @RequestBody Map<String, String> body) {
+        try {
+            String priceId = body.get("priceId");
+            if (priceId == null || priceId.isEmpty()) {
+                return ResponseEntity.badRequest().body(Map.of("error", "priceId is required"));
+            }
+            String url = paymentUseCase.createCheckoutSession(userDetails.getUsername(), priceId);
+            return ResponseEntity.ok(Map.of("url", url));
+        } catch (Exception e) {
+            logger.error("Checkout error", e);
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(Map.of("error", e.getMessage()));
+        }
+    }
+    /**
+     * POST /api/payments/portal
+     * Requires authentication.
+     */
+    @PostMapping("/portal")
+    public ResponseEntity<?> createPortal(@AuthenticationPrincipal UserDetails userDetails) {
+        try {
+            String url = paymentUseCase.createPortalSession(userDetails.getUsername());
+            return ResponseEntity.ok(Map.of("url", url));
+        } catch (Exception e) {
+            logger.error("Portal error", e);
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(Map.of("error", e.getMessage()));
+        }
+    }
+    /**
+     * POST /api/payments/webhook
+     * No authentication. Stripe sends raw body.
+     */
+    @PostMapping("/webhook")
+    public ResponseEntity<String> webhook(
+            @RequestBody String payload,
+            @RequestHeader("Stripe-Signature") String sigHeader) {
+        try {
+            paymentUseCase.handleWebhook(payload, sigHeader);
+            return ResponseEntity.ok("{\"received\": true}");
+        } catch (Exception e) {
+            logger.warn("Webhook error: {}", e.getMessage());
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(e.getMessage());
+        }
+    }
+}

package/templates/java-spring/clean/src/main/resources/application.properties.hbs CHANGED Viewed

@@ -16,3 +16,10 @@ spring.jpa.properties.hibernate.format_sql=true
 application.security.jwt.secret-key={{jwtSecretKey}}
 application.security.jwt.expiration=86400000
 application.security.jwt.refresh-token.expiration=604800000
+# Stripe
+stripe.secret-key=${STRIPE_SECRET_KEY}
+stripe.webhook-secret=${STRIPE_WEBHOOK_SECRET}
+# Frontend URL (for Stripe redirect URLs)
+frontend.url=${FRONTEND_URL:http://localhost:3000}

package/templates/java-spring/hexagonal/infra/main.tf.hbs CHANGED Viewed

@@ -5,9 +5,13 @@ terraform {
   required_providers {
     aws = {
-      source = "hashicorp/aws"
+      source  = "hashicorp/aws"
       version = "~> 5.0"
     }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.5"
+    }
   }
 # Uncomment for remote state (recommended for production)
@@ -27,27 +31,27 @@ provider "aws" {
 # Variables
 variable "aws_region" {
   description = "AWS region"
-  type = string
-  default = "us-east-1"
+  type        = string
+  default     = "us-east-1"
 }
 variable "environment" {
   description = "Environment name (dev, staging, prod)"
-  type = string
-  default = "dev"
+  type        = string
+  default     = "dev"
 }
 variable "app_name" {
   description = "Application name"
-  type = string
-  default = "{{projectNameKebabCase}}"
+  type        = string
+  default     = "{{projectNameKebabCase}}"
 }
 # VPC
 module "vpc" {
   source = "./modules/vpc"
-  app_name = var.app_name
+  app_name    = var.app_name
   environment = var.environment
 }
@@ -55,29 +59,49 @@ module "vpc" {
 module "ecs" {
   source = "./modules/ecs"
-  app_name = var.app_name
-  environment = var.environment
-  vpc_id = module.vpc.vpc_id
-  subnet_ids = module.vpc.private_subnet_ids
+  app_name                    = var.app_name
+  environment                 = var.environment
+  vpc_id                      = module.vpc.vpc_id
+  public_subnet_ids           = module.vpc.public_subnet_ids
+  private_subnet_ids          = module.vpc.private_subnet_ids
+  alb_security_group_id       = module.vpc.alb_security_group_id
+  ecs_tasks_security_group_id = module.vpc.ecs_tasks_security_group_id
 }
 # RDS PostgreSQL
 module "rds" {
   source = "./modules/rds"
-  app_name = var.app_name
-  environment = var.environment
-  vpc_id = module.vpc.vpc_id
-  subnet_ids = module.vpc.private_subnet_ids
+  app_name          = var.app_name
+  environment       = var.environment
+  vpc_id            = module.vpc.vpc_id
+  subnet_ids        = module.vpc.private_subnet_ids
   security_group_id = module.vpc.db_security_group_id
 }
 # Outputs
+output "vpc_id" {
+  value = module.vpc.vpc_id
+}
 output "ecs_cluster_name" {
   value = module.ecs.cluster_name
 }
+output "ecr_repository_url" {
+  value = module.ecs.ecr_repository_url
+}
+output "alb_dns_name" {
+  value       = module.ecs.alb_dns_name
+  description = "The DNS name of the ALB to access the application"
+}
 output "rds_endpoint" {
-  value = module.rds.endpoint
+  value     = module.rds.endpoint
   sensitive = true
-}
+}
+output "db_name" {
+  value = module.rds.db_name
+}

package/templates/java-spring/hexagonal/infra/modules/ecs/main.tf.hbs CHANGED Viewed

@@ -12,21 +12,54 @@ variable "vpc_id" {
   type = string
 }
-variable "subnet_ids" {
+variable "public_subnet_ids" {
   type = list(string)
 }
+variable "private_subnet_ids" {
+  type = list(string)
+}
+variable "alb_security_group_id" {
+  type = string
+}
+variable "ecs_tasks_security_group_id" {
+  type = string
+}
+variable "container_port" {
+  type    = number
+  default = 3000
+}
+# ECR Repository
+resource "aws_ecr_repository" "app" {
+  name                 = "${var.app_name}-${var.environment}"
+  image_tag_mutability = "MUTABLE"
+  force_delete         = true
+  image_scanning_configuration {
+    scan_on_push = true
+  }
+  tags = {
+    Name        = "${var.app_name}-${var.environment}"
+    Environment = var.environment
+  }
+}
 # ECS Cluster
 resource "aws_ecs_cluster" "main" {
   name = "${var.app_name}-${var.environment}"
   setting {
-    name = "containerInsights"
+    name  = "containerInsights"
     value = "enabled"
   }
   tags = {
-    Name = "${var.app_name}-${var.environment}"
+    Name        = "${var.app_name}-${var.environment}"
     Environment = var.environment
   }
 }
@@ -38,12 +71,182 @@ resource "aws_ecs_cluster_capacity_providers" "main" {
   capacity_providers = ["FARGATE", "FARGATE_SPOT"]
   default_capacity_provider_strategy {
-    base = 1
-    weight = 100
+    base              = 1
+    weight            = 100
     capacity_provider = "FARGATE"
   }
 }
+# Application Load Balancer
+resource "aws_lb" "main" {
+  name               = "${var.app_name}-${var.environment}-alb"
+  internal           = false
+  load_balancer_type = "application"
+  security_groups    = [var.alb_security_group_id]
+  subnets            = var.public_subnet_ids
+  enable_deletion_protection = false
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-alb"
+    Environment = var.environment
+  }
+}
+# ALB Target Group
+resource "aws_lb_target_group" "app" {
+  name        = "${var.app_name}-${var.environment}-tg"
+  port        = var.container_port
+  protocol    = "HTTP"
+  vpc_id      = var.vpc_id
+  target_type = "ip"
+  health_check {
+    path                = "/health"
+    healthy_threshold   = 2
+    unhealthy_threshold = 10
+    timeout             = 30
+    interval            = 40
+    matcher             = "200-399"
+  }
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-tg"
+    Environment = var.environment
+  }
+}
+# ALB Listener (HTTP)
+resource "aws_lb_listener" "http" {
+  load_balancer_arn = aws_lb.main.arn
+  port              = "80"
+  protocol          = "HTTP"
+  default_action {
+    type             = "forward"
+    target_group_arn = aws_lb_target_group.app.arn
+  }
+}
+# CloudWatch Log Group for ECS
+resource "aws_cloudwatch_log_group" "ecs" {
+  name              = "/ecs/${var.app_name}-${var.environment}"
+  retention_in_days = 14
+  tags = {
+    Environment = var.environment
+  }
+}
+# IAM Role for ECS Task Execution
+resource "aws_iam_role" "ecs_task_execution_role" {
+  name = "${var.app_name}-${var.environment}-ecs-execution-role"
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = "sts:AssumeRole"
+        Effect = "Allow"
+        Principal = {
+          Service = "ecs-tasks.amazonaws.com"
+        }
+      }
+    ]
+  })
+}
+resource "aws_iam_role_policy_attachment" "ecs_task_execution_role_policy" {
+  role       = aws_iam_role.ecs_task_execution_role.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
+}
+# IAM Role for ECS Task (the application itself)
+resource "aws_iam_role" "ecs_task_role" {
+  name = "${var.app_name}-${var.environment}-ecs-task-role"
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = "sts:AssumeRole"
+        Effect = "Allow"
+        Principal = {
+          Service = "ecs-tasks.amazonaws.com"
+        }
+      }
+    ]
+  })
+}
+# ECS Task Definition
+resource "aws_ecs_task_definition" "app" {
+  family                   = "${var.app_name}-${var.environment}"
+  requires_compatibilities = ["FARGATE"]
+  network_mode             = "awsvpc"
+  cpu                      = 256
+  memory                   = 512
+  execution_role_arn       = aws_iam_role.ecs_task_execution_role.arn
+  task_role_arn            = aws_iam_role.ecs_task_role.arn
+  container_definitions = jsonencode([
+    {
+      name      = "${var.app_name}"
+      image     = "${aws_ecr_repository.app.repository_url}:latest"
+      essential = true
+      portMappings = [
+        {
+          containerPort = var.container_port
+          hostPort      = var.container_port
+          protocol      = "tcp"
+        }
+      ]
+      environment = [
+        { name = "NODE_ENV", value = var.environment == "prod" ? "production" : "development" },
+        { name = "PORT", value = tostring(var.container_port) }
+      ]
+      # Note: Add Secrets (like DB passwords) via SSM Parameter Store dynamically in a real deployment
+      logConfiguration = {
+        logDriver = "awslogs"
+        options = {
+          "awslogs-group"         = aws_cloudwatch_log_group.ecs.name
+          "awslogs-region"        = "us-east-1"
+          "awslogs-stream-prefix" = "ecs"
+        }
+      }
+    }
+  ])
+}
+# ECS Service
+resource "aws_ecs_service" "app" {
+  name            = "${var.app_name}-${var.environment}"
+  cluster         = aws_ecs_cluster.main.id
+  task_definition = aws_ecs_task_definition.app.arn
+  desired_count   = 1
+  launch_type     = "FARGATE"
+  network_configuration {
+    subnets          = var.private_subnet_ids
+    security_groups  = [var.ecs_tasks_security_group_id]
+    assign_public_ip = false
+  }
+  load_balancer {
+    target_group_arn = aws_lb_target_group.app.arn
+    container_name   = "${var.app_name}"
+    container_port   = var.container_port
+  }
+  depends_on = [
+    aws_lb_listener.http
+  ]
+}
 # Outputs
 output "cluster_name" {
   value = aws_ecs_cluster.main.name
@@ -51,4 +254,12 @@ output "cluster_name" {
 output "cluster_arn" {
   value = aws_ecs_cluster.main.arn
-}
+}
+output "ecr_repository_url" {
+  value = aws_ecr_repository.app.repository_url
+}
+output "alb_dns_name" {
+  value = aws_lb.main.dns_name
+}

package/templates/java-spring/hexagonal/infra/modules/rds/main.tf.hbs CHANGED Viewed

@@ -22,11 +22,11 @@ variable "security_group_id" {
 # DB Subnet Group
 resource "aws_db_subnet_group" "main" {
-  name = "${var.app_name}-${var.environment}"
+  name       = "${var.app_name}-${var.environment}"
   subnet_ids = var.subnet_ids
   tags = {
-    Name = "${var.app_name}-${var.environment}"
+    Name        = "${var.app_name}-${var.environment}"
     Environment = var.environment
   }
 }
@@ -35,43 +35,43 @@ resource "aws_db_subnet_group" "main" {
 resource "aws_db_instance" "main" {
   identifier = "${var.app_name}-${var.environment}"
-  engine = "postgres"
+  engine         = "postgres"
   engine_version = "16"
   instance_class = "db.t3.micro"
-  allocated_storage = 20
+  allocated_storage     = 20
   max_allocated_storage = 100
-  storage_type = "gp3"
-  storage_encrypted = true
+  storage_type          = "gp3"
+  storage_encrypted     = true
-  db_name = replace(var.app_name, "-", "_")
+  db_name  = replace(var.app_name, "-", "_")
   username = "postgres"
   password = random_password.db_password.result
-  db_subnet_group_name = aws_db_subnet_group.main.name
+  db_subnet_group_name   = aws_db_subnet_group.main.name
   vpc_security_group_ids = [var.security_group_id]
   backup_retention_period = 7
-  skip_final_snapshot = var.environment != "prod"
+  skip_final_snapshot     = var.environment != "prod"
   tags = {
-    Name = "${var.app_name}-${var.environment}"
+    Name        = "${var.app_name}-${var.environment}"
     Environment = var.environment
   }
 }
 # Random password for DB
 resource "random_password" "db_password" {
-  length = 32
+  length  = 32
   special = false
 }
 # Store password in SSM
 resource "aws_ssm_parameter" "db_password" {
-  name = "/${var.app_name}/${var.environment}/db-password"
+  name        = "/${var.app_name}/${var.environment}/db-password"
   description = "Database password for ${var.app_name}"
-  type = "SecureString"
-  value = random_password.db_password.result
+  type        = "SecureString"
+  value       = random_password.db_password.result
   tags = {
     Environment = var.environment
@@ -85,4 +85,4 @@ output "endpoint" {
 output "db_name" {
   value = aws_db_instance.main.db_name
-}
+}