npm - specweave - Versions diffs - 0.21.3 → 0.22.2 - Mend

specweave 0.21.3 → 0.22.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (235) hide show

package/plugins/specweave/templates/iac/aws-lambda/templates/variables.tf.hbs ADDED Viewed

@@ -0,0 +1,115 @@
+# Input Variables for AWS Lambda + API Gateway + DynamoDB
+# Generated by SpecWeave Serverless Architecture Intelligence
+variable "aws_region" {
+  description = "AWS region for all resources"
+  type        = string
+  default     = "{{region}}"
+}
+variable "function_name" {
+  description = "Lambda function name"
+  type        = string
+  default     = "{{functionName}}"
+}
+variable "runtime" {
+  description = "Lambda runtime (nodejs20.x, python3.12, etc.)"
+  type        = string
+  default     = "{{runtime}}"
+}
+variable "memory_size" {
+  description = "Lambda memory size in MB (128-10240)"
+  type        = number
+  default     = {{memorySize}}
+}
+variable "timeout" {
+  description = "Lambda timeout in seconds (1-900)"
+  type        = number
+  default     = {{timeout}}
+}
+variable "environment" {
+  description = "Environment name (dev, staging, prod)"
+  type        = string
+  default     = "{{environment}}"
+}
+variable "handler" {
+  description = "Lambda function handler"
+  type        = string
+  default     = "{{handler}}"
+}
+variable "database_name" {
+  description = "DynamoDB table name"
+  type        = string
+  default     = "{{databaseName}}"
+}
+variable "primary_key" {
+  description = "DynamoDB primary key (partition key)"
+  type        = string
+  default     = "{{primaryKey}}"
+}
+{{#if sortKey}}
+variable "sort_key" {
+  description = "DynamoDB sort key (range key)"
+  type        = string
+  default     = "{{sortKey}}"
+}
+{{/if}}
+variable "log_retention_days" {
+  description = "CloudWatch Logs retention in days"
+  type        = number
+  default     = {{logRetentionDays}}
+}
+variable "cors_origins" {
+  description = "List of allowed CORS origins for API Gateway"
+  type        = list(string)
+  default     = {{tfList corsOrigins}}
+}
+{{#if enableVpc}}
+variable "vpc_id" {
+  description = "VPC ID for Lambda function (if VPC enabled)"
+  type        = string
+}
+variable "subnet_ids" {
+  description = "Subnet IDs for Lambda function (if VPC enabled)"
+  type        = list(string)
+}
+{{/if}}
+{{#if enableSecretsManager}}
+variable "secrets_manager_arns" {
+  description = "ARNs of Secrets Manager secrets to access"
+  type        = list(string)
+  default     = []
+}
+{{/if}}
+{{#if enableKms}}
+variable "kms_key_arn" {
+  description = "KMS key ARN for encryption"
+  type        = string
+}
+{{/if}}
+variable "project_name" {
+  description = "Project name for resource tagging"
+  type        = string
+  default     = "{{projectName}}"
+}
+variable "tags" {
+  description = "Additional tags for all resources"
+  type        = map(string)
+  default     = {}
+}

package/plugins/specweave/templates/iac/azure-functions/defaults.json ADDED Viewed

@@ -0,0 +1,25 @@
+{
+  "location": "eastus",
+  "resourceGroupName": "my-functions-rg",
+  "functionName": "my-function-app",
+  "runtime": "node",
+  "runtimeVersion": "20",
+  "osType": "linux",
+  "skuName": "Y1",
+  "environment": "dev",
+  "databaseAccountName": "my-cosmosdb-account",
+  "databaseName": "my-database",
+  "containerName": "my-container",
+  "partitionKey": "/id",
+  "throughput": 400,
+  "corsOrigins": ["*"],
+  "projectName": "my-project",
+  "enableApplicationInsights": true,
+  "enableKeyVault": false,
+  "enableVnet": false,
+  "enableBackup": false,
+  "enableAutomaticFailover": false,
+  "enableMultiRegion": false,
+  "storageAccountTier": "Standard",
+  "storageAccountReplication": "LRS"
+}

package/plugins/specweave/templates/iac/azure-functions/templates/README.md.hbs ADDED Viewed

@@ -0,0 +1,268 @@
+# Azure Functions + Cosmos DB Terraform Configuration
+**Generated by SpecWeave Serverless Architecture Intelligence**
+This Terraform configuration deploys:
+- Azure Function App ({{runtime}} {{runtimeVersion}} on {{osType}})
+- Azure Cosmos DB (SQL API)
+- Azure Storage Account (required for Function App)
+- App Service Plan ({{skuName}} SKU)
+{{#if enableApplicationInsights}}- Application Insights for monitoring{{/if}}
+{{#if enableKeyVault}}- Azure Key Vault for secrets management{{/if}}
+## Architecture
+```
+Azure Function App ({{functionName}})
+    ├── Runtime: {{runtime}} {{runtimeVersion}}
+    ├── Plan: {{skuName}} ({{#if (eq skuName "Y1")}}Consumption{{else}}Premium{{/if}})
+    └── Storage: {{functionName}}storage
+Cosmos DB ({{databaseAccountName}})
+    ├── Database: {{databaseName}}
+    ├── Container: {{containerName}}
+    ├── Partition Key: {{partitionKey}}
+    └── Throughput: {{throughput}} RU/s
+{{#if enableApplicationInsights}}
+Application Insights ({{functionName}}-insights)
+    └── Type: web
+{{/if}}
+{{#if enableKeyVault}}
+Key Vault ({{functionName}}-kv)
+    └── Secrets: Managed by Function App identity
+{{/if}}
+```
+## Prerequisites
+1. **Azure CLI** installed and authenticated:
+   ```bash
+   az login
+   az account set --subscription "YOUR_SUBSCRIPTION_ID"
+   ```
+2. **Terraform** v1.5.0+ installed:
+   ```bash
+   terraform version
+   ```
+3. **Function App code** ready to deploy:
+   - Node.js: `package.json`, `index.js`, etc.
+   - Python: `requirements.txt`, `__init__.py`, etc.
+## Deployment Instructions
+### 1. Initialize Terraform
+```bash
+terraform init
+```
+### 2. Review the Plan
+```bash
+terraform plan
+```
+**Expected resources**: ~{{#if enableKeyVault}}10{{else if enableApplicationInsights}}8{{else}}6{{/if}} resources will be created
+### 3. Deploy Infrastructure
+**Development**:
+```bash
+terraform apply -var-file="environments/dev.tfvars"
+```
+**Staging**:
+```bash
+terraform apply -var-file="environments/staging.tfvars"
+```
+**Production**:
+```bash
+terraform apply -var-file="environments/prod.tfvars"
+```
+### 4. Deploy Function Code
+After infrastructure is deployed, deploy your function code:
+```bash
+# Zip your function code
+cd ../src  # Navigate to your function source code
+zip -r function.zip .
+# Deploy using Azure CLI
+az functionapp deployment source config-zip \
+  --resource-group {{resourceGroupName}} \
+  --name {{functionName}} \
+  --src function.zip
+```
+### 5. Test Your Function
+```bash
+# Get function URL
+FUNCTION_URL=$(terraform output -raw function_app_url)
+# Test HTTP trigger (example)
+curl "${FUNCTION_URL}/api/hello?name=World"
+```
+## Cost Estimation
+### Development Environment
+**Azure Function App (Consumption Plan)**:
+- Execution: 1M requests/month = Free (2M free tier)
+- Execution time: 100,000 GB-s/month = Free (400,000 GB-s free tier)
+- **Total**: $0/month (within free tier)
+**Cosmos DB**:
+- Throughput: {{throughput}} RU/s × $0.008/hour = ${{multiply throughput 0.008 720}}/month
+- Storage: 1 GB = Free (25 GB free tier)
+- **Total**: ~${{multiply throughput 0.008 720}}/month
+**Storage Account**:
+- LRS storage: 1 GB = ~$0.02/month
+- Transactions: Minimal cost
+- **Total**: ~$0.50/month
+**Application Insights**:
+- First 5 GB = Free
+- **Total**: $0/month (within free tier)
+**Total Monthly Cost (Dev)**: ~${{add (multiply throughput 0.008 720) 0.5}}/month
+{{#if (eq environment "prod")}}
+### Production Environment (Estimated)
+**Note**: Production costs depend on actual usage. Estimate above assumes:
+- 10M requests/month
+- {{throughput}} RU/s Cosmos DB throughput
+- ~10 GB storage
+For accurate production estimates, use [Azure Pricing Calculator](https://azure.microsoft.com/pricing/calculator/).
+{{/if}}
+## Free Tier Optimization Tips
+1. **Function App**:
+   - Use Consumption Plan (Y1) for variable workloads
+   - Stay under 1M executions/month for free tier
+   - Optimize memory allocation (lower = cheaper)
+2. **Cosmos DB**:
+   - Start with 400 RU/s (minimum)
+   - Use autoscale for variable workloads
+   - Monitor RU consumption in Azure Portal
+3. **Application Insights**:
+   - First 5 GB/month is free
+   - Use sampling to reduce data volume
+   - Set retention to 90 days
+4. **Storage Account**:
+   - Use LRS (cheapest replication)
+   - Clean up old blobs and logs
+   - Enable lifecycle management
+## Monitoring
+{{#if enableApplicationInsights}}
+**Application Insights** is enabled. View metrics at:
+```
+https://portal.azure.com/#@/resource${terraform output -raw application_insights_id}/overview
+```
+Key metrics to monitor:
+- Request rate and response times
+- Failed requests
+- Cosmos DB RU consumption
+- Function execution count and duration
+{{else}}
+**Application Insights** is not enabled. To enable monitoring:
+1. Set `enableApplicationInsights = true` in `defaults.json`
+2. Re-apply Terraform configuration
+{{/if}}
+## Security Best Practices
+1. **Managed Identity**: Function App uses System-Assigned Managed Identity
+   - No credentials in code
+   - Automatic rotation
+   - Azure RBAC for access control
+2. **Secrets Management**:
+{{#if enableKeyVault}}
+   - ✅ Key Vault enabled for secrets
+   - Store connection strings in Key Vault
+   - Reference via `@Microsoft.KeyVault(SecretUri=...)`
+{{else}}
+   - ⚠️ Key Vault not enabled
+   - Enable with `enableKeyVault = true`
+{{/if}}
+3. **HTTPS Only**: Function App enforces HTTPS
+4. **CORS**: Configured for origins: {{corsOrigins}}
+5. **Network Security**:
+{{#if enableVnet}}
+   - ✅ VNet integration enabled
+{{else}}
+   - ⚠️ VNet integration not enabled (public access)
+   - Enable with `enableVnet = true`
+{{/if}}
+## Cleanup
+To destroy all resources:
+```bash
+terraform destroy
+```
+**Warning**: This will permanently delete:
+- Function App and all deployed code
+- Cosmos DB and all data
+- Storage Account and all blobs
+- Application Insights telemetry data
+## Troubleshooting
+### "Resource name already exists"
+- Azure resource names must be globally unique
+- Modify `appName` in `defaults.json` or `*.tfvars`
+### "Insufficient permissions"
+- Ensure you have Owner/Contributor role on subscription
+- Run `az account show` to verify correct subscription
+### "Cosmos DB throughput too low"
+- Minimum throughput is 400 RU/s
+- Adjust `throughput` in `defaults.json` or `*.tfvars`
+### "Function App not responding"
+- Check Application Insights for errors
+- Verify function code is deployed (`az functionapp deployment list-publishing-credentials`)
+- Check CORS settings if calling from browser
+## Next Steps
+1. **Deploy your function code** (see step 4 above)
+2. **Set up CI/CD** with Azure DevOps or GitHub Actions
+3. **Configure custom domains** for production
+4. **Set up monitoring alerts** in Application Insights
+5. **Enable backup** for Cosmos DB (set `enableBackup = true`)
+## Support
+- **Azure Documentation**: https://docs.microsoft.com/azure/azure-functions/
+- **Terraform Azure Provider**: https://registry.terraform.io/providers/hashicorp/azurerm/
+- **SpecWeave**: https://spec-weave.com
+---
+**Generated**: {{currentDate}}
+**SpecWeave Version**: {{specweaveVersion}}

package/plugins/specweave/templates/iac/azure-functions/templates/environments/dev.tfvars.hbs ADDED Viewed

@@ -0,0 +1,34 @@
+# Development Environment Variables for Azure Functions + Cosmos DB
+# Generated by SpecWeave Serverless Architecture Intelligence
+location             = "eastus"
+resource_group_name  = "{{projectName}}-dev-rg"
+app_name             = "{{projectName}}-dev-app"
+runtime              = "{{runtime}}"
+runtime_version      = "{{runtimeVersion}}"
+os_type              = "Linux"
+sku_name             = "Y1"  # Consumption Plan (free tier eligible)
+environment          = "dev"
+# Cosmos DB (optimized for dev - minimum cost)
+database_account_name = "{{projectName}}-dev-cosmos"
+database_name         = "{{databaseName}}"
+container_name        = "{{containerName}}"
+partition_key         = "{{partitionKey}}"
+throughput            = 400  # Minimum (cheapest)
+# CORS (allow all for development)
+cors_origins = ["*"]
+# Storage Account (cheapest options)
+storage_account_tier        = "Standard"
+storage_account_replication = "LRS"  # Locally Redundant Storage (cheapest)
+# Project tagging
+project_name = "{{projectName}}"
+# Free tier optimization
+# - Consumption Plan (Y1) for Function App
+# - 400 RU/s Cosmos DB (minimum, stays within free tier for low usage)
+# - LRS storage (cheapest)
+# - Application Insights first 5 GB free

package/plugins/specweave/templates/iac/azure-functions/templates/environments/prod.tfvars.hbs ADDED Viewed

@@ -0,0 +1,46 @@
+# Production Environment Variables for Azure Functions + Cosmos DB
+# Generated by SpecWeave Serverless Architecture Intelligence
+location             = "eastus"
+resource_group_name  = "{{projectName}}-prod-rg"
+app_name             = "{{projectName}}-prod-app"
+runtime              = "{{runtime}}"
+runtime_version      = "{{runtimeVersion}}"
+os_type              = "Linux"
+sku_name             = "EP2"  # Elastic Premium EP2 (production-grade)
+environment          = "prod"
+# Cosmos DB (production settings with backup)
+database_account_name = "{{projectName}}-prod-cosmos"
+database_name         = "{{databaseName}}"
+container_name        = "{{containerName}}"
+partition_key         = "{{partitionKey}}"
+throughput            = 4000  # Higher throughput for production
+# CORS (restrict to production domain only)
+cors_origins = ["https://{{projectName}}.com"]
+# Storage Account (GRS for geo-redundancy)
+storage_account_tier        = "Standard"
+storage_account_replication = "GRS"  # Geo-Redundant Storage
+# Project tagging
+project_name = "{{projectName}}"
+# Production features (uncomment to enable)
+# enable_automatic_failover = true
+# enable_multi_region       = true
+# secondary_regions         = ["westus2", "northeurope"]
+# enable_backup             = true
+# enable_key_vault          = true
+# enable_vnet               = true
+# Production optimizations
+# - Elastic Premium (EP2) for high performance and VNet support
+# - 4000 RU/s Cosmos DB with autoscale option
+# - GRS storage for disaster recovery
+# - Multi-region Cosmos DB (optional, comment out to enable)
+# - Automatic failover enabled (optional)
+# - Continuous backup (optional)
+# - Key Vault for secrets (optional)
+# - VNet integration for secure networking (optional)

package/plugins/specweave/templates/iac/azure-functions/templates/environments/staging.tfvars.hbs ADDED Viewed

@@ -0,0 +1,34 @@
+# Staging Environment Variables for Azure Functions + Cosmos DB
+# Generated by SpecWeave Serverless Architecture Intelligence
+location             = "eastus"
+resource_group_name  = "{{projectName}}-staging-rg"
+app_name             = "{{projectName}}-staging-app"
+runtime              = "{{runtime}}"
+runtime_version      = "{{runtimeVersion}}"
+os_type              = "Linux"
+sku_name             = "EP1"  # Elastic Premium (better performance than Consumption)
+environment          = "staging"
+# Cosmos DB (moderate settings)
+database_account_name = "{{projectName}}-staging-cosmos"
+database_name         = "{{databaseName}}"
+container_name        = "{{containerName}}"
+partition_key         = "{{partitionKey}}"
+throughput            = 1000  # Higher throughput for staging tests
+# CORS (restrict to known origins)
+cors_origins = ["https://staging.{{projectName}}.com"]
+# Storage Account (ZRS for better durability)
+storage_account_tier        = "Standard"
+storage_account_replication = "ZRS"  # Zone-Redundant Storage
+# Project tagging
+project_name = "{{projectName}}"
+# Staging optimizations
+# - Elastic Premium (EP1) for consistent performance
+# - 1000 RU/s Cosmos DB for realistic load testing
+# - ZRS storage for better durability
+# - Single region deployment