spense-core 0.1.1

package/dist/infra.js

@@ -0,0 +1,189 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deployInfra = deployInfra;
+const child_process_1 = require("child_process");
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+async function deployInfra(project, config) {
+    const stackDir = path.join(process.cwd(), '.spense');
+    fs.mkdirSync(stackDir, { recursive: true });
+    // Set AWS credentials as env vars for CDK
+    process.env.AWS_ACCESS_KEY_ID = config.credentials.accessKeyId;
+    process.env.AWS_SECRET_ACCESS_KEY = config.credentials.secretAccessKey;
+    process.env.AWS_REGION = config.credentials.region;
+    const stackCode = generateStack(project, config);
+    fs.writeFileSync(path.join(stackDir, 'stack.ts'), stackCode);
+    fs.writeFileSync(path.join(stackDir, 'cdk.json'), '{"app":"npx ts-node stack.ts"}');
+    (0, child_process_1.execSync)('npx cdk bootstrap --require-approval never', { cwd: stackDir, stdio: 'inherit' });
+    (0, child_process_1.execSync)('npx cdk deploy --require-approval never --outputs-file outputs.json', { cwd: stackDir, stdio: 'inherit' });
+    const outputs = JSON.parse(fs.readFileSync(path.join(stackDir, 'outputs.json'), 'utf-8'));
+    const stackOutputs = outputs[`${project.name}-stack`] || {};
+    return {
+        url: stackOutputs.URL || stackOutputs.LoadBalancerDNS,
+        dbEndpoint: stackOutputs.DatabaseEndpoint
+    };
+}
+function generateStack(project, config) {
+    const stackName = `${project.name}-stack`;
+    const region = config.credentials.region;
+    return `import * as cdk from 'aws-cdk-lib';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2';
+import * as asg from 'aws-cdk-lib/aws-autoscaling';
+import * as rds from 'aws-cdk-lib/aws-rds';
+import * as iam from 'aws-cdk-lib/aws-iam';
+${config.useHttps ? "import * as acm from 'aws-cdk-lib/aws-certificatemanager';" : ''}
+${config.domain ? "import * as route53 from 'aws-cdk-lib/aws-route53';\nimport * as targets from 'aws-cdk-lib/aws-route53-targets';" : ''}
+
+const app = new cdk.App();
+const stack = new cdk.Stack(app, '${stackName}', { env: { region: '${region}' }});
+
+const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, natGateways: 1 });
+
+${generateDbCode(config)}
+
+const role = new iam.Role(stack, 'InstanceRole', {
+  assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'),
+  managedPolicies: [
+    iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore'),
+    iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonS3ReadOnlyAccess')
+  ]
+});
+
+${generateAsgCode(project, config)}
+
+const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc, internetFacing: true });
+
+${generateListenerCode(config)}
+
+listener.addTargets('App', { 
+  port: ${project.port}, 
+  targets: [scaling],
+  healthCheck: { path: '/health', healthyHttpCodes: '200-399' }
+});
+
+${generateDomainCode(config)}
+
+new cdk.CfnOutput(stack, 'URL', { value: '${config.useHttps ? 'https' : 'http'}://' + ${config.domain ? `'${config.domain}'` : 'alb.loadBalancerDnsName'} });
+${config.database !== 'none' ? "new cdk.CfnOutput(stack, 'DatabaseEndpoint', { value: db.instanceEndpoint.hostname });" : ''}
+
+app.synth();
+`;
+}
+function generateDbCode(config) {
+    if (config.database === 'none')
+        return '';
+    const engine = config.database === 'postgresql'
+        ? 'rds.DatabaseInstanceEngine.postgres({ version: rds.PostgresEngineVersion.VER_15 })'
+        : 'rds.DatabaseInstanceEngine.mysql({ version: rds.MysqlEngineVersion.VER_8_0 })';
+    return `const db = new rds.DatabaseInstance(stack, 'Database', {
+  vpc,
+  engine: ${engine},
+  instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.${config.dbInstanceClass?.split('.')[2].toUpperCase() || 'MICRO'}),
+  credentials: rds.Credentials.fromGeneratedSecret('dbadmin'),
+  vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS },
+  removalPolicy: cdk.RemovalPolicy.SNAPSHOT
+});`;
+}
+function generateAsgCode(project, config) {
+    if (config.ec2.useExisting) {
+        // For existing instances, we'd need different approach - skip ASG
+        return `// Using existing instances: ${config.ec2.existingInstanceIds?.join(', ')}`;
+    }
+    const instanceSize = config.ec2.instanceType?.split('.')[1].toUpperCase() || 'SMALL';
+    return `const scaling = new asg.AutoScalingGroup(stack, 'ASG', {
+  vpc,
+  instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.${instanceSize}),
+  machineImage: ec2.MachineImage.latestAmazonLinux2023(),
+  role,
+  minCapacity: ${config.ec2.minInstances || 1},
+  maxCapacity: ${config.ec2.maxInstances || 3},
+  vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS },
+  ${config.useElasticIp ? 'associatePublicIpAddress: true,' : ''}
+});
+
+scaling.addUserData(\`${generateUserData(project)}\`);
+
+scaling.scaleOnCpuUtilization('CpuScaling', { targetUtilizationPercent: 70 });`;
+}
+function generateUserData(project) {
+    if (project.type === 'nodejs') {
+        return `#!/bin/bash
+set -e
+yum install -y nodejs npm
+mkdir -p /app && cd /app
+# App code will be deployed via CodeDeploy or S3
+${project.buildCommand || ''}
+${project.startCommand}
+`;
+    }
+    return `#!/bin/bash
+set -e
+yum install -y java-17-amazon-corretto
+mkdir -p /app && cd /app
+# JAR will be deployed via CodeDeploy or S3
+java -jar app.jar
+`;
+}
+function generateListenerCode(config) {
+    if (config.useHttps && config.domain) {
+        return `const cert = new acm.Certificate(stack, 'Cert', {
+  domainName: '${config.domain}',
+  validation: acm.CertificateValidation.fromDns()
+});
+
+const listener = alb.addListener('HTTPS', { 
+  port: 443, 
+  certificates: [cert]
+});
+
+alb.addListener('HTTP', { port: 80 }).addAction('Redirect', {
+  action: elbv2.ListenerAction.redirect({ protocol: 'HTTPS', port: '443', permanent: true })
+});`;
+    }
+    return `const listener = alb.addListener('HTTP', { port: 80 });`;
+}
+function generateDomainCode(config) {
+    if (!config.domain)
+        return '';
+    const baseDomain = config.domain.split('.').slice(-2).join('.');
+    return `const zone = route53.HostedZone.fromLookup(stack, 'Zone', { domainName: '${baseDomain}' });
+new route53.ARecord(stack, 'DNS', {
+  zone,
+  recordName: '${config.domain}',
+  target: route53.RecordTarget.fromAlias(new targets.LoadBalancerTarget(alb))
+});`;
+}

package/dist/types.d.ts

@@ -0,0 +1,45 @@
+export type ProjectType = 'nodejs' | 'springboot';
+export type DatabaseType = 'postgresql' | 'mysql' | 'none';
+export interface ProjectInfo {
+    type: ProjectType;
+    name: string;
+    port: number;
+    buildCommand: string;
+    startCommand: string;
+    artifactPath: string;
+}
+export interface AwsCredentials {
+    accessKeyId: string;
+    secretAccessKey: string;
+    region: string;
+}
+export interface Ec2Choice {
+    useExisting: boolean;
+    existingInstanceIds?: string[];
+    instanceType?: string;
+    minInstances?: number;
+    maxInstances?: number;
+}
+export interface DeployConfig {
+    credentials: AwsCredentials;
+    ec2: Ec2Choice;
+    useElasticIp: boolean;
+    database: DatabaseType;
+    dbInstanceClass?: string;
+    domain?: string;
+    useHttps: boolean;
+}
+export declare const PRICING: {
+    ec2: Record<string, number>;
+    elasticIp: {
+        attached: number;
+        detached: number;
+        perHour: number;
+        note: string;
+    };
+    rds: Record<string, number>;
+    alb: {
+        perHour: number;
+        perLcu: number;
+    };
+};

package/dist/types.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PRICING = void 0;
+exports.PRICING = {
+    ec2: {
+        't3.micro': 0.0104,
+        't3.small': 0.0208,
+        't3.medium': 0.0416,
+        't3.large': 0.0832,
+    },
+    elasticIp: {
+        attached: 0,
+        detached: 0.005,
+        perHour: 0.005,
+        note: 'Free when attached to running instance, $0.005/hr when detached'
+    },
+    rds: {
+        'db.t3.micro': 0.017,
+        'db.t3.small': 0.034,
+        'db.t3.medium': 0.068,
+    },
+    alb: {
+        perHour: 0.0225,
+        perLcu: 0.008,
+    }
+};

package/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "spense-core",
+  "version": "0.1.1",
+  "description": "Core deployment logic for Spense",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc"
+  },
+  "dependencies": {
+    "@aws-sdk/client-auto-scaling": "^3.400.0",
+    "@aws-sdk/client-ec2": "^3.400.0",
+    "@aws-sdk/client-elastic-load-balancing-v2": "^3.400.0",
+    "@aws-sdk/client-iam": "^3.400.0",
+    "@aws-sdk/client-rds": "^3.400.0",
+    "@aws-sdk/client-route-53": "^3.400.0",
+    "@aws-sdk/client-s3": "^3.400.0",
+    "archiver": "^6.0.1",
+    "aws-cdk-lib": "^2.170.0",
+    "chalk": "^4.1.2",
+    "constructs": "^10.4.2",
+    "inquirer": "^8.2.6",
+    "ora": "^5.4.1"
+  },
+  "devDependencies": {
+    "@types/archiver": "^6.0.2",
+    "@types/inquirer": "^8.2.10",
+    "@types/node": "^20.10.0",
+    "typescript": "^5.3.0"
+  }
+}

package/src/aws-resources.ts

@@ -0,0 +1,57 @@
+import { AwsCredentials } from './types';
+import { EC2Client, DescribeInstancesCommand, Instance } from '@aws-sdk/client-ec2';
+import { RDSClient, DescribeDBInstancesCommand, DBInstance } from '@aws-sdk/client-rds';
+
+export interface ExistingInstance {
+  id: string;
+  name: string;
+  type: string;
+  state: string;
+  publicIp?: string;
+}
+
+export interface ExistingDatabase {
+  id: string;
+  engine: string;
+  instanceClass: string;
+  endpoint?: string;
+}
+
+export async function listEc2Instances(creds: AwsCredentials): Promise<ExistingInstance[]> {
+  const ec2 = new EC2Client({
+    region: creds.region,
+    credentials: { accessKeyId: creds.accessKeyId, secretAccessKey: creds.secretAccessKey }
+  });
+
+  const res = await ec2.send(new DescribeInstancesCommand({}));
+  const instances: ExistingInstance[] = [];
+
+  for (const reservation of res.Reservations || []) {
+    for (const inst of reservation.Instances || []) {
+      if (inst.State?.Name === 'terminated') continue;
+      instances.push({
+        id: inst.InstanceId || '',
+        name: inst.Tags?.find(t => t.Key === 'Name')?.Value || 'Unnamed',
+        type: inst.InstanceType || '',
+        state: inst.State?.Name || '',
+        publicIp: inst.PublicIpAddress,
+      });
+    }
+  }
+  return instances;
+}
+
+export async function listRdsInstances(creds: AwsCredentials): Promise<ExistingDatabase[]> {
+  const rds = new RDSClient({
+    region: creds.region,
+    credentials: { accessKeyId: creds.accessKeyId, secretAccessKey: creds.secretAccessKey }
+  });
+
+  const res = await rds.send(new DescribeDBInstancesCommand({}));
+  return (res.DBInstances || []).map(db => ({
+    id: db.DBInstanceIdentifier || '',
+    engine: db.Engine || '',
+    instanceClass: db.DBInstanceClass || '',
+    endpoint: db.Endpoint?.Address,
+  }));
+}

package/src/aws-validator.ts

@@ -0,0 +1,83 @@
+import { AwsCredentials } from './types';
+import { EC2Client, DescribeInstancesCommand } from '@aws-sdk/client-ec2';
+import { RDSClient, DescribeDBInstancesCommand } from '@aws-sdk/client-rds';
+import { ElasticLoadBalancingV2Client, DescribeLoadBalancersCommand } from '@aws-sdk/client-elastic-load-balancing-v2';
+import { Route53Client, ListHostedZonesCommand } from '@aws-sdk/client-route-53';
+import { AutoScalingClient, DescribeAutoScalingGroupsCommand } from '@aws-sdk/client-auto-scaling';
+import { IAMClient, GetUserCommand } from '@aws-sdk/client-iam';
+
+export interface PermissionCheck {
+  service: string;
+  hasAccess: boolean;
+  error?: string;
+}
+
+export async function validateCredentials(creds: AwsCredentials): Promise<{ valid: boolean; username?: string; error?: string }> {
+  const iam = new IAMClient({
+    region: creds.region,
+    credentials: { accessKeyId: creds.accessKeyId, secretAccessKey: creds.secretAccessKey }
+  });
+
+  try {
+    const res = await iam.send(new GetUserCommand({}));
+    return { valid: true, username: res.User?.UserName };
+  } catch (err: any) {
+    return { valid: false, error: err.message };
+  }
+}
+
+export async function checkPermissions(creds: AwsCredentials): Promise<PermissionCheck[]> {
+  const config = {
+    region: creds.region,
+    credentials: { accessKeyId: creds.accessKeyId, secretAccessKey: creds.secretAccessKey }
+  };
+
+  const checks: PermissionCheck[] = [];
+
+  // EC2
+  try {
+    const ec2 = new EC2Client(config);
+    await ec2.send(new DescribeInstancesCommand({ MaxResults: 5 }));
+    checks.push({ service: 'EC2', hasAccess: true });
+  } catch (err: any) {
+    checks.push({ service: 'EC2', hasAccess: false, error: err.message });
+  }
+
+  // RDS
+  try {
+    const rds = new RDSClient(config);
+    await rds.send(new DescribeDBInstancesCommand({}));
+    checks.push({ service: 'RDS', hasAccess: true });
+  } catch (err: any) {
+    checks.push({ service: 'RDS', hasAccess: false, error: err.message });
+  }
+
+  // ALB
+  try {
+    const elb = new ElasticLoadBalancingV2Client(config);
+    await elb.send(new DescribeLoadBalancersCommand({}));
+    checks.push({ service: 'ALB', hasAccess: true });
+  } catch (err: any) {
+    checks.push({ service: 'ALB', hasAccess: false, error: err.message });
+  }
+
+  // Route53
+  try {
+    const r53 = new Route53Client(config);
+    await r53.send(new ListHostedZonesCommand({}));
+    checks.push({ service: 'Route53', hasAccess: true });
+  } catch (err: any) {
+    checks.push({ service: 'Route53', hasAccess: false, error: err.message });
+  }
+
+  // Auto Scaling
+  try {
+    const asg = new AutoScalingClient(config);
+    await asg.send(new DescribeAutoScalingGroupsCommand({ MaxRecords: 1 }));
+    checks.push({ service: 'AutoScaling', hasAccess: true });
+  } catch (err: any) {
+    checks.push({ service: 'AutoScaling', hasAccess: false, error: err.message });
+  }
+
+  return checks;
+}