BuzzerboyAWSLightsail 0.329.1__tar.gz → 0.331.1__tar.gz

{buzzerboyawslightsail-0.329.1 → buzzerboyawslightsail-0.331.1}/BuzzerboyAWSLightsail.egg-info/PKG-INFO

@@ -1,10 +1,27 @@
 Metadata-Version: 2.4
 Name: BuzzerboyAWSLightsail
-Version: 0.329.1
+Version: 0.331.1
 Summary: Buzzerboy Architecture for Deploying Web Applications on AWS LightSail
 Home-page: https://www.buzzerboy.com/
 Author: Buzzerboy Inc
 Author-email: Buzzerboy Inc <info@buzzerboy.com>
+License: Copyright (c) 2024 Buzzerboy Inc. Canada. All Rights Reserved.
+        
+        This product and associated files (the "Software") is only available for use
+        within projects developed by Buzzerboy Inc. Canada with subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        For commercial projects, permission of use is required by sending an email to info@buzzerboy.com
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
 Project-URL: Homepage, https://www.buzzerboy.com/
 Project-URL: Issues, https://dev.azure.com/buzzerboyinc/buzzerboy
 Classifier: Programming Language :: Python :: 3
@@ -12,6 +29,7 @@ Classifier: License :: OSI Approved :: MIT License
 Classifier: Operating System :: OS Independent
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
+License-File: LICENSE
 Requires-Dist: cdktf<1.0,>=0.17.0
 Requires-Dist: constructs<11.0,>=10.0.0
 Requires-Dist: cdktf-cdktf-provider-aws>=12.0.0
@@ -24,6 +42,7 @@ Requires-Dist: BuzzerboyArchetype
 Requires-Dist: AWSArchitectureBase
 Dynamic: author
 Dynamic: home-page
+Dynamic: license-file
 Dynamic: requires-dist
 Dynamic: requires-python
 

{buzzerboyawslightsail-0.329.1 → buzzerboyawslightsail-0.331.1}/BuzzerboyAWSLightsail.egg-info/SOURCES.txt

@@ -1,3 +1,4 @@
+LICENSE
 MANIFEST.in
 README.md
 pyproject.toml

{buzzerboyawslightsail-0.329.1 → buzzerboyawslightsail-0.331.1}/BuzzerboyAWSLightsailStack/LightsailBase.py

@@ -79,7 +79,7 @@ class BaseLightsailArchitectureFlags(Enum):
 #endregion
 
 
-class LightsailBase(AWSArchitectureBase, ABC):
+class LightsailBase(AWSArchitectureBase):
     """
     Abstract base class for AWS Lightsail Infrastructure Stacks.
 
@@ -126,19 +126,19 @@ class LightsailBase(AWSArchitectureBase, ABC):
     # Default post-apply scripts executed after deployment
     default_post_apply_scripts = []
 
-    @staticmethod
-    @abstractmethod
-    def get_architecture_flags():
+    def get_architecture_flags(self):
         """
         Get the ArchitectureFlags enum for configuration.
-        
-        This method must be implemented by subclasses to return their
-        specific ArchitectureFlags enum class.
 
         :returns: ArchitectureFlags enum class
-        :rtype: type[Enum]
+        :rtype: type[ArchitectureFlags]
         """
-        pass
+        super_flags = super.get_architecture_flags()
+        this_flags = ArchitectureFlags
+        for flag in super_flags:
+            this_flags[flag.name] = flag.value
+
+        return this_flags
 
     def __init__(self, scope, id, **kwargs):
         """
@@ -575,22 +575,26 @@ class LightsailBase(AWSArchitectureBase, ABC):
         if not self.post_apply_scripts:
             return
 
+        # Collect dependencies for post-apply scripts
+        dependencies = []
+        if hasattr(self, 'secrets_manager_secret'):
+            dependencies.append(self.secrets_manager_secret)
+
         # Create a null resource for each post-apply script
         for i, script in enumerate(self.post_apply_scripts):
             script_resource = NullResource(
                 self,
                 f"post_apply_script_{i}",
-                provisioner=[{
-                    "local-exec": {
-                        "command": script,
-                        "on_failure": "continue"
-                    }
-                }]
+                depends_on=dependencies if dependencies else None
             )
             
-            # Ensure scripts depend on core infrastructure
-            if hasattr(self, 'secrets_manager_secret'):
-                script_resource.add_override("depends_on", [self.secrets_manager_secret.fqn])
+            # Add provisioner using override
+            script_resource.add_override("provisioner", [{
+                "local-exec": {
+                    "command": script,
+                    "on_failure": "continue"
+                }
+            }])
 
     # ==================== UTILITY METHODS ====================
 

{buzzerboyawslightsail-0.329.1 → buzzerboyawslightsail-0.331.1}/BuzzerboyAWSLightsailStack/LightsailContainer.py

@@ -66,16 +66,28 @@ from cdktf_cdktf_provider_aws.wafv2_rule_group import Wafv2RuleGroupRuleVisibili
 
 
 #region ArchitectureFlags 
-class ArchitectureFlags(BaseLightsailArchitectureFlags):
+class ArchitectureFlags(Enum):
     """
     Architecture configuration flags for optional components.
 
-    Extends BaseLightsailArchitectureFlags with container-specific flags.
+    Includes both base flags and container-specific flags.
 
+    Base flags:
+    :param SKIP_DEFAULT_POST_APPLY_SCRIPTS: Skip default post-apply scripts
+    :param PRESERVE_EXISTING_SECRETS: Don't overwrite existing secret versions (smart detection)
+    :param IGNORE_SECRET_CHANGES: Ignore all changes to secret after initial creation
+    
+    Container-specific flags:
     :param SKIP_DATABASE: Skip database creation
     :param SKIP_DOMAIN: Skip domain and DNS configuration
     """
-
+    
+    # Base flags from BaseLightsailArchitectureFlags
+    SKIP_DEFAULT_POST_APPLY_SCRIPTS = "skip_default_post_apply_scripts"
+    PRESERVE_EXISTING_SECRETS = "preserve_existing_secrets"
+    IGNORE_SECRET_CHANGES = "ignore_secret_changes"
+    
+    # Container-specific flags
     SKIP_DATABASE = "skip_database"
     SKIP_DOMAIN = "skip_domain"
 
@@ -270,6 +282,8 @@ class LightsailContainerStack(LightsailBase):
                 "host": self.database.master_endpoint_address,
                 "port": self.database.master_endpoint_port,
             }
+        )
+
     def create_s3_bucket(self, bucket_name=None):
         """
         Create S3 bucket for application data storage.

{buzzerboyawslightsail-0.329.1 → buzzerboyawslightsail-0.331.1}/BuzzerboyAWSLightsailStack/LightsailDatabase.py

@@ -41,16 +41,33 @@ from cdktf_cdktf_provider_random import password
 
 #endregion
 
+#region Null Provider and Resources
+from cdktf_cdktf_provider_null.resource import Resource as NullResource
+
+#endregion
+
 #region ArchitectureFlags 
-class ArchitectureFlags(BaseLightsailArchitectureFlags):
+class ArchitectureFlags(Enum):
     """
     Architecture configuration flags for optional components.
 
-    Extends BaseLightsailArchitectureFlags with database-specific flags.
+    Includes both base flags and database-specific flags.
 
+    Base flags:
+    :param SKIP_DEFAULT_POST_APPLY_SCRIPTS: Skip default post-apply scripts
+    :param PRESERVE_EXISTING_SECRETS: Don't overwrite existing secret versions (smart detection)
+    :param IGNORE_SECRET_CHANGES: Ignore all changes to secret after initial creation
+    
+    Database-specific flags:
     :param SKIP_DATABASE_USERS: Skip creating individual database users (use master user only)
     """
-
+    
+    # Base flags from BaseLightsailArchitectureFlags
+    SKIP_DEFAULT_POST_APPLY_SCRIPTS = "skip_default_post_apply_scripts"
+    PRESERVE_EXISTING_SECRETS = "preserve_existing_secrets"
+    IGNORE_SECRET_CHANGES = "ignore_secret_changes"
+    
+    # Database-specific flags
     SKIP_DATABASE_USERS = "skip_database_users"
 
 #endregion
@@ -62,8 +79,8 @@ class LightsailDatabaseStack(LightsailBase):
 
     A comprehensive database stack that deploys:
         * Lightsail Database instance with PostgreSQL
-        * Multiple databases within the instance
-        * Individual database users with scoped permissions
+        * Multiple databases within the instance (automated creation)
+        * Individual database users with scoped permissions (automated creation)
         * Secrets Manager for storing all database credentials
         * IAM resources for programmatic access
 
@@ -115,6 +132,7 @@ class LightsailDatabaseStack(LightsailBase):
         :param db_instance_size: Database instance size (default: "micro_2_0")
         :param db_engine: Database engine version (default: "postgres_14")
         :param master_username: Master database username (default: "dbmasteruser")
+        :param db_publicly_accessible: Enable public access to database (default: True, required for automated provisioning)
         """
         # Set database-specific defaults
         if "project_name" not in kwargs:
@@ -124,10 +142,7 @@ class LightsailDatabaseStack(LightsailBase):
             environment = kwargs.get("environment", "dev")
             kwargs["secret_name"] = f"{project_name}/{environment}/database-credentials"
         
-        # Call parent constructor
-        super().__init__(scope, id, **kwargs)
-
-        # ===== Database-Specific Configuration =====
+        # ===== Database-Specific Configuration (MUST be set before super().__init__) =====
         self.databases = kwargs.get("databases", [])
 
         # Validate required parameters
@@ -138,10 +153,14 @@ class LightsailDatabaseStack(LightsailBase):
         self.master_username = kwargs.get("master_username", "dbmasteruser")
         self.db_instance_size = kwargs.get("db_instance_size", "micro_2_0")
         self.db_engine = kwargs.get("db_engine", "postgres_14")
+        self.db_publicly_accessible = kwargs.get("db_publicly_accessible", True)
 
         # ===== Internal State =====
         self.database_users = {}
         self.database_passwords = {}
+        
+        # Call parent constructor (this will call _set_default_post_apply_scripts)
+        super().__init__(scope, id, **kwargs)
 
     def _set_default_post_apply_scripts(self):
         """
@@ -180,8 +199,9 @@ class LightsailDatabaseStack(LightsailBase):
 
         Creates:
             * Database passwords for master and individual users
-            * Lightsail PostgreSQL database instance
-            * Individual database user credentials (for later manual creation)
+            * Lightsail PostgreSQL database instance (with public access enabled)
+            * Individual databases within the instance (automated via SQL)
+            * Individual database users with scoped permissions (automated via SQL)
         """
         # Generate passwords first
         self.create_database_passwords()
@@ -230,7 +250,13 @@ class LightsailDatabaseStack(LightsailBase):
             * Engine: PostgreSQL (version specified by db_engine)
             * Size: Configurable (default: micro_2_0)
             * Master database: Uses first database name from the list
+            * Public Access: Configurable (default: True for automated provisioning)
             * Final snapshot: Disabled (skip_final_snapshot=True)
+            
+        .. note::
+           Public access is enabled by default to allow automated database creation
+           via local-exec provisioners. This can be disabled by setting
+           db_publicly_accessible=False, but will require manual database setup.
         """
         # Use the first database name as the master database name
         master_db_name = self.clean_hyphens(self.databases[0])
@@ -244,6 +270,7 @@ class LightsailDatabaseStack(LightsailBase):
             master_database_name=master_db_name,
             master_username=self.master_username,
             master_password=self.master_password.result,
+            publicly_accessible=self.db_publicly_accessible,
             skip_final_snapshot=True,
             tags={
                 "Environment": self.environment, 
@@ -269,28 +296,35 @@ class LightsailDatabaseStack(LightsailBase):
 
     def create_database_users(self):
         """
-        Prepare database user credentials for individual databases.
-
-        This method creates credentials for individual database users that would be
-        created manually or via external scripts after deployment. For each database 
-        in the databases list, it will:
-            1. Generate a password for the database user
-            2. Store credentials in the secrets dictionary
-            3. Create user information for reference
-
-        **Manual Database Setup Required:**
-        After deployment, you'll need to manually create databases and users:
+        Create individual databases and users within the Lightsail PostgreSQL instance.
+
+        This method automates the creation of databases and users using SQL commands
+        executed via null_resource provisioners. For each database in the databases list:
+            1. Generates a password for the database user
+            2. Stores credentials in the secrets dictionary
+            3. Creates the database (if not the first one - master database)
+            4. Creates a dedicated user with the generated password
+            5. Grants all privileges on the database to the user
+
+        **Automated Database Setup:**
+        The following operations are performed automatically for each database:
             * CREATE DATABASE {db_name};
             * CREATE USER "{db_name}-dbuser" WITH PASSWORD '{password}';
             * GRANT ALL PRIVILEGES ON DATABASE {db_name} TO "{db_name}-dbuser";
+            * GRANT ALL ON SCHEMA public TO "{db_name}-dbuser";
 
         .. note::
-           Database and user creation happens manually after deployment since
-           Lightsail doesn't provide Terraform resources for individual databases.
+           The first database in the list is created as the master database during
+           instance creation, so it's skipped in this automated provisioning process.
+           
+        .. note::
+           Requires publicly_accessible=True on the database instance for the
+           provisioner to connect from the local machine running Terraform.
         """
         if ArchitectureFlags.SKIP_DATABASE_USERS.value in self.flags:
             return
 
+        # Store credentials for all databases
         for db_name in self.databases:
             clean_db_name = self.clean_hyphens(db_name)
             username = f"{clean_db_name}-dbuser"
@@ -308,22 +342,67 @@ class LightsailDatabaseStack(LightsailBase):
                 "database": clean_db_name
             }
 
-        # Add manual setup instructions to post-terraform messages
-        if self.databases and not self.has_flag(ArchitectureFlags.SKIP_DATABASE_USERS.value):
-            setup_commands = []
-            for db_name in self.databases:
-                clean_db_name = self.clean_hyphens(db_name)
-                username = f"{clean_db_name}-dbuser"
-                setup_commands.extend([
-                    f"CREATE DATABASE IF NOT EXISTS \"{clean_db_name}\";",
-                    f"CREATE USER \"{username}\" WITH PASSWORD '<password_from_secrets>';",
-                    f"GRANT ALL PRIVILEGES ON DATABASE \"{clean_db_name}\" TO \"{username}\";"
-                ])
+        # Skip the first database as it's already created as the master database
+        databases_to_create = self.databases[1:] if len(self.databases) > 1 else []
+
+        # Create additional databases and users using null_resource
+        for db_name in databases_to_create:
+            clean_db_name = self.clean_hyphens(db_name)
+            username = f"{clean_db_name}-dbuser"
+            password_ref = self.database_passwords[db_name].result
             
-            self.post_terraform_messages.append(
-                f"Manual database setup required. Connect to the database instance and run:\n" +
-                "\n".join(setup_commands)
+            # SQL commands to create database and user
+            # Using environment variables to avoid Terraform interpolation issues
+            sql_commands = f"""#!/bin/bash
+set -e
+
+echo "Creating database: {clean_db_name}"
+
+# Wait for database to be ready (add retry logic)
+for i in {{1..30}}; do
+    if PGPASSWORD="$MASTER_PASSWORD" psql -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER" -d postgres -c "SELECT 1" > /dev/null 2>&1; then
+        echo "Database is ready"
+        break
+    fi
+    echo "Waiting for database to be ready... ($i/30)"
+    sleep 10
+done
+
+# Create database
+PGPASSWORD="$MASTER_PASSWORD" psql -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER" -d postgres -c "CREATE DATABASE \\"{clean_db_name}\\";" || echo "Database {clean_db_name} may already exist"
+
+# Create user
+PGPASSWORD="$MASTER_PASSWORD" psql -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER" -d postgres -c "CREATE USER \\"{username}\\" WITH PASSWORD '$USER_PASSWORD';" || echo "User {username} may already exist"
+
+# Grant database privileges
+PGPASSWORD="$MASTER_PASSWORD" psql -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER" -d postgres -c "GRANT ALL PRIVILEGES ON DATABASE \\"{clean_db_name}\\" TO \\"{username}\\";"
+
+# Grant schema privileges
+PGPASSWORD="$MASTER_PASSWORD" psql -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER" -d {clean_db_name} -c "GRANT ALL ON SCHEMA public TO \\"{username}\\";"
+
+echo "Successfully created database: {clean_db_name} with user: {username}"
+"""
+
+            # Create null_resource to execute SQL commands
+            db_resource = NullResource(
+                self,
+                f"create_database_{clean_db_name}",
+                depends_on=[self.database]
             )
+            
+            # Add provisioner using override
+            db_resource.add_override("provisioner", [{
+                "local-exec": {
+                    "command": sql_commands,
+                    "environment": {
+                        "DB_HOST": self.database.master_endpoint_address,
+                        "DB_PORT": self.database.master_endpoint_port,
+                        "DB_USER": self.master_username,
+                        "MASTER_PASSWORD": self.master_password.result,
+                        "USER_PASSWORD": password_ref,
+                    }
+                }
+            }])
 
     def create_outputs(self):
         """

buzzerboyawslightsail-0.331.1/LICENSE

@@ -0,0 +1,17 @@
+Copyright (c) 2024 Buzzerboy Inc. Canada. All Rights Reserved.
+
+This product and associated files (the "Software") is only available for use
+within projects developed by Buzzerboy Inc. Canada with subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+For commercial projects, permission of use is required by sending an email to info@buzzerboy.com
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

{buzzerboyawslightsail-0.329.1 → buzzerboyawslightsail-0.331.1}/PKG-INFO

@@ -1,10 +1,27 @@
 Metadata-Version: 2.4
 Name: BuzzerboyAWSLightsail
-Version: 0.329.1
+Version: 0.331.1
 Summary: Buzzerboy Architecture for Deploying Web Applications on AWS LightSail
 Home-page: https://www.buzzerboy.com/
 Author: Buzzerboy Inc
 Author-email: Buzzerboy Inc <info@buzzerboy.com>
+License: Copyright (c) 2024 Buzzerboy Inc. Canada. All Rights Reserved.
+        
+        This product and associated files (the "Software") is only available for use
+        within projects developed by Buzzerboy Inc. Canada with subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        For commercial projects, permission of use is required by sending an email to info@buzzerboy.com
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
 Project-URL: Homepage, https://www.buzzerboy.com/
 Project-URL: Issues, https://dev.azure.com/buzzerboyinc/buzzerboy
 Classifier: Programming Language :: Python :: 3
@@ -12,6 +29,7 @@ Classifier: License :: OSI Approved :: MIT License
 Classifier: Operating System :: OS Independent
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
+License-File: LICENSE
 Requires-Dist: cdktf<1.0,>=0.17.0
 Requires-Dist: constructs<11.0,>=10.0.0
 Requires-Dist: cdktf-cdktf-provider-aws>=12.0.0
@@ -24,6 +42,7 @@ Requires-Dist: BuzzerboyArchetype
 Requires-Dist: AWSArchitectureBase
 Dynamic: author
 Dynamic: home-page
+Dynamic: license-file
 Dynamic: requires-dist
 Dynamic: requires-python
 

{buzzerboyawslightsail-0.329.1 → buzzerboyawslightsail-0.331.1}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "BuzzerboyAWSLightsail"
-version = "0.329.1"
+version = "0.331.1"
 description = "Buzzerboy Architecture for Deploying Web Applications on AWS LightSail"
 readme = "README.md"
 requires-python = ">=3.8"