PyPI - cdk-factory - Versions diffs - 0.15.11__py3-none-any.whl → 0.15.13__py3-none-any.whl - Mend

cdk-factory 0.15.11py3-none-any.whl → 0.15.13py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cdk-factory might be problematic. Click here for more details.

Files changed (10) hide show

cdk_factory/configurations/resources/rds.py CHANGED Viewed

@@ -4,9 +4,16 @@ Maintainers: Eric Wilson
 MIT License. See Project Root for license information.
 """
-from typing import Any, Dict, List, Optional
+import re
+from typing import Any, Dict, List, Optional, Tuple, Literal
+from aws_lambda_powertools import Logger
 from cdk_factory.configurations.enhanced_base_config import EnhancedBaseConfig
+logger = Logger(service="RdsConfig")
+# Supported RDS engines
+Engine = Literal["mysql", "mariadb", "postgres", "aurora-mysql", "aurora-postgres", "sqlserver", "oracle"]
 class RdsConfig(EnhancedBaseConfig):
     """
@@ -23,6 +30,74 @@ class RdsConfig(EnhancedBaseConfig):
     def name(self) -> str:
         """RDS instance name"""
         return self.__config.get("name", "database")
+    @property
+    def identifier(self) -> str:
+        """RDS DB instance identifier (sanitized)"""
+        raw_id = self.__config.get("identifier", self.name)
+        return self._sanitize_instance_identifier(raw_id)
+    def _sanitize_instance_identifier(self, identifier: str) -> str:
+        """
+        Sanitize DB instance identifier to meet RDS requirements:
+        - 1-63 chars, lowercase letters/digits/hyphen
+        - Must start with letter, can't end with hyphen, no consecutive hyphens
+        """
+        if not identifier:
+            raise ValueError("Instance identifier cannot be empty")
+        sanitized, notes = self._sanitize_instance_identifier_impl(identifier)
+        if notes:
+            logger.info(f"Sanitized instance identifier from '{identifier}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_instance_identifier_impl(self, identifier: str) -> Tuple[str, List[str]]:
+        """
+        DB instance identifier rules (all engines):
+        - 1-63 chars, lowercase letters/digits/hyphen
+        - Must start with letter
+        - Can't end with hyphen
+        - No consecutive hyphens (--)
+        """
+        notes: List[str] = []
+        s = identifier.lower()
+        # Keep only lowercase letters, digits, hyphen
+        s_clean = re.sub(r"[^a-z0-9-]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters (only a-z, 0-9, '-' allowed)")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Instance identifier '{identifier}' contains no valid characters")
+        # Must start with letter
+        if not re.match(r"^[a-z]", s):
+            s = f"db{s}"
+            notes.append("prefixed with 'db' to start with a letter")
+        # Collapse consecutive hyphens
+        s_collapsed = re.sub(r"-{2,}", "-", s)
+        if s_collapsed != s:
+            s = s_collapsed
+            notes.append("collapsed consecutive hyphens")
+        # Can't end with hyphen
+        if s.endswith("-"):
+            s = s.rstrip("-")
+            notes.append("removed trailing hyphen")
+        # Truncate to 63 characters
+        if len(s) > 63:
+            s = s[:63]
+            # Make sure we didn't truncate to a trailing hyphen
+            if s.endswith("-"):
+                s = s.rstrip("-")
+            notes.append("truncated to 63 characters")
+        return s, notes
     @property
     def engine(self) -> str:
@@ -44,13 +119,15 @@ class RdsConfig(EnhancedBaseConfig):
     @property
     def database_name(self) -> str:
-        """Name of the database to create"""
-        return self.__config.get("database_name", "appdb")
+        """Name of the database to create (sanitized for RDS requirements)"""
+        raw_name = self.__config.get("database_name", "appdb")
+        return self._sanitize_database_name(raw_name)
     @property
     def username(self) -> str:
-        """Master username for the database"""
-        return self.__config.get("username", "appuser")
+        """Master username for the database (sanitized for RDS requirements)"""
+        raw_username = self.__config.get("username", "appuser")
+        return self._sanitize_username(raw_username)
     @property
     def secret_name(self) -> str:
@@ -146,3 +223,160 @@ class RdsConfig(EnhancedBaseConfig):
         if "ssm" in self.__config and "exports" in self.__config["ssm"]:
             return self.__config["ssm"]["exports"]
         return self.__config.get("ssm_exports", {})
+    def _sanitize_database_name(self, name: str) -> str:
+        """
+        Sanitize database name to meet RDS requirements (engine-specific).
+        Implements rules from RDS documentation for each engine type.
+        Args:
+            name: Raw database name from config
+        Returns:
+            Sanitized database name
+        Raises:
+            ValueError: If name cannot be sanitized to meet requirements
+        """
+        if not name:
+            raise ValueError("Database name cannot be empty")
+        engine = self.engine.lower()
+        sanitized, notes = self._sanitize_db_name_impl(engine, name)
+        if notes:
+            logger.info(f"Sanitized database name from '{name}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_db_name_impl(self, engine: str, name: str) -> Tuple[str, List[str]]:
+        """
+        Engine-specific database name sanitization.
+        Based on AWS RDS naming requirements:
+        - MySQL/MariaDB: 1-64 chars, start with letter, letters/digits/underscore
+        - PostgreSQL: 1-63 chars, start with letter, letters/digits/underscore
+        - SQL Server: 1-128 chars, start with letter, letters/digits/underscore
+        - Oracle: 1-8 chars (SID), alphanumeric only, start with letter
+        """
+        notes: List[str] = []
+        # Determine engine-specific limits
+        if engine in ("mysql", "mariadb", "aurora-mysql"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 64
+        elif engine in ("postgres", "postgresql", "aurora-postgres", "aurora-postgresql"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 63
+        elif engine in ("sqlserver", "sqlserver-ee", "sqlserver-se", "sqlserver-ex", "sqlserver-web"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 128
+        elif engine in ("oracle", "oracle-ee", "oracle-se2", "oracle-se1"):
+            allowed_chars = r"A-Za-z0-9"  # No underscore for Oracle SID
+            max_len = 8
+        else:
+            # Default to conservative rules
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 64
+            notes.append(f"unknown engine '{engine}', using default MySQL rules")
+        # Replace hyphens with underscores (except Oracle which doesn't allow underscores)
+        s = name
+        if "oracle" not in engine:
+            s = s.replace("-", "_")
+            if "_" in name and "-" in name:
+                notes.append("replaced hyphens with underscores")
+        # Strip disallowed characters
+        s_clean = re.sub(f"[^{allowed_chars}]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Database name '{name}' contains no valid characters after sanitization")
+        # Must start with a letter
+        if not re.match(r"^[A-Za-z]", s):
+            s = f"db{s}"
+            notes.append("prefixed with 'db' to start with a letter")
+        # Truncate to max length
+        if len(s) > max_len:
+            s = s[:max_len]
+            notes.append(f"truncated to {max_len} characters")
+        # SQL Server: can't start with 'rdsadmin'
+        if "sqlserver" in engine and s.lower().startswith("rdsadmin"):
+            s = f"db_{s}"
+            notes.append("prefixed to avoid 'rdsadmin' (SQL Server restriction)")
+        return s, notes
+    def _sanitize_username(self, username: str) -> str:
+        """
+        Sanitize master username to meet RDS requirements:
+        - Must begin with a letter (a-z, A-Z)
+        - Can contain alphanumeric characters and underscores
+        - Max 16 characters (AWS RDS master username limit)
+        - Cannot be a reserved word
+        Args:
+            username: Raw username from config
+        Returns:
+            Sanitized username
+        Raises:
+            ValueError: If username is invalid
+        """
+        if not username:
+            raise ValueError("Username cannot be empty")
+        sanitized, notes = self._sanitize_master_username_impl(username)
+        if notes:
+            logger.info(f"Sanitized username from '{username}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_master_username_impl(self, username: str) -> Tuple[str, List[str]]:
+        """
+        Sanitize master username according to AWS RDS rules:
+        - 1-16 characters
+        - Start with a letter
+        - Letters, digits, underscore only
+        - Not a reserved word
+        """
+        notes: List[str] = []
+        s = username
+        # Replace hyphens with underscores, remove other invalid chars
+        s = s.replace("-", "_")
+        s_clean = re.sub(r"[^A-Za-z0-9_]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Username '{username}' contains no valid characters after sanitization")
+        # Must start with a letter
+        if not re.match(r"^[A-Za-z]", s):
+            s = f"user{s}"
+            notes.append("prefixed with 'user' to start with a letter")
+        # Truncate to 16 characters
+        if len(s) > 16:
+            s = s[:16]
+            notes.append("truncated to 16 characters")
+        # Check against common reserved words
+        reserved = {"postgres", "mysql", "root", "admin", "rdsadmin", "system", "sa", "user"}
+        if s.lower() in reserved:
+            s = f"{s}_usr"
+            # Re-truncate if needed after adding suffix
+            if len(s) > 16:
+                s = s[:16]
+            notes.append("appended '_usr' to avoid reserved username")
+        return s, notes

cdk_factory/pipeline/pipeline_factory.py CHANGED Viewed

@@ -305,6 +305,7 @@ class PipelineFactoryStack(IStack):
                     scope=pipeline_stage,
                     id=stack_config.name,
                     deployment=deployment,
+                    stack_config=stack_config,
                     add_env_context=self.add_env_context,
                     **kwargs,
                 )

cdk_factory/stack/stack_factory.py CHANGED Viewed

@@ -11,10 +11,28 @@ from cdk_factory.interfaces.istack import IStack
 from cdk_factory.stack.stack_module_loader import ModuleLoader
 from cdk_factory.stack.stack_module_registry import modules
 from cdk_factory.configurations.deployment import DeploymentConfig
+from cdk_factory.configurations.stack import StackConfig
 class StackFactory:
     """Stack Factory"""
+    # Default descriptions by module type
+    DEFAULT_DESCRIPTIONS = {
+        "vpc_stack": "VPC infrastructure with public and private subnets across multiple availability zones",
+        "security_group_stack": "Security groups for network access control",
+        "security_group_full_stack": "Security groups for ALB, ECS, RDS, and monitoring",
+        "rds_stack": "Managed relational database instance with automated backups",
+        "s3_bucket_stack": "S3 bucket for object storage",
+        "media_bucket_stack": "S3 bucket for media asset storage with CDN integration",
+        "static_website_stack": "Static website hosted on S3 with CloudFront distribution",
+        "ecs_service_stack": "ECS service with auto-scaling and load balancing",
+        "lambda_stack": "Lambda function for serverless compute",
+        "api_gateway_stack": "API Gateway for REST API endpoints",
+        "cloudfront_stack": "CloudFront CDN distribution",
+        "monitoring_stack": "CloudWatch monitoring, alarms, and dashboards",
+        "ecr_stack": "Elastic Container Registry for Docker images",
+    }
     def __init__(self):
         ml: ModuleLoader = ModuleLoader()
@@ -27,6 +45,7 @@ class StackFactory:
         scope,
         id: str,  # pylint: disable=redefined-builtin
         deployment: Optional[DeploymentConfig] = None,
+        stack_config: Optional[StackConfig] = None,
         add_env_context: bool = True,
         **kwargs,
     ) -> IStack:
@@ -40,6 +59,12 @@ class StackFactory:
         if deployment and add_env_context:
             env_kwargs = self._get_environment_kwargs(deployment)
             kwargs.update(env_kwargs)
+        # Add description if not already provided in kwargs
+        if "description" not in kwargs:
+            description = self._get_stack_description(module_name, stack_config)
+            if description:
+                kwargs["description"] = description
         module = stack_class(scope=scope, id=id, **kwargs)
@@ -52,3 +77,12 @@ class StackFactory:
             region=deployment.region
         )
         return {"env": env}
+    def _get_stack_description(self, module_name: str, stack_config: Optional[StackConfig] = None) -> Optional[str]:
+        """Get stack description from config or default"""
+        # First check if stack_config has a description
+        if stack_config and stack_config.description:
+            return stack_config.description
+        # Otherwise use default description based on module type
+        return self.DEFAULT_DESCRIPTIONS.get(module_name)

cdk_factory/version.py CHANGED Viewed

	@@ -1 +1 @@
1	- __version__ = "0.15.11"
1	+ __version__ = "0.15.13"

cdk_factory/workload/workload_factory.py CHANGED Viewed

@@ -124,6 +124,7 @@ class WorkloadFactory:
                     scope=self.app,
                     id=stack.name,
                     deployment=deployment,
+                    stack_config=stack,
                     add_env_context=self.add_env_context,
                     **kwargs,
                 )

{cdk_factory-0.15.11.dist-info → cdk_factory-0.15.13.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cdk_factory
-Version: 0.15.11
+Version: 0.15.13
 Summary: CDK Factory. A QuickStarter and best practices setup for CDK projects
 Author-email: Eric Wilson <eric.wilson@geekcafe.com>
 License: MIT License

{cdk_factory-0.15.11.dist-info → cdk_factory-0.15.13.dist-info}/RECORD RENAMED Viewed

@@ -2,7 +2,7 @@ cdk_factory/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cdk_factory/app.py,sha256=RnX0-pwdTAPAdKJK_j13Zl8anf9zYKBwboR0KA8K8xM,10346
 cdk_factory/cdk.json,sha256=SKZKhJ2PBpFH78j-F8S3VDYW-lf76--Q2I3ON-ZIQfw,3106
 cdk_factory/cli.py,sha256=FGbCTS5dYCNsfp-etshzvFlGDCjC28r6rtzYbe7KoHI,6407
-cdk_factory/version.py,sha256=Bw5DUxQ3jqdKvFLsxUsxaKKMc-9Ywbelea4Rftx-Kj0,24
+cdk_factory/version.py,sha256=6AIqVLeKq3uS7QeuesqvTQrN9gWiCBFTAygmSJRA6-0,24
 cdk_factory/builds/README.md,sha256=9BBWd7bXpyKdMU_g2UljhQwrC9i5O_Tvkb6oPvndoZk,90
 cdk_factory/commands/command_loader.py,sha256=QbLquuP_AdxtlxlDy-2IWCQ6D-7qa58aphnDPtp_uTs,3744
 cdk_factory/configurations/base_config.py,sha256=JKjhNsy0RCUZy1s8n5D_aXXI-upR9izaLtCTfKYiV9k,9624
@@ -38,7 +38,7 @@ cdk_factory/configurations/resources/lambda_layers.py,sha256=gVeP_-LC3Eq0lkPaG_J
 cdk_factory/configurations/resources/lambda_triggers.py,sha256=MD7cdMNKEulNBhtMLIFnWJuJ5R-yyIqa0LHUgbSQerA,834
 cdk_factory/configurations/resources/load_balancer.py,sha256=idpKdvkkCM7J9J2pNjMBOY1DNaFR1tk1tFjTg76bvrY,5267
 cdk_factory/configurations/resources/monitoring.py,sha256=zsfDMa7yph33Ql8iP7lIqqLAyixh-Mesi0imtZJFdcE,2310
-cdk_factory/configurations/resources/rds.py,sha256=is_odfCoe3kyiz8DpDxDayt1aVICJoNWuhuaHZ98qQo,5197
+cdk_factory/configurations/resources/rds.py,sha256=lSj6BqAmx1knpu3Kv1Fq-tw-lTF94NFzEFGgWcMMIFI,14009
 cdk_factory/configurations/resources/resource_mapping.py,sha256=cwv3n63RJ6E59ErsmSTdkW4i-g8huhHtKI0ExbRhJxA,2182
 cdk_factory/configurations/resources/resource_naming.py,sha256=VE9S2cpzp11qqPL2z1sX79wXH0o1SntO2OG74nEmWC8,5508
 cdk_factory/configurations/resources/resource_types.py,sha256=1WQHyDoErb-M-tETZZzyLDtbq_jdC85-I403dM48pgE,2317
@@ -68,12 +68,12 @@ cdk_factory/interfaces/ssm_parameter_mixin.py,sha256=uA2j8HmAOpuEA9ynRj51s0WjUHM
 cdk_factory/lambdas/health_handler.py,sha256=dd40ykKMxWCFEIyp2ZdQvAGNjw_ylI9CSm1N24Hp2ME,196
 cdk_factory/lambdas/edge/ip_gate/handler.py,sha256=YrXO42gEhJoBTaH6jS7EWqjHe9t5Fpt4WLgY8vjtou0,10474
 cdk_factory/pipeline/path_utils.py,sha256=fvWdrcb4onmpIu1APkHLhXg8zWfK74HcW3Ra2ynxfXM,2586
-cdk_factory/pipeline/pipeline_factory.py,sha256=rvtkdlTPJG477nTVRN8S2ksWt4bwpd9eVLFd9WO02pM,17248
+cdk_factory/pipeline/pipeline_factory.py,sha256=tY-uaJa_51CnWHb4KEvYMT-pZ_7cWy5DNnTfXHWUoHY,17295
 cdk_factory/pipeline/stage.py,sha256=Be7ExMB9A-linRM18IQDOzQ-cP_I2_ThRNzlT4FIrUg,437
 cdk_factory/pipeline/security/policies.py,sha256=H3-S6nipz3UtF9Pc5eJYr4-aREUTCaJWMjOUyd6Rdv4,4406
 cdk_factory/pipeline/security/roles.py,sha256=ZB_O5H_BXgotvVspS2kVad9EMcY-a_-vU7Nm1_Z5MB8,4985
 cdk_factory/stack/istack.py,sha256=-n0FTLvG7uvLxkyqRGjqFTguZeTRuXwFxGzcAIqbsj8,174
-cdk_factory/stack/stack_factory.py,sha256=zn4JwfpZidxkYLmv6uT1GaFPFRidTFj0NUGKWDNFRb8,1701
+cdk_factory/stack/stack_factory.py,sha256=PfFzKxfM_5JPhK33_acEvpT4gll_AFCqZP7-lPifbJk,3649
 cdk_factory/stack/stack_module_loader.py,sha256=EA7ceb8qyktzkYgPYaixQdPJsi8FwTsMU-NrgtXwXcw,1144
 cdk_factory/stack/stack_module_registry.py,sha256=J14-A75VZESzRQa8p-Fepdap7Z8T7mradTu3sVzuBx8,378
 cdk_factory/stack/stack_modules.py,sha256=kgEK-j0smZPozVwTCfM1g1V17EyTBT0TXAQZq4vZz0o,784
@@ -128,9 +128,9 @@ cdk_factory/utilities/json_loading_utility.py,sha256=YRgzA1I-B_HwZm1eWJTeQ1JLkeb
 cdk_factory/utilities/lambda_function_utilities.py,sha256=S1GvBsY_q2cyUiaud3HORJMnLhI5cRi31fbeaktY-_Q,15826
 cdk_factory/utilities/os_execute.py,sha256=5Op0LY_8Y-pUm04y1k8MTpNrmQvcLmQHPQITEP7EuSU,1019
 cdk_factory/utils/api_gateway_utilities.py,sha256=If7Xu5s_UxmuV-kL3JkXxPLBdSVUKoLtohm0IUFoiV8,4378
-cdk_factory/workload/workload_factory.py,sha256=mM8GU_5mKq_0OyK060T3JrUSUiGAcKf0eqNlT9mfaws,6028
-cdk_factory-0.15.11.dist-info/METADATA,sha256=vTtRFsbZLXHxMN6sy2U_8V906n9u8k-RREbUOY_mefI,2452
-cdk_factory-0.15.11.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-cdk_factory-0.15.11.dist-info/entry_points.txt,sha256=S1DPe0ORcdiwEALMN_WIo3UQrW_g4YdQCLEsc_b0Swg,53
-cdk_factory-0.15.11.dist-info/licenses/LICENSE,sha256=NOtdOeLwg2il_XBJdXUPFPX8JlV4dqTdDGAd2-khxT8,1066
-cdk_factory-0.15.11.dist-info/RECORD,,
+cdk_factory/workload/workload_factory.py,sha256=yDI3cRhVI5ELNDcJPLpk9UY54Uind1xQoV3spzT4z7E,6068
+cdk_factory-0.15.13.dist-info/METADATA,sha256=ZEIwXiuhfk9EeWo0OgSz3-yK3sl2l7rVPLPLE9cVC2w,2452
+cdk_factory-0.15.13.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+cdk_factory-0.15.13.dist-info/entry_points.txt,sha256=S1DPe0ORcdiwEALMN_WIo3UQrW_g4YdQCLEsc_b0Swg,53
+cdk_factory-0.15.13.dist-info/licenses/LICENSE,sha256=NOtdOeLwg2il_XBJdXUPFPX8JlV4dqTdDGAd2-khxT8,1066
+cdk_factory-0.15.13.dist-info/RECORD,,

{cdk_factory-0.15.11.dist-info → cdk_factory-0.15.13.dist-info}/WHEEL RENAMED Viewed

File without changes

{cdk_factory-0.15.11.dist-info → cdk_factory-0.15.13.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{cdk_factory-0.15.11.dist-info → cdk_factory-0.15.13.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

cdk-factory 0.15.11__py3-none-any.whl → 0.15.13__py3-none-any.whl

Potentially problematic release.

cdk-factory 0.15.11py3-none-any.whl → 0.15.13py3-none-any.whl