PyPI - cdk-factory - Versions diffs - 0.15.11__tar.gz → 0.15.13__tar.gz - Mend

cdk-factory 0.15.11tar.gz → 0.15.13tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cdk-factory might be problematic. Click here for more details.

Files changed (160) hide show

{cdk_factory-0.15.11 → cdk_factory-0.15.13}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cdk_factory
-Version: 0.15.11
+Version: 0.15.13
 Summary: CDK Factory. A QuickStarter and best practices setup for CDK projects
 Author-email: Eric Wilson <eric.wilson@geekcafe.com>
 License: MIT License

{cdk_factory-0.15.11 → cdk_factory-0.15.13}/pyproject.toml RENAMED Viewed

@@ -33,7 +33,7 @@ markers = [
 [project]
 name = "cdk_factory"
-version = "0.15.11"
+version = "0.15.13"
 authors = [
   { name="Eric Wilson", email="eric.wilson@geekcafe.com" }
 ]

cdk_factory-0.15.13/src/cdk_factory/configurations/resources/rds.py ADDED Viewed

@@ -0,0 +1,382 @@
+"""
+RdsConfig - supports RDS database settings for AWS CDK.
+Maintainers: Eric Wilson
+MIT License. See Project Root for license information.
+"""
+import re
+from typing import Any, Dict, List, Optional, Tuple, Literal
+from aws_lambda_powertools import Logger
+from cdk_factory.configurations.enhanced_base_config import EnhancedBaseConfig
+logger = Logger(service="RdsConfig")
+# Supported RDS engines
+Engine = Literal["mysql", "mariadb", "postgres", "aurora-mysql", "aurora-postgres", "sqlserver", "oracle"]
+class RdsConfig(EnhancedBaseConfig):
+    """
+    RDS Configuration - supports RDS database settings.
+    Each property reads from the config dict and provides a sensible default if not set.
+    """
+    def __init__(self, config: dict, deployment) -> None:
+        super().__init__(config or {}, resource_type="rds", resource_name=config.get("name", "rds") if config else "rds")
+        self.__config = config or {}
+        self.__deployment = deployment
+    @property
+    def name(self) -> str:
+        """RDS instance name"""
+        return self.__config.get("name", "database")
+    @property
+    def identifier(self) -> str:
+        """RDS DB instance identifier (sanitized)"""
+        raw_id = self.__config.get("identifier", self.name)
+        return self._sanitize_instance_identifier(raw_id)
+    def _sanitize_instance_identifier(self, identifier: str) -> str:
+        """
+        Sanitize DB instance identifier to meet RDS requirements:
+        - 1-63 chars, lowercase letters/digits/hyphen
+        - Must start with letter, can't end with hyphen, no consecutive hyphens
+        """
+        if not identifier:
+            raise ValueError("Instance identifier cannot be empty")
+        sanitized, notes = self._sanitize_instance_identifier_impl(identifier)
+        if notes:
+            logger.info(f"Sanitized instance identifier from '{identifier}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_instance_identifier_impl(self, identifier: str) -> Tuple[str, List[str]]:
+        """
+        DB instance identifier rules (all engines):
+        - 1-63 chars, lowercase letters/digits/hyphen
+        - Must start with letter
+        - Can't end with hyphen
+        - No consecutive hyphens (--)
+        """
+        notes: List[str] = []
+        s = identifier.lower()
+        # Keep only lowercase letters, digits, hyphen
+        s_clean = re.sub(r"[^a-z0-9-]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters (only a-z, 0-9, '-' allowed)")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Instance identifier '{identifier}' contains no valid characters")
+        # Must start with letter
+        if not re.match(r"^[a-z]", s):
+            s = f"db{s}"
+            notes.append("prefixed with 'db' to start with a letter")
+        # Collapse consecutive hyphens
+        s_collapsed = re.sub(r"-{2,}", "-", s)
+        if s_collapsed != s:
+            s = s_collapsed
+            notes.append("collapsed consecutive hyphens")
+        # Can't end with hyphen
+        if s.endswith("-"):
+            s = s.rstrip("-")
+            notes.append("removed trailing hyphen")
+        # Truncate to 63 characters
+        if len(s) > 63:
+            s = s[:63]
+            # Make sure we didn't truncate to a trailing hyphen
+            if s.endswith("-"):
+                s = s.rstrip("-")
+            notes.append("truncated to 63 characters")
+        return s, notes
+    @property
+    def engine(self) -> str:
+        """Database engine"""
+        return self.__config.get("engine", "postgres")
+    @property
+    def engine_version(self) -> str:
+        """Database engine version"""
+        engine_version = self.__config.get("engine_version")
+        if not engine_version:
+            raise ValueError("No engine version found")
+        return engine_version
+    @property
+    def instance_class(self) -> str:
+        """Database instance class"""
+        return self.__config.get("instance_class", "t3.micro")
+    @property
+    def database_name(self) -> str:
+        """Name of the database to create (sanitized for RDS requirements)"""
+        raw_name = self.__config.get("database_name", "appdb")
+        return self._sanitize_database_name(raw_name)
+    @property
+    def username(self) -> str:
+        """Master username for the database (sanitized for RDS requirements)"""
+        raw_username = self.__config.get("username", "appuser")
+        return self._sanitize_username(raw_username)
+    @property
+    def secret_name(self) -> str:
+        """Name of the secret to store credentials"""
+        env_name = self.__deployment.environment if self.__deployment else None
+        if not env_name:
+            raise ValueError("No environment found for RDS secret name.  Please add an environment to the deployment.")
+        return self.__config.get("secret_name", f"/{env_name}/db/creds")
+    @property
+    def allocated_storage(self) -> int:
+        """Allocated storage in GB"""
+        # Ensure we return an integer
+        return int(self.__config.get("allocated_storage", 20))
+    @property
+    def storage_encrypted(self) -> bool:
+        """Whether storage is encrypted"""
+        return self.__config.get("storage_encrypted", True)
+    @property
+    def multi_az(self) -> bool:
+        """Whether to enable Multi-AZ deployment"""
+        return self.__config.get("multi_az", False)
+    @property
+    def backup_retention(self) -> int:
+        """Backup retention period in days"""
+        return self.__config.get("backup_retention", 7)
+    @property
+    def deletion_protection(self) -> bool:
+        """Whether deletion protection is enabled"""
+        return self.__config.get("deletion_protection", False)
+    @property
+    def enable_performance_insights(self) -> bool:
+        """Whether to enable Performance Insights"""
+        return self.__config.get("enable_performance_insights", True)
+    @property
+    def subnet_group_name(self) -> str:
+        """Subnet group name for database placement"""
+        return self.__config.get("subnet_group_name", "db")
+    @property
+    def security_group_ids(self) -> List[str]:
+        """Security group IDs for the database"""
+        return self.__config.get("security_group_ids", [])
+    @property
+    def cloudwatch_logs_exports(self) -> List[str]:
+        """Log types to export to CloudWatch"""
+        return self.__config.get("cloudwatch_logs_exports", ["postgresql"])
+    @property
+    def removal_policy(self) -> str:
+        """Removal policy for the database"""
+        return self.__config.get("removal_policy", "retain")
+    @property
+    def existing_instance_id(self) -> Optional[str]:
+        """Existing RDS instance ID to import (if using existing)"""
+        return self.__config.get("existing_instance_id")
+    @property
+    def tags(self) -> Dict[str, str]:
+        """Tags to apply to the RDS instance"""
+        return self.__config.get("tags", {})
+    @property
+    def vpc_id(self) -> str | None:
+        """Returns the VPC ID for the Security Group"""
+        return self.__config.get("vpc_id")
+    @vpc_id.setter
+    def vpc_id(self, value: str):
+        """Sets the VPC ID for the Security Group"""
+        self.__config["vpc_id"] = value
+    @property
+    def ssm_imports(self) -> Dict[str, str]:
+        """SSM parameter imports for the RDS instance"""
+        # Check both nested and flat structures for backwards compatibility
+        if "ssm" in self.__config and "imports" in self.__config["ssm"]:
+            return self.__config["ssm"]["imports"]
+        return self.__config.get("ssm_imports", {})
+    @property
+    def ssm_exports(self) -> Dict[str, str]:
+        """SSM parameter exports for the RDS instance"""
+        # Check both nested and flat structures for backwards compatibility
+        if "ssm" in self.__config and "exports" in self.__config["ssm"]:
+            return self.__config["ssm"]["exports"]
+        return self.__config.get("ssm_exports", {})
+    def _sanitize_database_name(self, name: str) -> str:
+        """
+        Sanitize database name to meet RDS requirements (engine-specific).
+        Implements rules from RDS documentation for each engine type.
+        Args:
+            name: Raw database name from config
+        Returns:
+            Sanitized database name
+        Raises:
+            ValueError: If name cannot be sanitized to meet requirements
+        """
+        if not name:
+            raise ValueError("Database name cannot be empty")
+        engine = self.engine.lower()
+        sanitized, notes = self._sanitize_db_name_impl(engine, name)
+        if notes:
+            logger.info(f"Sanitized database name from '{name}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_db_name_impl(self, engine: str, name: str) -> Tuple[str, List[str]]:
+        """
+        Engine-specific database name sanitization.
+        Based on AWS RDS naming requirements:
+        - MySQL/MariaDB: 1-64 chars, start with letter, letters/digits/underscore
+        - PostgreSQL: 1-63 chars, start with letter, letters/digits/underscore
+        - SQL Server: 1-128 chars, start with letter, letters/digits/underscore
+        - Oracle: 1-8 chars (SID), alphanumeric only, start with letter
+        """
+        notes: List[str] = []
+        # Determine engine-specific limits
+        if engine in ("mysql", "mariadb", "aurora-mysql"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 64
+        elif engine in ("postgres", "postgresql", "aurora-postgres", "aurora-postgresql"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 63
+        elif engine in ("sqlserver", "sqlserver-ee", "sqlserver-se", "sqlserver-ex", "sqlserver-web"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 128
+        elif engine in ("oracle", "oracle-ee", "oracle-se2", "oracle-se1"):
+            allowed_chars = r"A-Za-z0-9"  # No underscore for Oracle SID
+            max_len = 8
+        else:
+            # Default to conservative rules
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 64
+            notes.append(f"unknown engine '{engine}', using default MySQL rules")
+        # Replace hyphens with underscores (except Oracle which doesn't allow underscores)
+        s = name
+        if "oracle" not in engine:
+            s = s.replace("-", "_")
+            if "_" in name and "-" in name:
+                notes.append("replaced hyphens with underscores")
+        # Strip disallowed characters
+        s_clean = re.sub(f"[^{allowed_chars}]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Database name '{name}' contains no valid characters after sanitization")
+        # Must start with a letter
+        if not re.match(r"^[A-Za-z]", s):
+            s = f"db{s}"
+            notes.append("prefixed with 'db' to start with a letter")
+        # Truncate to max length
+        if len(s) > max_len:
+            s = s[:max_len]
+            notes.append(f"truncated to {max_len} characters")
+        # SQL Server: can't start with 'rdsadmin'
+        if "sqlserver" in engine and s.lower().startswith("rdsadmin"):
+            s = f"db_{s}"
+            notes.append("prefixed to avoid 'rdsadmin' (SQL Server restriction)")
+        return s, notes
+    def _sanitize_username(self, username: str) -> str:
+        """
+        Sanitize master username to meet RDS requirements:
+        - Must begin with a letter (a-z, A-Z)
+        - Can contain alphanumeric characters and underscores
+        - Max 16 characters (AWS RDS master username limit)
+        - Cannot be a reserved word
+        Args:
+            username: Raw username from config
+        Returns:
+            Sanitized username
+        Raises:
+            ValueError: If username is invalid
+        """
+        if not username:
+            raise ValueError("Username cannot be empty")
+        sanitized, notes = self._sanitize_master_username_impl(username)
+        if notes:
+            logger.info(f"Sanitized username from '{username}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_master_username_impl(self, username: str) -> Tuple[str, List[str]]:
+        """
+        Sanitize master username according to AWS RDS rules:
+        - 1-16 characters
+        - Start with a letter
+        - Letters, digits, underscore only
+        - Not a reserved word
+        """
+        notes: List[str] = []
+        s = username
+        # Replace hyphens with underscores, remove other invalid chars
+        s = s.replace("-", "_")
+        s_clean = re.sub(r"[^A-Za-z0-9_]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Username '{username}' contains no valid characters after sanitization")
+        # Must start with a letter
+        if not re.match(r"^[A-Za-z]", s):
+            s = f"user{s}"
+            notes.append("prefixed with 'user' to start with a letter")
+        # Truncate to 16 characters
+        if len(s) > 16:
+            s = s[:16]
+            notes.append("truncated to 16 characters")
+        # Check against common reserved words
+        reserved = {"postgres", "mysql", "root", "admin", "rdsadmin", "system", "sa", "user"}
+        if s.lower() in reserved:
+            s = f"{s}_usr"
+            # Re-truncate if needed after adding suffix
+            if len(s) > 16:
+                s = s[:16]
+            notes.append("appended '_usr' to avoid reserved username")
+        return s, notes

{cdk_factory-0.15.11 → cdk_factory-0.15.13}/src/cdk_factory/pipeline/pipeline_factory.py RENAMED Viewed

@@ -305,6 +305,7 @@ class PipelineFactoryStack(IStack):
                     scope=pipeline_stage,
                     id=stack_config.name,
                     deployment=deployment,
+                    stack_config=stack_config,
                     add_env_context=self.add_env_context,
                     **kwargs,
                 )

cdk_factory-0.15.13/src/cdk_factory/stack/stack_factory.py ADDED Viewed

@@ -0,0 +1,88 @@
+"""
+Geek Cafe, LLC
+Maintainers: Eric Wilson
+MIT License.  See Project Root for the license information.
+"""
+from typing import Type, Dict, Any, Optional
+from aws_cdk import Environment
+from cdk_factory.interfaces.istack import IStack
+from cdk_factory.stack.stack_module_loader import ModuleLoader
+from cdk_factory.stack.stack_module_registry import modules
+from cdk_factory.configurations.deployment import DeploymentConfig
+from cdk_factory.configurations.stack import StackConfig
+class StackFactory:
+    """Stack Factory"""
+    # Default descriptions by module type
+    DEFAULT_DESCRIPTIONS = {
+        "vpc_stack": "VPC infrastructure with public and private subnets across multiple availability zones",
+        "security_group_stack": "Security groups for network access control",
+        "security_group_full_stack": "Security groups for ALB, ECS, RDS, and monitoring",
+        "rds_stack": "Managed relational database instance with automated backups",
+        "s3_bucket_stack": "S3 bucket for object storage",
+        "media_bucket_stack": "S3 bucket for media asset storage with CDN integration",
+        "static_website_stack": "Static website hosted on S3 with CloudFront distribution",
+        "ecs_service_stack": "ECS service with auto-scaling and load balancing",
+        "lambda_stack": "Lambda function for serverless compute",
+        "api_gateway_stack": "API Gateway for REST API endpoints",
+        "cloudfront_stack": "CloudFront CDN distribution",
+        "monitoring_stack": "CloudWatch monitoring, alarms, and dashboards",
+        "ecr_stack": "Elastic Container Registry for Docker images",
+    }
+    def __init__(self):
+        ml: ModuleLoader = ModuleLoader()
+        ml.load_known_modules()
+    def load_module(
+        self,
+        module_name: str,
+        scope,
+        id: str,  # pylint: disable=redefined-builtin
+        deployment: Optional[DeploymentConfig] = None,
+        stack_config: Optional[StackConfig] = None,
+        add_env_context: bool = True,
+        **kwargs,
+    ) -> IStack:
+        """Loads a particular module"""
+        # print(f"loading module: {module_name}")
+        stack_class: Type[IStack] = modules.get(module_name)
+        if not stack_class:
+            raise ValueError(f"Failed to load module: {module_name}")
+        # Add environment information if deployment is provided and add_env_context is True
+        if deployment and add_env_context:
+            env_kwargs = self._get_environment_kwargs(deployment)
+            kwargs.update(env_kwargs)
+        # Add description if not already provided in kwargs
+        if "description" not in kwargs:
+            description = self._get_stack_description(module_name, stack_config)
+            if description:
+                kwargs["description"] = description
+        module = stack_class(scope=scope, id=id, **kwargs)
+        return module
+    def _get_environment_kwargs(self, deployment: DeploymentConfig) -> Dict[str, Any]:
+        """Get environment kwargs from deployment config"""
+        env = Environment(
+            account=deployment.account,
+            region=deployment.region
+        )
+        return {"env": env}
+    def _get_stack_description(self, module_name: str, stack_config: Optional[StackConfig] = None) -> Optional[str]:
+        """Get stack description from config or default"""
+        # First check if stack_config has a description
+        if stack_config and stack_config.description:
+            return stack_config.description
+        # Otherwise use default description based on module type
+        return self.DEFAULT_DESCRIPTIONS.get(module_name)

cdk_factory-0.15.13/src/cdk_factory/version.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ __version__ = "0.15.13"

{cdk_factory-0.15.11 → cdk_factory-0.15.13}/src/cdk_factory/workload/workload_factory.py RENAMED Viewed

@@ -124,6 +124,7 @@ class WorkloadFactory:
                     scope=self.app,
                     id=stack.name,
                     deployment=deployment,
+                    stack_config=stack,
                     add_env_context=self.add_env_context,
                     **kwargs,
                 )

cdk_factory-0.15.11/src/cdk_factory/configurations/resources/rds.py DELETED Viewed

@@ -1,148 +0,0 @@
-"""
-RdsConfig - supports RDS database settings for AWS CDK.
-Maintainers: Eric Wilson
-MIT License. See Project Root for license information.
-"""
-from typing import Any, Dict, List, Optional
-from cdk_factory.configurations.enhanced_base_config import EnhancedBaseConfig
-class RdsConfig(EnhancedBaseConfig):
-    """
-    RDS Configuration - supports RDS database settings.
-    Each property reads from the config dict and provides a sensible default if not set.
-    """
-    def __init__(self, config: dict, deployment) -> None:
-        super().__init__(config or {}, resource_type="rds", resource_name=config.get("name", "rds") if config else "rds")
-        self.__config = config or {}
-        self.__deployment = deployment
-    @property
-    def name(self) -> str:
-        """RDS instance name"""
-        return self.__config.get("name", "database")
-    @property
-    def engine(self) -> str:
-        """Database engine"""
-        return self.__config.get("engine", "postgres")
-    @property
-    def engine_version(self) -> str:
-        """Database engine version"""
-        engine_version = self.__config.get("engine_version")
-        if not engine_version:
-            raise ValueError("No engine version found")
-        return engine_version
-    @property
-    def instance_class(self) -> str:
-        """Database instance class"""
-        return self.__config.get("instance_class", "t3.micro")
-    @property
-    def database_name(self) -> str:
-        """Name of the database to create"""
-        return self.__config.get("database_name", "appdb")
-    @property
-    def username(self) -> str:
-        """Master username for the database"""
-        return self.__config.get("username", "appuser")
-    @property
-    def secret_name(self) -> str:
-        """Name of the secret to store credentials"""
-        env_name = self.__deployment.environment if self.__deployment else None
-        if not env_name:
-            raise ValueError("No environment found for RDS secret name.  Please add an environment to the deployment.")
-        return self.__config.get("secret_name", f"/{env_name}/db/creds")
-    @property
-    def allocated_storage(self) -> int:
-        """Allocated storage in GB"""
-        # Ensure we return an integer
-        return int(self.__config.get("allocated_storage", 20))
-    @property
-    def storage_encrypted(self) -> bool:
-        """Whether storage is encrypted"""
-        return self.__config.get("storage_encrypted", True)
-    @property
-    def multi_az(self) -> bool:
-        """Whether to enable Multi-AZ deployment"""
-        return self.__config.get("multi_az", False)
-    @property
-    def backup_retention(self) -> int:
-        """Backup retention period in days"""
-        return self.__config.get("backup_retention", 7)
-    @property
-    def deletion_protection(self) -> bool:
-        """Whether deletion protection is enabled"""
-        return self.__config.get("deletion_protection", False)
-    @property
-    def enable_performance_insights(self) -> bool:
-        """Whether to enable Performance Insights"""
-        return self.__config.get("enable_performance_insights", True)
-    @property
-    def subnet_group_name(self) -> str:
-        """Subnet group name for database placement"""
-        return self.__config.get("subnet_group_name", "db")
-    @property
-    def security_group_ids(self) -> List[str]:
-        """Security group IDs for the database"""
-        return self.__config.get("security_group_ids", [])
-    @property
-    def cloudwatch_logs_exports(self) -> List[str]:
-        """Log types to export to CloudWatch"""
-        return self.__config.get("cloudwatch_logs_exports", ["postgresql"])
-    @property
-    def removal_policy(self) -> str:
-        """Removal policy for the database"""
-        return self.__config.get("removal_policy", "retain")
-    @property
-    def existing_instance_id(self) -> Optional[str]:
-        """Existing RDS instance ID to import (if using existing)"""
-        return self.__config.get("existing_instance_id")
-    @property
-    def tags(self) -> Dict[str, str]:
-        """Tags to apply to the RDS instance"""
-        return self.__config.get("tags", {})
-    @property
-    def vpc_id(self) -> str | None:
-        """Returns the VPC ID for the Security Group"""
-        return self.__config.get("vpc_id")
-    @vpc_id.setter
-    def vpc_id(self, value: str):
-        """Sets the VPC ID for the Security Group"""
-        self.__config["vpc_id"] = value
-    @property
-    def ssm_imports(self) -> Dict[str, str]:
-        """SSM parameter imports for the RDS instance"""
-        # Check both nested and flat structures for backwards compatibility
-        if "ssm" in self.__config and "imports" in self.__config["ssm"]:
-            return self.__config["ssm"]["imports"]
-        return self.__config.get("ssm_imports", {})
-    @property
-    def ssm_exports(self) -> Dict[str, str]:
-        """SSM parameter exports for the RDS instance"""
-        # Check both nested and flat structures for backwards compatibility
-        if "ssm" in self.__config and "exports" in self.__config["ssm"]:
-            return self.__config["ssm"]["exports"]
-        return self.__config.get("ssm_exports", {})

cdk-factory 0.15.11__tar.gz → 0.15.13__tar.gz

Potentially problematic release.

cdk-factory 0.15.11tar.gz → 0.15.13tar.gz