notationlabs · djgrant · Nov 23, 2023 · Nov 7, 2023 · Nov 7, 2023 · Nov 7, 2023
diff --git a/.github/workflows/pr.test.yaml b/.github/workflows/pr.test.yaml
@@ -41,7 +41,13 @@ jobs:
         run: pnpm install bun -g
 
       - name: Install
-        run: pnpm install --frozen-lockfile --strict-peer-dependencies
+        run: pnpm install
+
+      - name: Build
+        run: bun run build
+
+      - name: Install local bin scripts
+        run: pnpm install
 
       - name: Test
         run: bun test
diff --git a/package.json b/package.json
@@ -3,7 +3,7 @@
   "type": "module",
   "private": true,
   "scripts": {
-    "build": "turbo run dev",
+    "build": "turbo run build",
     "dev": "turbo run dev",
     "test": ": 'run `$ bun test` instead'",
     "format": "prettier --write .",

diff --git a/packages/aws.iac/package.json b/packages/aws.iac/package.json
@@ -0,0 +1,29 @@
+{
+  "type": "module",
+  "name": "@notation/aws.iac",
+  "version": "0.0.1",
+  "scripts": {
+    "build": "tsup",
+    "dev": "npm run build -- --watch"
+  },
+  "exports": {
+    "./client": {
+      "import": "./dist/client.js",
+      "types": "./dist/client.d.ts"
+    },
+    "./resources": {
+      "import": "./dist/resources.js",
+      "types": "./dist/resources.d.ts"
+    }
+  },
+  "dependencies": {
+    "@aws-sdk/client-sts": "^3.441.0",
+    "@aws-sdk/client-apigatewayv2": "^3.441.0",
+    "@aws-sdk/client-lambda": "^3.441.0",
+    "@aws-sdk/client-iam": "^3.441.0",
+    "@aws-sdk/client-cloudwatch-logs": "^3.441.0",
+    "@notation/core": "workspace:*",
+    "@notation/std.iac": "workspace:*",
+    "@types/aws-lambda": "^8.10.125"
+  }
+}
diff --git a/packages/aws.iac/src/client.ts b/packages/aws.iac/src/client.ts
@@ -0,0 +1,5 @@
+import { ResourceGroup } from "@notation/core";
+
+export class AwsResourceGroup extends ResourceGroup {
+  platform = "aws";
+}
diff --git a/packages/aws.iac/src/config.ts b/packages/aws.iac/src/config.ts
@@ -0,0 +1 @@
+export const region = "us-west-2";
diff --git a/packages/aws.iac/src/context.ts b/packages/aws.iac/src/context.ts
@@ -0,0 +1,9 @@
+import { GetCallerIdentityCommand } from "@aws-sdk/client-sts";
+import { stsClient } from "src/utils/aws-clients";
+
+const command = new GetCallerIdentityCommand({});
+
+export const getAwsAccountId = async () => {
+  const response = await stsClient.send(command);
+  return response.Account;
+};
diff --git a/packages/aws.iac/src/resources.ts b/packages/aws.iac/src/resources.ts
@@ -0,0 +1,2 @@
+export * as apiGateway from "./resources/api-gateway";
+export * as lambda from "./resources/lambda";
diff --git a/packages/aws.iac/src/resources/api-gateway/api.ts b/packages/aws.iac/src/resources/api-gateway/api.ts
@@ -0,0 +1,23 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  CreateApiCommand,
+  CreateApiCommandInput,
+  CreateApiCommandOutput,
+} from "@aws-sdk/client-apigatewayv2";
+import { apiGatewayClient } from "src/utils/aws-clients";
+
+export type ApiInput = CreateApiCommandInput;
+export type ApiOutput = CreateApiCommandOutput;
+
+const createApiClass = createResourceFactory<ApiInput, ApiOutput>();
+
+export const Api = createApiClass({
+  type: "aws/api-gateway",
+
+  async deploy(props: ApiInput) {
+    const command = new CreateApiCommand(props);
+    return apiGatewayClient.send(command);
+  },
+});
+
+export type ApiInstance = InstanceType<typeof Api>;
diff --git a/packages/aws.iac/src/resources/api-gateway/index.ts b/packages/aws.iac/src/resources/api-gateway/index.ts
@@ -0,0 +1,4 @@
+export * from "./api";
+export * from "./lambda-integration";
+export * from "./route";
+export * from "./stage";
diff --git a/packages/aws.iac/src/resources/api-gateway/lambda-integration.ts b/packages/aws.iac/src/resources/api-gateway/lambda-integration.ts
@@ -0,0 +1,46 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  CreateIntegrationCommand,
+  CreateIntegrationCommandInput,
+  CreateIntegrationCommandOutput,
+} from "@aws-sdk/client-apigatewayv2";
+import { ApiInstance } from "./api";
+import { LambdaInstance } from "../lambda";
+import { getLambdaInvocationUri } from "src/templates/arn";
+import { apiGatewayClient } from "src/utils/aws-clients";
+
+export type LambdaIntegrationInput = CreateIntegrationCommandInput;
+export type LambdaIntegrationOutput = CreateIntegrationCommandOutput;
+export type LambdaIntegrationDependencies = {
+  api: ApiInstance;
+  lambda: LambdaInstance;
+};
+
+const createLambdaIntegrationClass = createResourceFactory<
+  LambdaIntegrationInput,
+  LambdaIntegrationOutput,
+  LambdaIntegrationDependencies
+>();
+
+export const LambdaIntegration = createLambdaIntegrationClass({
+  type: "aws/api-gateway/integration/lambda",
+
+  getIntrinsicConfig: (dependencies) => ({
+    ApiId: dependencies.api.output.ApiId,
+    IntegrationType: "AWS_PROXY",
+    IntegrationMethod: "POST",
+    IntegrationUri: getLambdaInvocationUri(
+      dependencies.lambda.output.FunctionArn!,
+    ),
+    PayloadFormatVersion: "2.0",
+    PassthroughBehavior: "WHEN_NO_MATCH",
+    ConnectionType: "INTERNET",
+  }),
+
+  deploy: async (input) => {
+    const command = new CreateIntegrationCommand(input);
+    return apiGatewayClient.send(command);
+  },
+});
+
+export type LambdaIntegrationInstance = InstanceType<typeof LambdaIntegration>;
diff --git a/packages/aws.iac/src/resources/api-gateway/route.ts b/packages/aws.iac/src/resources/api-gateway/route.ts
@@ -0,0 +1,37 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  CreateRouteCommand,
+  CreateRouteCommandInput,
+  CreateRouteCommandOutput,
+} from "@aws-sdk/client-apigatewayv2";
+import { apiGatewayClient } from "src/utils/aws-clients";
+import { ApiInstance, LambdaIntegrationInstance } from ".";
+
+export type RouteInput = CreateRouteCommandInput;
+export type RouteOutput = CreateRouteCommandOutput;
+export type RouteDeps = {
+  api: ApiInstance;
+  lambdaIntegration: LambdaIntegrationInstance;
+};
+
+const createRouteClass = createResourceFactory<
+  RouteInput,
+  RouteOutput,
+  RouteDeps
+>();
+
+export const Route = createRouteClass({
+  type: "aws/api-gateway/route",
+
+  getIntrinsicConfig: (dependencies) => ({
+    ApiId: dependencies.api.output.ApiId,
+    Target: `integrations/${dependencies.lambdaIntegration.output.IntegrationId}`,
+  }),
+
+  deploy: async (props: RouteInput) => {
+    const command = new CreateRouteCommand(props);
+    return apiGatewayClient.send(command);
+  },
+});
+
+export type RouteInstance = InstanceType<typeof Route>;
diff --git a/packages/aws.iac/src/resources/api-gateway/stage.ts b/packages/aws.iac/src/resources/api-gateway/stage.ts
@@ -0,0 +1,33 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  CreateStageCommand,
+  CreateStageCommandInput,
+  CreateStageCommandOutput,
+} from "@aws-sdk/client-apigatewayv2";
+import { apiGatewayClient } from "src/utils/aws-clients";
+import { Api } from "./api";
+
+export type StageInput = CreateStageCommandInput;
+export type StageOutput = CreateStageCommandOutput;
+export type StageDependencies = { router: InstanceType<typeof Api> };
+
+const createStageClass = createResourceFactory<
+  StageInput,
+  StageOutput,
+  StageDependencies
+>();
+
+export const Stage = createStageClass({
+  type: "aws/api-gateway/stage",
+
+  getIntrinsicConfig: (dependencies) => ({
+    ApiId: dependencies.router.output.ApiId,
+  }),
+
+  async deploy(props: StageInput) {
+    const command = new CreateStageCommand(props);
+    return apiGatewayClient.send(command);
+  },
+});
+
+export type StageInstance = InstanceType<typeof Stage>;
diff --git a/packages/aws.iac/src/resources/lambda/index.ts b/packages/aws.iac/src/resources/lambda/index.ts
@@ -0,0 +1,5 @@
+export * from "./lambda-api-permission";
+export * from "./lambda-log-group";
+export * from "./lambda-role-policy-attachment";
+export * from "./lambda-role";
+export * from "./lambda";
diff --git a/packages/aws.iac/src/resources/lambda/lambda-api-permission.ts b/packages/aws.iac/src/resources/lambda/lambda-api-permission.ts
@@ -0,0 +1,48 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  AddPermissionCommand,
+  AddPermissionCommandInput,
+  AddPermissionCommandOutput,
+} from "@aws-sdk/client-lambda";
+import { lambdaClient } from "src/utils/aws-clients";
+import { generateApiGatewaySourceArn } from "src/templates/arn";
+import { ApiInstance } from "src/resources/api-gateway/api";
+import { LambdaInstance } from "./lambda";
+
+export type LambdaApiGatewayPermissionInput = AddPermissionCommandInput;
+export type LambdaApiGatewayPermissionOutput = AddPermissionCommandOutput;
+export type LambdaApiGatewayPermissionDependencies = {
+  lambda: LambdaInstance;
+  api: ApiInstance;
+};
+
+const createLambdaApiGatewayPermissionClass = createResourceFactory<
+  LambdaApiGatewayPermissionInput,
+  LambdaApiGatewayPermissionOutput,
+  LambdaApiGatewayPermissionDependencies
+>();
+
+export const LambdaApiGatewayPermission = createLambdaApiGatewayPermissionClass(
+  {
+    type: "aws/lambda/permission/api-gateway",
+
+    getIntrinsicConfig: async (dependencies) => ({
+      StatementId: "AllowExecutionFromAPIGateway",
+      Principal: "apigateway.amazonaws.com",
+      FunctionName: dependencies.lambda.output.FunctionName,
+      Action: "lambda:InvokeFunction",
+      SourceArn: await generateApiGatewaySourceArn(
+        dependencies.api.output.ApiId!,
+      ),
+    }),
+
+    deploy: async (config: LambdaApiGatewayPermissionInput) => {
+      const command = new AddPermissionCommand(config);
+      return lambdaClient.send(command);
+    },
+  },
+);
+
+export type LambdaApiGatewayPermissionInstance = InstanceType<
+  typeof LambdaApiGatewayPermission
+>;
diff --git a/packages/aws.iac/src/resources/lambda/lambda-log-group.ts b/packages/aws.iac/src/resources/lambda/lambda-log-group.ts
@@ -0,0 +1,33 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  CreateLogGroupCommand,
+  CreateLogGroupCommandInput,
+  CreateLogGroupCommandOutput,
+} from "@aws-sdk/client-cloudwatch-logs";
+import { cloudWatchLogsClient } from "src/utils/aws-clients";
+import { LambdaInstance } from "./lambda";
+
+export type LambdaLogGroupInput = CreateLogGroupCommandInput;
+export type LambdaLogGroupOutput = CreateLogGroupCommandOutput;
+export type LambdaLogGroupDeps = { lambda: LambdaInstance };
+
+const createLambdaLogGroupClass = createResourceFactory<
+  LambdaLogGroupInput,
+  LambdaLogGroupOutput,
+  LambdaLogGroupDeps
+>();
+
+export const LambdaLogGroup = createLambdaLogGroupClass({
+  type: "aws/lambda/log-group",
+
+  getIntrinsicConfig: (dependencies) => ({
+    logGroupName: `/aws/lambda/${dependencies.lambda.output.FunctionName}`,
+  }),
+
+  deploy: async (props: LambdaLogGroupInput) => {
+    const command = new CreateLogGroupCommand(props);
+    return cloudWatchLogsClient.send(command);
+  },
+});
+
+export type LambdaLogGroupInstance = InstanceType<typeof LambdaLogGroup>;
diff --git a/packages/aws.iac/src/resources/lambda/lambda-role-policy-attachment.ts b/packages/aws.iac/src/resources/lambda/lambda-role-policy-attachment.ts
@@ -0,0 +1,37 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  AttachRolePolicyCommand,
+  AttachRolePolicyCommandInput,
+  AttachRolePolicyCommandOutput,
+} from "@aws-sdk/client-iam";
+import { iamClient } from "src/utils/aws-clients";
+import { LambdaIamRoleInstance } from "./lambda-role";
+
+export type LambdaRolePolicyAttachmentInput = AttachRolePolicyCommandInput;
+export type LambdaRolePolicyAttachmentOutput = AttachRolePolicyCommandOutput;
+export type LambdaRolePolicyAttachmentDeps = { role: LambdaIamRoleInstance };
+
+const createLambdaRolePolicyAttachmentClass = createResourceFactory<
+  LambdaRolePolicyAttachmentInput,
+  LambdaRolePolicyAttachmentOutput,
+  LambdaRolePolicyAttachmentDeps
+>();
+
+export const LambdaRolePolicyAttachment = createLambdaRolePolicyAttachmentClass(
+  {
+    type: "aws/lambda/policy-attachment",
+
+    getIntrinsicConfig: (dependencies) => ({
+      RoleName: dependencies.role.output.Role!.RoleName,
+    }),
+
+    deploy: async (props: LambdaRolePolicyAttachmentInput) => {
+      const command = new AttachRolePolicyCommand(props);
+      return iamClient.send(command);
+    },
+  },
+);
+
+export type LambdaRolePolicyAttachmentInstance = InstanceType<
+  typeof LambdaRolePolicyAttachment
+>;
diff --git a/packages/aws.iac/src/resources/lambda/lambda-role.ts b/packages/aws.iac/src/resources/lambda/lambda-role.ts
@@ -0,0 +1,31 @@
+import { createResourceFactory } from "@notation/core";
+import {
+  CreateRoleCommand,
+  CreateRoleCommandInput,
+  CreateRoleCommandOutput,
+} from "@aws-sdk/client-iam";
+import { iamClient } from "src/utils/aws-clients";
+import { lambdaTrustPolicy } from "src/templates/iam.policy";
+
+export type LambdaIamRoleInput = CreateRoleCommandInput;
+export type LambdaIamRoleOutput = CreateRoleCommandOutput;
+
+const createLambdaIamRoleClass = createResourceFactory<
+  LambdaIamRoleInput,
+  LambdaIamRoleOutput
+>();
+
+export const LambdaIamRole = createLambdaIamRoleClass({
+  type: "aws/lambda/role",
+
+  getIntrinsicConfig: () => ({
+    AssumeRolePolicyDocument: JSON.stringify(lambdaTrustPolicy),
+  }),
+
+  deploy: async (props: LambdaIamRoleInput) => {
+    const command = new CreateRoleCommand(props);
+    return iamClient.send(command);
+  },
+});
+
+export type LambdaIamRoleInstance = InstanceType<typeof LambdaIamRole>;
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		export * as apiGateway from "./resources/api-gateway";
		export * as lambda from "./resources/lambda";