feat: add openapi geneneration

Author: pevisscher

.github/workflows/package.yml

@@ -16,13 +16,27 @@ on:
         type: boolean
 
 jobs:
+  optimize_ci:
+    runs-on: ubuntu-latest
+    outputs:
+      skip: ${{ steps.check_skip.outputs.skip }}
+    steps:
+      - name: Optimize CI
+        id: check_skip
+        uses: withgraphite/graphite-ci-action@main
+        with:
+          graphite_token: ${{ secrets.GRAPHITE_CI_OPTIMIZER_TOKEN }}
+
   typescript:
+    needs: [optimize_ci]
+    if: needs.optimize_ci.outputs.skip == 'false'
     uses: skyleague/node-standards/.github/workflows/reusable-typescript.yml@main
     secrets:
       NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
 
   release:
-    needs: [typescript]
+    needs: [typescript,optimize_ci]
+    if: needs.optimize_ci.outputs.skip == 'false'
     uses: skyleague/node-standards/.github/workflows/reusable-release.yml@main
     with:
       build_artifact_name: ${{ needs.typescript.outputs.artifact-name }}

package-lock.json

@@ -32,15 +32,17 @@
   "dependencies": {
     "@aws-sdk/client-iam": "^3.614.0",
     "@aws-sdk/client-lambda": "^3.614.0",
+    "@skyleague/axioms": "^4.5.2",
     "@skyleague/esbuild-lambda": "^5.3.2",
-    "@skyleague/event-horizon": "^9.0.0",
+    "@skyleague/event-horizon": "^10.0.0",
     "aws-iot-device-sdk-v2": "^1.20.0",
     "camelcase": "^8.0.0",
     "find-root": "^1.1.0",
     "globby": "^14.0.2",
     "js-yaml": "^4.1.0",
     "pino-pretty": "^11.2.1",
     "tsx": "^4.16.2",
+    "yaml": "^2.5.0",
     "yargs": "^17.7.2"
   },
   "devDependencies": {

package.json

@@ -94,7 +94,7 @@ export async function handler(argv: ReturnType<typeof builder>['argv']): Promise
             { ...options, fnDir: [], clean: false },
             {
                 fnDirs: [],
-                stacks: !hasDebugArtifact ? [debugDir] : [],
+                stacks: buildRemoteLambdaArtifact ? [debugDir] : [],
                 preBuild,
             },
         )

src/commands/dev/index.ts

@@ -0,0 +1,134 @@
+import fs from 'node:fs/promises'
+import path from 'node:path'
+import { isRight, whenRight, whenRights } from '@skyleague/axioms'
+import { listLambdaHandlers } from '@skyleague/esbuild-lambda'
+import type { HTTPHandler, RequestAuthorizerEventHandler } from '@skyleague/event-horizon'
+import { openapiFromHandlers } from '@skyleague/event-horizon/spec'
+import { globby } from 'globby'
+import yaml from 'yaml'
+import type { Argv } from 'yargs'
+import { StarChartHandler } from '../../definition/definition.type.js'
+import type { HttpTrigger } from '../../definition/events/http.type.js'
+import { rootDirectory } from '../../lib/constants.js'
+
+export function builder(yargs: Argv) {
+    return yargs
+        .option('output', {
+            type: 'string',
+        })
+        .option('cwd', {
+            type: 'string',
+            default: rootDirectory,
+            coerce: (cwd) => path.join(process.cwd(), cwd),
+        })
+}
+
+export async function handler(argv: ReturnType<typeof builder>['argv']): Promise<void> {
+    const { buildDir: _buildDir, artifactDir: _artifactDir, output, cwd } = await argv
+    const fnDirs = ['src/**/functions']
+
+    const stacks = await globby(fnDirs, { cwd: cwd, onlyDirectories: true })
+    const handlerDrectories = (
+        await Promise.all(stacks.flatMap(async (fnDir) => listLambdaHandlers(path.join(cwd, fnDir))))
+    ).flat()
+
+    // for each handler load the corresponding handler.yml file
+    const handlers = await Promise.all(
+        handlerDrectories.map(async (handler) => {
+            const yamlHandler = `${handler}/handler.yml`
+            if (!(await fs.stat(yamlHandler)).isFile()) {
+                return { left: 'File not found' }
+            }
+
+            const content = await fs.readFile(yamlHandler)
+            const handlerContent = yaml.parse(content.toString())
+            const eitherHandler = StarChartHandler.parse(handlerContent)
+            if ('right' in eitherHandler) {
+                const definition = eitherHandler.right
+                const handlerFile = path.join(handler, 'index.ts')
+
+                if (!(await fs.stat(handlerFile)).isFile()) {
+                    return { left: 'Handler file not found' }
+                }
+
+                return {
+                    right: {
+                        definition,
+                        handler: (await import(handler)).handler,
+                        directory: handler,
+                    },
+                }
+            }
+            return eitherHandler
+        }),
+    )
+    const securitySchemes = whenRights(handlers, (xs) => {
+        return {
+            right: xs
+                .filter((x) => 'request' in x.handler && x.definition.securitySchemes !== undefined)
+                .map((x) => {
+                    const securitySchemes = x.definition.securitySchemes
+                    const definition = x.handler.request as RequestAuthorizerEventHandler
+                    return {
+                        ...definition.security,
+                        ...securitySchemes,
+                    }
+                }),
+        }
+    })
+    const httpHandlers = whenRights(handlers, (xs) => {
+        return {
+            right: xs
+                .filter((x) => 'http' in x.handler)
+                .flatMap((x) => {
+                    const definition = x.handler.http as HTTPHandler
+                    const httpEvents = x.definition.events?.filter((e): e is HttpTrigger => 'http' in e && e.http !== undefined)
+
+                    return (
+                        httpEvents?.map((e, i) => ({
+                            directory: `${x.directory}-${i}`,
+                            handler: {
+                                ...e.http,
+                                http: {
+                                    ...definition,
+                                    ...e.http,
+                                },
+                            },
+                        })) ?? []
+                    )
+                }),
+        }
+    })
+    const packageJson = JSON.parse((await fs.readFile(path.join(cwd, 'package.json'))).toString())
+
+    const openapi = whenRight(httpHandlers, (xs) => {
+        const securitySchemesComponent = isRight(securitySchemes)
+            ? { securitySchemes: Object.assign({}, ...securitySchemes.right) }
+            : {}
+        const openapi = openapiFromHandlers(Object.fromEntries(xs.map((x) => [x.directory, x.handler])), {
+            info: { title: packageJson.name, version: packageJson.version },
+            components: {
+                ...securitySchemesComponent,
+            },
+        })
+        return { right: openapi }
+    })
+
+    if (!isRight(openapi)) {
+        throw new Error(JSON.stringify(openapi.left))
+    }
+
+    const content = JSON.stringify(openapi.right, null, 2)
+    if (output !== undefined) {
+        await fs.writeFile(output, content)
+    } else {
+        console.log(content)
+    }
+}
+
+export default {
+    command: 'openapi',
+    describe: 'Build OpenAPI',
+    builder,
+    handler,
+}

src/commands/openapi/index.ts

@@ -0,0 +1,17 @@
+import { $const, $enum, $object, $optional, $string, $union } from '@skyleague/therefore'
+
+export const apiSecurityScheme = $object({
+    description: $optional($string().describe('The description of the security scheme.').optional()),
+    in: $enum(['header', 'query', 'cookie']).describe('The location of the security scheme.'),
+    name: $string().describe('The name of the security scheme.'),
+    type: $const('apiKey').describe('The type of the security scheme.'),
+})
+
+export const httpSecurityScheme = $object({
+    bearerFormat: $optional($string().describe('The format of the bearer token.').optional()),
+    description: $optional($string().describe('The description of the security scheme.').optional()),
+    scheme: $string().describe('The scheme of the security scheme.'),
+    type: $const('http').describe('The type of the security scheme.'),
+})
+
+export const securityScheme = $union([apiSecurityScheme, httpSecurityScheme])

src/definition/authorizer.schema.ts

@@ -0,0 +1,45 @@
+/**
+ * Generated by @skyleague/therefore@v1.0.0-local
+ * Do not manually touch this
+ */
+/* eslint-disable */
+
+export interface ApiSecurityScheme {
+    /**
+     * The description of the security scheme.
+     */
+    description?: string | undefined
+    /**
+     * The location of the security scheme.
+     */
+    in: 'header' | 'query' | 'cookie'
+    /**
+     * The name of the security scheme.
+     */
+    name: string
+    /**
+     * The type of the security scheme.
+     */
+    type: 'apiKey'
+}
+
+export interface HttpSecurityScheme {
+    /**
+     * The format of the bearer token.
+     */
+    bearerFormat?: string | undefined
+    /**
+     * The description of the security scheme.
+     */
+    description?: string | undefined
+    /**
+     * The scheme of the security scheme.
+     */
+    scheme: string
+    /**
+     * The type of the security scheme.
+     */
+    type: 'http'
+}
+
+export type SecurityScheme = ApiSecurityScheme | HttpSecurityScheme

src/definition/authorizer.type.ts

@@ -1,3 +1,4 @@
+import { securityScheme } from './authorizer.schema.js'
 import { events } from './events/index.schema.js'
 import { scheduledTriggerEntry } from './events/scheduled.schema.js'
 import { publishes } from './publishes/index.schema.js'
@@ -21,10 +22,12 @@ export const starChartHandler = $object({
     resources: $ref(resources).optional(),
 
     inlinePolicies: $string().array().optional(),
-    runtime: $enum(['nodejs16.x', 'nodejs18.x', 'nodejs20.x', 'python3.8', 'python3.9', 'python3.10']).optional(),
+    runtime: $enum(['nodejs18.x', 'nodejs20.x', 'python3.8', 'python3.9', 'python3.10']).optional(),
     memorySize: $number().optional(),
     timeout: $number().optional(),
     vpcConfig: $string().optional(),
+
+    securitySchemes: $record(securityScheme).optional().describe('The security schemes to use for the route.'),
 })
     .describe('The definition of a Star Chart handler.')
     .validator({ compile: false })

src/definition/definition.schema.ts

@@ -4,6 +4,7 @@
  */
 /* eslint-disable */
 
+import type { SecurityScheme } from './authorizer.type.js'
 import type { Events } from './events/index.type.js'
 import type { Publishes } from './publishes/index.type.js'
 import type { Resources } from './resources/index.type.js'
@@ -94,10 +95,18 @@ export interface StarChartHandler {
     publishes?: Publishes | undefined
     resources?: Resources | undefined
     inlinePolicies?: string[] | undefined
-    runtime?: 'nodejs16.x' | 'nodejs18.x' | 'nodejs20.x' | 'python3.8' | 'python3.9' | 'python3.10' | undefined
+    runtime?: 'nodejs18.x' | 'nodejs20.x' | 'python3.8' | 'python3.9' | 'python3.10' | undefined
     memorySize?: number | undefined
     timeout?: number | undefined
     vpcConfig?: string | undefined
+    /**
+     * The security schemes to use for the route.
+     */
+    securitySchemes?:
+        | {
+              [k: string]: SecurityScheme | undefined
+          }
+        | undefined
 }
 
 export const StarChartHandler = {

src/definition/definition.type.ts

@@ -1,9 +1,12 @@
-import { $enum, $object, $optional, $string } from '@skyleague/therefore'
+import { $enum, $object, $optional, $record, $string } from '@skyleague/therefore'
+
+export const securityRequirement = $record($string().describe('The name of the security scheme.'))
 
 export const httpTrigger = $object({
     http: $object({
         method: $enum(['get', 'post', 'put', 'delete', 'patch', 'options', 'head']),
         path: $string().describe('The HTTP path for the route. Must start with / and must not end with /.'),
         authorizer: $optional($string().describe('The name of the authorizer to use for the route.').optional()),
+        security: securityRequirement.optional().describe('The security requirements to use for the route.'),
     }).describe('Subscribes to an HTTP route.'),
 })

src/definition/events/http.schema.ts

@@ -18,5 +18,13 @@ export interface HttpTrigger {
          * The name of the authorizer to use for the route.
          */
         authorizer?: string | undefined
+        /**
+         * The security requirements to use for the route.
+         */
+        security?: SecurityRequirement | undefined
     }
 }
+
+export interface SecurityRequirement {
+    [k: string]: string | undefined
+}

src/definition/events/http.type.ts

@@ -5,5 +5,5 @@ import { sqsTrigger } from './sqs.schema.js'
 import { $ref, $union } from '@skyleague/therefore'
 
 export const events = $union([$ref(httpTrigger), $ref(sqsTrigger), $ref(scheduledTrigger)])
-    .describe('The events that will trigger the handler.')
     .array()
+    .describe('The events that will trigger the handler.')

src/definition/events/index.schema.ts

@@ -8,4 +8,7 @@ import type { HttpTrigger } from './http.type.js'
 import type { ScheduledTrigger } from './scheduled.type.js'
 import type { SqsTrigger } from './sqs.type.js'
 
+/**
+ * The events that will trigger the handler.
+ */
 export type Events = (HttpTrigger | SqsTrigger | ScheduledTrigger)[]