Giter VIP home page Giter VIP logo

serverless-tools's People

Stargazers

avatar avatar

Watchers

avatar avatar avatar avatar

serverless-tools's Issues

Create DAO generator

Create a generator for MongoDB (next iteration can support DynamoDB) that will create standard CRUD operations for GET, POST, UPDATE, and DELETE actions. This will be a separate repo and generator. The generator should take in an output path (ie where the DAO objects will be created) and an API spec location. The output will contain:

  1. A DAO interface
  2. A DAO factory
  3. a DAO config object that matches our current DAO config for Mongo
    Be sure read operations support pagination out of the box.

Setup CI/CD

Set up CI/CD pipeline using Github actions. Toe test, run the generator against a spec file, run npm test. Make sure to remove all generated files regardless of whether or not tests pass

Remove Globals.js

There is a benefit to setting up an isomorphic environment right off the bat, but it bloats the code and can lead to problems like we saw when we included the SpiSdk which also sets up globals.

Refactor x-ray usage

Refactor the AbstractController.register function to properly use XRay. Should look like this:

// you can override invoke in a subclass to adjust the return type
    protected async invoke(event): Promise<any> {
        return new Promise<any>((resolve, reject)=>{
            // add X-Ray telemetry passing the subsegment
            AWSXRay.captureAsyncFunc(this.getSegmentName(), async (subsegment) => {
                try {
                    const result = await this.processRequest(event);
                    resolve(result);
                } catch(e) {
                    this.log(LogLevels.ERROR, e.message, event, e);
                    reject(e);
                } finally {
                    subsegment.close();
                }

            });
        });
    }

    protected async processRequest(event): Promise<any> {
        // to open a subsegment for x-ray call AWSXRay.captureAsyncFunc
        // you'll have to promisfy the call or wrap in a promise like invoke
        // log request received
        this.log(LogLevels.INFO, this.getSegmentName() + ' Request received', event);
        try {
            // first validate the incoming request.
            this.checkValidation(event);

            // stub for override
            // in your sub classes you should supply value for result and error
            return null;
        } catch (e) {
            // log error response
            this.log(LogLevels.ERROR, e.message, null, e);
            throw e;
        }
    }

In index.ts make sure we are opening up the main segment and closing it as follows

var AWSXRay = require('aws-xray-sdk');

app.use(AWSXRay.express.openSegment('defaultName'));  // required at the start of your routes

app.get('/', function (req, res) {
  res.render('index');
});

app.use(AWSXRay.express.closeSegment()); //Required at the end of your routes / first in error handling routes

Reference is at: https://docs.aws.amazon.com/xray-sdk-for-nodejs/latest/reference/

Refactor to support swagger-ui-express

Add swagger-ui-express to package.json
Refactor index.ts as follows:

// IMPORTANT: all routes that do not require JWT authentication must be declared ahead of registering the middleware with app.use
app.get('/', cors(), function (req, res) {
    res.status(200).send('Hello World! I am the tenants-api API ' +  process.env.API_VERSION);
});

const xssConfig = {
    stripIgnoreTag: true
};
app.use('/', new XSSController(xssConfig).register());

//setup route for documents
app.use('/docs/', cors(), swaggerUi.serveWithOptions({ redirect: false }), swaggerUi.setup(swaggerDocument));

Note what we are doing here is removing JWT validation from the health check and docs route.
Add boiler plate to the serverless yaml for the docs and health check:

HealthCheck:
        handler: src/index.handler
        events:
            - http:
                path: /
                method: get
                cors:
                    origin: '*'
                    headers:
                      - Content-Type
                      - Authorization
                      - x-amzn-trace-id
        warmup: true
        environment:
            STAGE: ${opt:stage}
            JWT_SECRET: ${opt:jwt-secret}
        vpc:
          securityGroupIds:
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:SecurityGroup
          subnetIds:
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:PrivateSubnet1
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:PrivateSubnet2
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:PrivateSubnet3
    Docs:
        handler: src/index.handler
        events:
            - http:
                path: /docs/{proxy+}
                method: get
                cors:
                    origin: '*'
                    headers:
                      - Content-Type
                      - Authorization
                      - x-amzn-trace-id
        warmup: true
        environment:
            STAGE: ${opt:stage}
            JWT_SECRET: ${opt:jwt-secret}
        vpc:
          securityGroupIds:
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:SecurityGroup
          subnetIds:
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:PrivateSubnet1
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:PrivateSubnet2
            - !ImportValue ${opt:networking-stack,'Zeus1-VPC'}:PrivateSubnet3

v2.0

Get security patches merged. Get rid of the express serverless plugin. Migrate to serverless-components express API. Include a Dockerfile and for containerization. Options in v2 should include:

  1. API Gateway type (HTTP or traditional)
  2. Instrumentation with Zipkin or XRay
  3. http/2 push

I would architect the generators to handle Gateway handling (including authentication) as a separate layer. Instrumentation is done as a separate layer. The serverless component supports Lambda layers.

Generators for the express API are largely the same; I think it is nothing special to do there besides removing the serverless express plugin.

For http/2 support in express take a look at this article, and this one. Apparently Express has no support for http/2 and spdy is recommended by express as the tool to use.

For http/2 support in API Gateway both CloudFront and API Gateway support http/2. They should handle the requests natively.

For a general guide on http/s and the benefits, read this article.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.