CDK as a deployment alternative

[pcholakov]

Hey @TimothyJones! Thank you so much for making this, it made my life a lot simpler connecting Cognito with GitHub OAuth!

I prefer to use CDK to model AWS stacks for deployment and made this as an alternative to SAM: https://github.com/pcholakov/github-cognito-openid-wrapper/tree/cdk. I was curious if you might be interested in getting it incorporated upstream? I built the stack in TypeScript purely out of inertia but it could also be easily done in pure JavaScript to be more in keeping with the rest of your project. I feel that a CDK stack makes the solution a bit more composable for more consumers than the current SAM template. Feel free to say no, just thought I'd mention it :-)

Thanks again for sharing the project!

[TimothyJones]

Hi! Apologies for the slow reply, I missed this at the time of posting for some reason.

I think you're right, in that most people aren't using SAM any more. Having said that, I like that SAM is close enough to the base cloudformation that it's easy to port to other wrappers (eg CDK, terraform).

There was a previous effort to use CDK - but I didn't personally use CDK at the time, and the author ended up not going that route anyway.

I'm not really sure what the right thing is here. On the one hand, I'm not super keen to pile on deploy methods (it already has two ways of spinning it up). I like that the SAM implementation is (kinda) approachable by anyone (a bit). But also, I'd like to expose it in something that is more likely to fit in people's stacks.

What do you think?

[pcholakov]

Oops, my turn to completely miss the response! I'm sorry!

I think you're quite right about SAM; but having that template made it super easy to port to CDK. I also agree with you that perhaps adding more and more deployment methods to the package it just a recipe for bloat.

Would you consider publishing a package to npmjs of the dist directory? If I could take a dependency on a released artifact, it would be quite easy to make a standalone CDK construct library that pulls in the code and makes it easy for people to deploy to Lambda in their own stacks.

[TimothyJones]

Sorry for the long time before reply:

0. It seems to me that CDK has clearly "won" - I think it's even worth changing this repo so that it's CDK native by default instead of SAM.
1. I'd absolutely be up for publishing something that you can pull in
2. Unfortunately, it would be a small amount of work / design effort. We can't just publish the existing dist directory, as those contain the encryption keys included in the source - it's not necessary to do it that way, it was just a bit of a shortcut when I built the wrapper the first time around (which I never revisited).
3. I've added an .npmignore that (at least) excludes the keys and config to make it easier to publish - but because the dist dirs contain the keys, it's not safe to publish at the moment.

[pcholakov]

I haven't touched my CDK code in a bit but maybe next time I work on that project, I'll sketch something out in PR form. Would you be opposed to using TypeScript for defining a CDK construct? I am sure it can also work in pure JavaScript but I have never tried to do that, it will probably be a more "native" experience to stick with TS.

[TimothyJones]

Not at all, TS is entirely appropriate (I think the jsii compiler might even require it)

[pcholakov]

Excellent!