Added AWS Lambdas

[VirajAgarwal1]

No description provided.

[gemini-code-assist]

Hello @VirajAgarwal1, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

Summary of Changes

Hello team, gemini-code-assist here to provide a summary of this pull request. This PR introduces a serverless API built using AWS Lambda and API Gateway, designed to interact with Couchbase's Data API. The primary goal is to provide a comprehensive Airport Information System, enabling CRUD operations on airport documents and facilitating queries for related travel information like routes and airlines from the travel-sample dataset. The changes include the Lambda function handlers, deployment scripts for both the functions and the API Gateway, environment configuration, and test suites for verifying the deployed API.

Highlights

• AWS Lambda Functions: Adds six Node.js Lambda functions (createAirport, getAirport, updateAirport, deleteAirport, getAirportRoutes, getAirportAirlines) to handle various API operations against the Couchbase Data API.
• API Gateway Setup: Includes a deployment script to create an AWS HTTP API Gateway, configure routes (/airports/{airportId} for CRUD, /airports/routes, /airports/airlines for queries), set up AWS_PROXY integrations with the Lambda functions, and enable CORS.
• Couchbase Data API Integration: The Lambda functions utilize the Couchbase Data API via HTTPS requests to perform document operations (GET, POST, PUT, DELETE) and execute N1QL queries.
• Deployment Automation: Provides Node.js scripts (deploy_airport_lambda_functions.mjs, deploy_api_gateway_with_integrations.mjs) to automate the deployment process using the AWS CLI.
• Testing: Includes two test suites (airport_api_local.test.mjs, airport_api_aws.test.mjs) to test the API functionality both locally (by invoking handlers directly) and against the deployed AWS Lambda functions.
• Configuration: Adds a .env.sample file and uses env-cmd in package.json scripts for managing environment-specific configuration like AWS credentials, region, and Couchbase Data API endpoint/credentials.

Changelog

Click here to see the changelog

• aws-lambdas/.env.sample
  • Added a sample environment file defining configuration for AWS Lambda (role, region, memory, timeout) and Couchbase cluster credentials (base URL, password, username).
• aws-lambdas/README.md
  • Added a comprehensive README file explaining the project overview, API endpoints, prerequisites, setup instructions, deployment steps for Lambda and API Gateway, testing procedures (local and AWS), API examples using curl, and the project structure.
• aws-lambdas/package.json
  • Added package.json defining project metadata, module type, scripts for deploying Lambdas and API Gateway, and running local/AWS tests using env-cmd.
  • Added @aws-sdk/client-lambda and assert as dependencies.
• aws-lambdas/scripts/deploy_airport_lambda_functions.mjs
  • Added a Node.js script to automate the creation and deployment of Lambda functions using AWS CLI.
  • Configures Lambda functions with runtime (nodejs22.x), handler, role, memory, timeout, and environment variables.
  • Creates zip files for each handler and cleans them up after deployment.
• aws-lambdas/scripts/deploy_api_gateway_with_integrations.mjs
  • Added a Node.js script to automate the creation and configuration of an AWS HTTP API Gateway.
  • Creates the API Gateway with CORS enabled.
  • Retrieves Lambda ARNs and creates AWS_PROXY integrations.
  • Adds necessary Lambda invocation permissions for API Gateway.
  • Creates routes for each defined API path and HTTP method.
  • Creates a default stage with auto-deploy and outputs the API endpoint.
• aws-lambdas/src/createAirport.mjs
  • Added Lambda handler function for creating an airport document.
  • Validates required environment variables and request parameters/body.
  • Makes an HTTPS POST request to the Couchbase Data API document endpoint.
  • Handles success and various error responses (DocumentExists, InvalidAuth, InvalidArgument, Internal).
• aws-lambdas/src/deleteAirport.mjs
  • Added Lambda handler function for deleting an airport document.
  • Validates required environment variables and path parameters.
  • Makes an HTTPS DELETE request to the Couchbase Data API document endpoint.
  • Includes support for the If-Match header for optional CAS checking.
  • Handles success and various error responses (DocumentNotFound, InvalidAuth, CasMismatch, InvalidArgument, Internal).
• aws-lambdas/src/getAirport.mjs
  • Added Lambda handler function for retrieving an airport document.
  • Validates required environment variables and path parameters.
  • Supports fetching specific fields using query parameters.
  • Makes an HTTPS GET request to the Couchbase Data API document endpoint.
  • Handles success and various error responses (DocumentNotFound, InvalidAuth, InvalidArgument, Internal).
  • Includes the ETag header in the response.
• aws-lambdas/src/getAirportAirlines.mjs
  • Added Lambda handler function for querying airlines serving an airport.
  • Validates required environment variables and request body.
  • Constructs and executes a N1QL query via the Couchbase Data API query service.
  • Handles success and various error responses (InvalidAuth, InvalidArgument, Internal).
  • Returns a list of airlines and query metadata.
• aws-lambdas/src/getAirportRoutes.mjs
  • Added Lambda handler function for querying routes for an airport.
  • Validates required environment variables and request body.
  • Constructs and executes a N1QL query via the Couchbase Data API query service, limiting results to 10.
  • Handles success and various error responses (InvalidAuth, InvalidArgument, Internal).
  • Returns a list of routes and query metadata.
• aws-lambdas/src/updateAirport.mjs
  • Added Lambda handler function for updating an airport document.
  • Validates required environment variables and request parameters/body.
  • Makes an HTTPS PUT request to the Couchbase Data API document endpoint.
  • Includes support for the If-Match header for optional CAS checking.
  • Handles success and various error responses (DocumentNotFound, InvalidAuth, CasMismatch, InvalidArgument, Internal).
  • Includes ETag and MutationToken headers in the response.
• aws-lambdas/tests/airport_api_aws.test.mjs
  • Added a Node.js script to test the deployed Lambda functions directly using the AWS SDK.
  • Includes tests for Create, Get, Update, Get Routes, Get Airlines, and Delete operations.
  • Verifies status codes, headers (ETag, MutationToken), and response body content.
  • Uses assert for test assertions.
• aws-lambdas/tests/airport_api_local.test.mjs
  • Added a Node.js script to test the Lambda handler functions locally.
  • Directly invokes the exported handler functions.
  • Includes tests for Create, Get, Update, Get Routes, Get Airlines, and Delete operations.
  • Verifies status codes, headers (ETag, MutationToken), and response body content.
  • Uses assert for test assertions.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

---

Serverless functions run,
Responding fast, having fun.
API routes flow,
Data starts to grow,
On AWS, work is done.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive set of AWS Lambda functions and an API Gateway to interface with Couchbase's Data API. The overall structure, especially for the Lambda handlers and test suites, is well-organized and demonstrates a good understanding of serverless patterns. The README is also quite detailed.

I've identified a few areas for improvement, primarily concerning consistency in configuration and paths, security considerations for CORS, and robustness in URL parsing. Addressing these will enhance the project's reliability and security.

No specific style guide was provided, so my review is based on common JavaScript/Node.js best practices (often aligned with guides like the Google JavaScript Style Guide).

Summary of Findings

• Directory Path Inconsistency: There's an inconsistency in referencing the Lambda handler directory. The README.md and actual code use src/, while deployment scripts and local tests refer to handlers/. This needs to be unified to src/ across all files for correct operation. (Severity: High)
• CORS Configuration Too Permissive: The API Gateway deployment script sets AllowOrigins="*" for CORS, which is a security risk in production. This should be restricted to known domains. (Severity: High)
• URL Hostname Parsing: The method baseUrl.replace('https://', '') for extracting the hostname is fragile. Using new URL(baseUrl).hostname is more robust and recommended. (Severity: Medium)
• Configuration Discrepancy (TIMEOUT): The default TIMEOUT value differs between .env.sample (3s) and README.md (30s). These should be consistent. (Severity: Medium)
• Missing Newline at End of File: Several new files are missing a final newline character. This is a minor stylistic issue. (Severity: Low - Not commented inline due to review settings)
• Inconsistent Spacing in .env.sample: Spacing around = in .env.sample (lines 4, 5) is inconsistent with other variable assignments. (Severity: Low - Not commented inline due to review settings)

Merge Readiness

This pull request adds significant functionality and is generally well-implemented. However, there are several high and medium severity issues, particularly concerning directory path consistency for Lambda handlers and API Gateway CORS security, that should be addressed before merging. Once these are resolved, the PR will be in much better shape. As an AI, I am not authorized to approve pull requests; please ensure further review and approval by authorized team members.

[VirajAgarwal1]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a well-structured AWS Lambda and API Gateway setup for interacting with Couchbase. The inclusion of deployment scripts and both local and AWS integration tests is a great approach.

Summary of Findings

• Missing env-cmd Dependency: The package.json scripts rely on env-cmd, but it's not listed as a devDependency. This could cause script failures.
• Overly Permissive CORS Configuration: The API Gateway deployment script sets AllowOrigins="*" and AllowHeaders="*", which is a security concern. These should be restricted.
• If-Match Header Not Propagated for Updates/Deletes: The updateAirport and deleteAirport Lambda handlers do not forward the If-Match header from the client to the Couchbase Data API, which will prevent optimistic locking from working as intended.
• Code Duplication in Lambda Handlers: Common logic for error formatting and environment variable validation is duplicated across Lambda handlers. Refactoring into a shared utility is recommended.
• Node.js Version Prerequisite in README: The README specifies Node.js v22.x, which is very new. Clarifying if older LTS versions are supported would be helpful.
• Hardcoded Values in Deployment Scripts: The Lambda runtime and API Gateway name are hardcoded in deployment scripts, reducing flexibility.

Merge Readiness

This pull request lays a strong foundation for the AWS Lambda API. However, due to the high-severity issues identified (missing env-cmd dependency, overly permissive CORS, and incorrect If-Match header handling), I recommend addressing these before merging. The medium-severity items related to code duplication and configurability should also be considered for a more robust and maintainable solution. As an AI, I am not authorized to approve pull requests; please ensure these changes are reviewed and approved by the appropriate maintainers.

[VirajAgarwal1]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive set of AWS Lambda functions and an API Gateway for interacting with Couchbase. The code is well-organized, particularly the consistent structure of the Lambda handlers and the separation of deployment logic. The inclusion of both local and AWS integration tests is excellent for ensuring reliability.

I've noted a few areas for improvement, mainly around configuration and security hardening for the API Gateway. The README is very thorough and helpful.

Overall, great work on this feature!

Summary of Findings

• Node.js Version Specificity: The README specifies Node.js v22.x. It's worth considering if a more common LTS version could be used for broader compatibility unless v22 features are crucial. The aws-lambdas/package.json could also benefit from an engines field.
• API Gateway Security: The CORS policy (AllowOrigins="*") and Lambda invocation permissions (--source-arn .../*/*) in the API Gateway deployment script are quite broad and should be reviewed for production hardening.
• Query Limiting: The getAirportRoutes Lambda has a hardcoded LIMIT 10 in its N1QL query, which might need to be configurable or documented.
• Root package-lock.json: An empty package-lock.json exists at the repository root, which seems unusual and might need clarification or removal.
• .env.sample Formatting (Not Commented): In aws-lambdas/.env.sample, lines like MEMORY_SIZE = 128 have spaces around the equals sign. While often parsed correctly, the common convention for .env files is no spaces (e.g., MEMORY_SIZE=128). This was not commented on due to review settings (low severity).
• Missing Newline at End of File (Not Commented): Several .mjs and the .env.sample files are missing a final newline character. This is a minor stylistic issue. This was not commented on due to review settings (low severity).

Merge Readiness

The pull request is well on its way and introduces valuable functionality. However, due to the high-severity finding related to API Gateway security (CORS) and the medium-severity findings, I recommend addressing these points before merging. The other suggestions are for improving robustness and maintainability. As an AI, I am not authorized to approve pull requests; please ensure further review and approval by authorized team members.

[shyam-cb]

@VirajAgarwal1
Just add integration testing
unit tests not required here