Remove drizzle and serverless infra. Add terraform deployment.

serverless/src/lib/hasura.ts

@@ -0,0 +1,55 @@
+import { SecretsManagerClient, GetSecretValueCommand } from '@aws-sdk/client-secrets-manager';
+
+const client = new SecretsManagerClient({ region: 'ca-central-1' });
+
+interface HasuraCredentials {
+    database_url: string;
+    admin_secret: string;
+}
+
+let cachedCredentials: HasuraCredentials | null = null;
+
+/**
+ * Fetches Hasura credentials from AWS Secrets Manager
+ * Caches the result for subsequent invocations within the same Lambda container
+ */
+export async function getHasuraCredentials(): Promise<HasuraCredentials> {
+    if (cachedCredentials) {
+        return cachedCredentials;
+    }
+
+    const secretArn = process.env.HASURA_SECRET_ARN;
+    if (!secretArn) {
+        throw new Error('HASURA_SECRET_ARN environment variable not set');
+    }
+
+    try {
+        const response = await client.send(new GetSecretValueCommand({ SecretId: secretArn }));
+
+        if (!response.SecretString) {
+            throw new Error('Secret value is empty');
+        }
+
+        cachedCredentials = JSON.parse(response.SecretString);
+        return cachedCredentials!;
+    } catch (error) {
+        console.error('Failed to fetch Hasura credentials:', error);
+        throw error;
+    }
+}
+
+/**
+ * Example: Get just the admin secret
+ */
+export async function getHasuraAdminSecret(): Promise<string> {
+    const creds = await getHasuraCredentials();
+    return creds.admin_secret;
+}
+
+/**
+ * Example: Get just the database URL
+ */
+export async function getHasuraDatabaseUrl(): Promise<string> {
+    const creds = await getHasuraCredentials();
+    return creds.database_url;
+}