@adobe/aio-cli-plugin-api-mesh 5.2.4-alpha.0 → 5.2.4-alpha.1

package/src/commands/api-mesh/source/discover.js

@@ -10,12 +10,7 @@ governing permissions and limitations under the License.
 */
 
 const { Command, CliUx, Flags } = require('@oclif/core');
-const {
-	promptConfirm,
-	initRequestId,
-	promptMultiselect,
-	promptSelect,
-} = require('../../../helpers');
+const { promptConfirm, promptMultiselect, promptSelect } = require('../../../helpers');
 const SourceRegistryStorage = require('source-registry-storage-adapter');
 const config = require('@adobe/aio-lib-core-config');
 const logger = require('../../../classes/logger');
@@ -24,8 +19,6 @@ const InstallCommand = require('./install');
 class DiscoverCommand extends Command {
 	async run() {
 		try {
-			await initRequestId();
-
 			logger.info(`RequestId: ${global.requestId}`);
 			const { flags } = await this.parse(DiscoverCommand);
 			const srs = new SourceRegistryStorage(config.get('api-mesh.sourceRegistry.path'));
@@ -58,7 +51,7 @@ class DiscoverCommand extends Command {
 		} catch (error) {
 			logger.error(error);
 			this.error(`
-				Something went wrong with "discover" command. Please try again later. 
+				Something went wrong with "discover" command. Please try again later.
 				${error}
 			`);
 		}

package/src/commands/api-mesh/source/get.js

@@ -12,12 +12,7 @@ governing permissions and limitations under the License.
 
 const { Command, Flags } = require('@oclif/core');
 const SourceRegistryStorage = require('source-registry-storage-adapter');
-const {
-	promptMultiselect,
-	promptSelect,
-	promptConfirm,
-	initRequestId,
-} = require('../../../helpers');
+const { promptMultiselect, promptSelect, promptConfirm } = require('../../../helpers');
 const ncp = require('node-clipboardy');
 const chalk = require('chalk');
 const config = require('@adobe/aio-lib-core-config');
@@ -33,8 +28,6 @@ class GetCommand extends Command {
 
 	async run() {
 		try {
-			await initRequestId();
-
 			logger.info(`RequestId: ${global.requestId}`);
 			let list;
 			try {

package/src/commands/api-mesh/source/install.js

@@ -12,7 +12,7 @@ governing permissions and limitations under the License.
 
 const { Command, Flags } = require('@oclif/core');
 const SourceRegistryStorage = require('source-registry-storage-adapter');
-const { promptConfirm, promptInput, initRequestId, initSdk } = require('../../../helpers');
+const { promptConfirm, promptInput, initSdk } = require('../../../helpers');
 const { ignoreCacheFlag } = require('../../../utils');
 const config = require('@adobe/aio-lib-core-config');
 const logger = require('../../../classes/logger');
@@ -33,7 +33,6 @@ class InstallCommand extends Command {
 
 	async run() {
 		const { flags, args } = await this.parse(InstallCommand);
-		await initRequestId();
 		logger.info(`RequestId: ${global.requestId}`);
 		const ignoreCache = await flags.ignoreCache;
 		const {

package/src/commands/api-mesh/status.js

@@ -1,7 +1,7 @@
 const { Command } = require('@oclif/core');
 
 const logger = require('../../classes/logger');
-const { initRequestId, initSdk } = require('../../helpers');
+const { initSdk } = require('../../helpers');
 const { getMeshId, getMesh, getMeshDeployments } = require('../../lib/smsClient');
 const { ignoreCacheFlag } = require('../../utils');
 
@@ -13,7 +13,6 @@ class StatusCommand extends Command {
 	};
 
 	async run() {
-		await initRequestId();
 		logger.info(`RequestId: ${global.requestId}`);
 
 		const { flags } = await this.parse(StatusCommand);

package/src/commands/api-mesh/update.js

@@ -10,9 +10,10 @@ governing permissions and limitations under the License.
 */
 
 const { Command } = require('@oclif/command');
+const chalk = require('chalk');
 
 const logger = require('../../classes/logger');
-const { initSdk, initRequestId, promptConfirm, importFiles } = require('../../helpers');
+const { initSdk, promptConfirm, importFiles } = require('../../helpers');
 const {
 	ignoreCacheFlag,
 	autoConfirmActionFlag,
@@ -38,8 +39,6 @@ class UpdateCommand extends Command {
 	};
 
 	async run() {
-		await initRequestId();
-
 		logger.info(`RequestId: ${global.requestId}`);
 
 		const { args, flags } = await this.parse(UpdateCommand);
@@ -106,7 +105,7 @@ class UpdateCommand extends Command {
 		// if local files are present, import them in files array in meshConfig
 		if (filesList.length) {
 			try {
-				data = await importFiles(data, filesList, args.file, flags.autoConfirmAction);
+				({ data } = await importFiles(data, filesList, args.file, flags.autoConfirmAction));
 			} catch (err) {
 				this.log(err.message);
 				this.error('Unable to import the files in the mesh config. Check the file and try again.');
@@ -119,8 +118,7 @@ class UpdateCommand extends Command {
 				await validateSecretsFile(secretsFilePath);
 				const secretsData = await interpolateSecrets(secretsFilePath, this);
 				const publicKey = await getPublicEncryptionKey(imsOrgCode);
-				const encryptedSecrets = await encryptSecrets(publicKey, secretsData);
-				data.secrets = encryptedSecrets;
+				data.secrets = await encryptSecrets(publicKey, secretsData);
 			} catch (err) {
 				this.log(err.message);
 				this.error('Unable to import secrets. Check the file and try again.');
@@ -130,6 +128,23 @@ class UpdateCommand extends Command {
 		if (meshId) {
 			let shouldContinue = true;
 
+			if (
+				data?.meshConfig?.responseConfig?.includeHTTPDetails &&
+				workspaceName.toLowerCase() === 'production'
+			) {
+				this.warn(
+					`Your mesh has ${chalk.yellowBright('includeHTTPDetails')} set to ${chalk.redBright(
+						'true',
+					)}. This is a security risk and should not be used in production.\n` +
+						`When ${chalk.yellowBright('includeHTTPDetails')} is set to ${chalk.redBright(
+							'true',
+						)} it exposes HTTP request and response details in the mesh logs, which can cause sensitive information to be exposed.\n` +
+						`Consider setting ${chalk.yellowBright('includeHTTPDetails')} to ${chalk.greenBright(
+							'false',
+						)} in the meshConfig.`,
+				);
+			}
+
 			if (!autoConfirmAction) {
 				shouldContinue = await promptConfirm(
 					`Are you sure you want to update the mesh: ${meshId}?`,

package/src/commands/{PLUGINNAME/__tests__/index.test.js → api-mesh.js}

@@ -10,21 +10,19 @@ OF ANY KIND, either express or implied. See the License for the specific languag
 governing permissions and limitations under the License.
 */
 
-const IndexCommand = require('..');
+const { Help, Command } = require('@oclif/core');
 
-test('exports', async () => {
-	expect(typeof IndexCommand).toEqual('function');
-});
+/**
+ * API Mesh command. Defers to topic for help text.
+ */
+class ApiMeshCommand extends Command {
+	async run() {
+		const help = new Help(this.config);
+		await help.showHelp(['api-mesh', '--help']);
+	}
+}
 
-describe('command tests', () => {
-	let command;
+ApiMeshCommand.description = 'Create, run, test, and deploy API Mesh';
+ApiMeshCommand.args = [];
 
-	beforeEach(() => {
-		command = new IndexCommand([]);
-	});
-
-	test('run', async () => {
-		command.argv = [];
-		await expect(command.run()).resolves.not.toThrowError();
-	});
-});
+module.exports = ApiMeshCommand;

package/src/helpers.js

@@ -437,15 +437,43 @@ async function initSdk(options) {
 /**
  * Generates a static global requestid for the lifecycle of this command request
  */
-async function initRequestId() {
+function initRequestId() {
 	global.requestId = UUID.newUuid().toString();
 }
 
+/**
+ *
+ * This function initializes the metadata headers for the command execution
+ *
+ * @param {*} config
+ */
+function initMetadata(config) {
+	try {
+		const { version, plugins, userAgent, platform, arch } = config;
+		const currentIntalledVersion = getCurrentInstalledPluginVersion(plugins);
+
+		const metadataHeaders = {
+			'x-aio-cli-version': version,
+			'x-aio-cli-user-agent': userAgent,
+			'x-aio-cli-platform': platform,
+			'x-aio-cli-arch': arch,
+			'x-aio-cli-plugin-api-mesh-version': currentIntalledVersion,
+		};
+
+		global.metadataHeaders = metadataHeaders;
+	} catch (error) {
+		logger.error('Unable to initialize metadata headers');
+		logger.error(error.message);
+
+		global.metadataHeaders = {};
+	}
+}
+
 /**
  * Function to run the CLI Y/N prompt to confirm the user's action
  *
  * @param {string} message
- * @returns boolean
+ * @returns Promise<boolean>
  */
 async function promptConfirm(message) {
 	const prompt = inquirer.createPromptModule({ output: process.stderr });
@@ -505,7 +533,6 @@ async function promptSelect(message, choices) {
  * Function to run the CLI selectable list
  *
  * @param {string} message - prompt message
- * @param {object[]} choices - list of options
  * @returns {object[]} - selected options
  */
 async function promptInput(message) {
@@ -542,9 +569,11 @@ async function promptInputSecret(message) {
  * Import the files in the files array in meshConfig
  *
  * @param data MeshConfig
- * @param filesList List of files in meshConfig
+ * @param filesListArray List of files in meshConfig
  * @param meshConfigName MeshConfigName
  * @param autoConfirmActionFlag The user won't be prompted any questions, if this flag is set
+ * @param shouldMinifyJS
+ * @returns Promise<{{ data, localFileOverrides: string[] }}>
  */
 async function importFiles(
 	data,
@@ -607,29 +636,38 @@ async function importFiles(
 		);
 	}
 
+	// Result of override resolution
+	const localFileOverrides = {};
 	for (let i = 0; i < overrideArr.length; i++) {
+		const fileName = overrideArr[i].fileName;
 		shouldOverride = await promptConfirm(
-			`Do you want to override the ${path.basename(overrideArr[i].fileName)} file?`,
+			`Do you want to override the ${path.basename(fileName)} file?`,
 		);
 
 		if (shouldOverride) {
 			resultData = updateFilesArray(
 				resultData,
-				overrideArr[i].fileName,
+				fileName,
 				meshConfigName,
 				overrideArr[i].index,
 				shouldMinifyJS,
 			);
+			localFileOverrides[fileName] = true;
+		} else {
+			localFileOverrides[fileName] = false;
 		}
 	}
 
-	return resultData;
+	return {
+		data: resultData,
+		localFileOverrides,
+	};
 }
 
 /**loads the pupa module dynamically and then interpolates the raw data from mesh file with object data
- * @param {data}
- * @param {obj}
- * @returns {object} having interpolationStatus, missingKeys and interpolatedMesh
+ * @param data
+ * @param obj
+ * @returns {object}
  */
 
 async function interpolateMesh(data, obj) {
@@ -863,7 +901,7 @@ async function processFileConfig(config) {
  * This function sets up the tenantFiles used in a particular mesh config
  * into the tenantFiles folder
  *
- * @param config
+ * @param meshId
  */
 async function setUpTenantFiles(meshId) {
 	if (fs.existsSync(path.resolve(process.cwd(), 'mesh-artifact', meshId, 'files.json'))) {
@@ -902,17 +940,36 @@ async function writeSecretsFile(secretsData, meshId) {
 
 /**
  *
- * This function fetches current installed version the system and the latest version from npm
+ * This function gets the current installed version of the plugin
  *
  * @param {*} installedPlugins
- * @returns { currentVersion: string, latestVersion: string }
+ * @returns {string || null} - current installed version of the plugin
  */
-async function getPluginVersionDetails(installedPlugins) {
+function getCurrentInstalledPluginVersion(installedPlugins) {
 	try {
 		const meshPlugin = installedPlugins.find(
 			({ name }) => name === '@adobe/aio-cli-plugin-api-mesh',
 		);
-		const currentVersion = meshPlugin.version;
+
+		return meshPlugin.version;
+	} catch (err) {
+		logger.error('Unable to get current installed version');
+		logger.error(err.message);
+
+		return null;
+	}
+}
+
+/**
+ *
+ * This function fetches current installed version the system and the latest version from npm
+ *
+ * @param {*} installedPlugins
+ * @returns { currentVersion: string, latestVersion: string }
+ */
+async function getPluginVersionDetails(installedPlugins) {
+	try {
+		const currentVersion = getCurrentInstalledPluginVersion(installedPlugins);
 
 		let config = {
 			method: 'get',
@@ -972,6 +1029,7 @@ module.exports = {
 	getDevConsoleConfig,
 	initSdk,
 	initRequestId,
+	initMetadata,
 	promptSelect,
 	promptMultiselect,
 	importFiles,

package/src/hooks/initMetadata.js

@@ -0,0 +1,8 @@
+const { initMetadata, initRequestId } = require('../helpers');
+
+const hook = async function () {
+	initRequestId();
+	initMetadata(this.config);
+};
+
+module.exports = hook;

package/src/lib/smsClient.js

@@ -119,6 +119,7 @@ const listLogs = async (organizationCode, projectId, workspaceId, meshId, fileNa
 		method: 'get',
 		url: fileName ? url + `?filename=${fileName}` : url,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'x-api-key': SMS_API_KEY,
@@ -147,6 +148,7 @@ const getMesh = async (organizationId, projectId, workspaceId, workspaceName, me
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationId}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'workspaceName': workspaceName,
@@ -238,6 +240,7 @@ const createMesh = async (
 		method: 'post',
 		url: `${SMS_BASE_URL}/organizations/${organizationId}/projects/${projectId}/workspaces/${workspaceId}/meshes`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'Content-Type': 'application/json',
 			'x-request-id': global.requestId,
@@ -350,6 +353,7 @@ const updateMesh = async (
 		method: 'put',
 		url: `${SMS_BASE_URL}/organizations/${organizationId}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'Content-Type': 'application/json',
 			'x-request-id': global.requestId,
@@ -441,6 +445,7 @@ const deleteMesh = async (organizationId, projectId, workspaceId, meshId) => {
 		method: 'delete',
 		url: `${SMS_BASE_URL}/organizations/${organizationId}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'x-api-key': SMS_API_KEY,
@@ -527,6 +532,7 @@ const cachePurge = async (organizationId, projectId, workspaceId, meshId) => {
 		method: 'post',
 		url: `${SMS_BASE_URL}/organizations/${organizationId}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}/cache/purge`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'Content-Type': 'application/json',
 			'x-request-id': global.requestId,
@@ -617,6 +623,7 @@ const getMeshId = async (organizationCode, projectId, workspaceId, workspaceName
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationCode}/projects/${projectId}/workspaces/${workspaceId}/mesh`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'workspaceName': workspaceName,
@@ -903,6 +910,7 @@ const getMeshArtifact = async (organizationId, projectId, workspaceId, workspace
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationId}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}/artifact`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'workspaceName': workspaceName,
@@ -961,6 +969,7 @@ const getTenantFeatures = async organizationCode => {
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationCode}/features`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'x-api-key': SMS_API_KEY,
@@ -1016,6 +1025,7 @@ const getMeshDeployments = async (organizationCode, projectId, workspaceId, mesh
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationCode}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}/deployments/latest`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'x-api-key': SMS_API_KEY,
@@ -1064,7 +1074,7 @@ const getMeshDeployments = async (organizationCode, projectId, workspaceId, mesh
  * As a result, we provide the publicKey used for secrets encryption.
  * The near-term goal is to stop using Dev Console as a proxy for all routes.
  * @param organizationCode
- * @returns string
+ * @returns Promise<string>
  */
 const getPublicEncryptionKey = async organizationCode => {
 	const { accessToken } = await getDevConsoleConfig();
@@ -1072,6 +1082,7 @@ const getPublicEncryptionKey = async organizationCode => {
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationCode}/getPublicKey`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'x-api-key': SMS_API_KEY,
@@ -1117,6 +1128,7 @@ const getPresignedUrls = async (
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationCode}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}/logs?startDateTime=${startTime}&endDateTime=${endTime}`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'x-api-key': SMS_API_KEY,
@@ -1156,6 +1168,7 @@ const getLogsByRayId = async (organizationCode, projectId, workspaceId, meshId,
 		method: 'get',
 		url: `${SMS_BASE_URL}/organizations/${organizationCode}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}/logs/${rayId}`,
 		headers: {
+			...global?.metadataHeaders,
 			'Authorization': `Bearer ${accessToken}`,
 			'x-request-id': global.requestId,
 			'x-api-key': SMS_API_KEY,
@@ -1384,6 +1397,106 @@ const getLogForwarding = async (organizationCode, projectId, workspaceId, meshId
 	}
 };
 
+/**
+ * Deletes the log forwarding configuration for a given mesh.
+ *
+ * @param {string} organizationCode - The IMS org code
+ * @param {string} projectId - The project ID
+ * @param {string} workspaceId - The workspace ID
+ * @param {string} meshId - The mesh ID
+ */
+const deleteLogForwarding = async (organizationCode, projectId, workspaceId, meshId) => {
+	const { accessToken } = await getDevConsoleConfig();
+	const config = {
+		method: 'DELETE',
+		url: `${SMS_BASE_URL}/organizations/${organizationCode}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}/log/forwarding`,
+		headers: {
+			'Authorization': `Bearer ${accessToken}`,
+			'x-request-id': global.requestId,
+			'x-api-key': SMS_API_KEY,
+		},
+	};
+
+	logger.info(
+		'Initiating DELETE %s',
+		`${SMS_BASE_URL}/organizations/${organizationCode}/projects/${projectId}/workspaces/${workspaceId}/meshes/${meshId}/log/forwarding`,
+	);
+
+	try {
+		const response = await axios(config);
+
+		logger.info('Response from DELETE %s', response.status);
+
+		if (response && response?.status === 204) {
+			return response;
+		} else {
+			logger.error(
+				`Unable to delete log forwarding config: ${objToString(
+					response,
+					['data'],
+					'Error',
+				)}. Received ${response.status}, expected 204`,
+			);
+			throw new Error(
+				`something went wrong: ${objToString(
+					response,
+					['data'],
+					'Unable to delete log forwarding',
+				)}`,
+			);
+		}
+	} catch (error) {
+		logger.info('Response from DELETE %s', error.response.status);
+
+		if (error.response.status === 404) {
+			// The request was made and the server responded with a 404 status code
+			logger.error('log forwarding details not found');
+
+			throw new Error('log forwarding details not found');
+		} else if (error.response && error.response.data) {
+			// The request was made and the server responded with an unsupported status code
+			logger.error(
+				'Error while deleting log forwarding details. Response: %s',
+				objToString(error, ['response', 'data'], 'Unable to delete log forwarding details'),
+			);
+
+			if (error.response.data.messages) {
+				const message = objToString(
+					error,
+					['response', 'data', 'messages', '0', 'message'],
+					'Unable to delete log forwarding details',
+				);
+
+				throw new Error(message);
+			} else if (error.response.data.message) {
+				const message = objToString(
+					error,
+					['response', 'data', 'message'],
+					'Unable to delete log forwarding details',
+				);
+
+				throw new Error(message);
+			} else {
+				const message = objToString(
+					error,
+					['response', 'data'],
+					'Unable to delete log forwarding details',
+				);
+
+				throw new Error(message);
+			}
+		} else {
+			// The request was made but no response was received
+			logger.error(
+				'Error while deleting log forwarding details. No response received from the server: %s',
+				objToString(error, [], 'Unable to delete log forwarding details'),
+			);
+
+			throw new Error('Unable to delete log forwarding details: %s', error.message);
+		}
+	}
+};
+
 module.exports = {
 	getApiKeyCredential,
 	describeMesh,
@@ -1407,4 +1520,5 @@ module.exports = {
 	cachePurge,
 	setLogForwarding,
 	getLogForwarding,
+	deleteLogForwarding,
 };