@adobe/helix-deploy 4.12.2 → 4.15.0

package/src/cli.js

@@ -20,6 +20,8 @@ const OpenWhiskDeployer = require('./deploy/OpenWhiskDeployer');
 const AWSDeployer = require('./deploy/AWSDeployer');
 const AzureDeployer = require('./deploy/AzureDeployer');
 const GoogleDeployer = require('./deploy/GoogleDeployer');
+const CloudflareDeployer = require('./deploy/CloudflareDeployer');
+const ComputeAtEdgeDeployer = require('./deploy/ComputeAtEdgeDeployer');
 const FastlyGateway = require('./gateway/FastlyGateway');
 
 const PLUGINS = [
@@ -27,6 +29,8 @@ const PLUGINS = [
   AWSDeployer,
   AzureDeployer,
   GoogleDeployer,
+  CloudflareDeployer,
+  ComputeAtEdgeDeployer,
   FastlyGateway,
 ];
 

package/src/deploy/AWSDeployer.js

@@ -223,7 +223,7 @@ class AWSDeployer extends BaseDeployer {
       Environment: {
         Variables: cfg.params,
       },
-      Handler: 'index.lambda',
+      Handler: cfg.esm ? 'esm-adapter/index.handler' : 'index.lambda',
     };
 
     this.log.info(`--: using lambda role "${this._cfg.role}"`);
@@ -705,7 +705,9 @@ class AWSDeployer extends BaseDeployer {
           return;
         }
         // eslint-disable-next-line no-await-in-loop
-        await new Promise((resolve) => setTimeout(resolve, 1500));
+        await new Promise((resolve) => {
+          setTimeout(resolve, 1500);
+        });
       } catch (e) {
         this.log.error(chalk`{red error}: error checking function state`);
         throw e;

package/src/deploy/AzureDeployer.js

@@ -178,19 +178,23 @@ class AzureDeployer extends BaseDeployer {
     const { cfg } = this;
     this.log.info('--: updating app (package) parameters ...');
 
-    const result = await this._client.webApps.listApplicationSettings(this._app.resourceGroup,
-      this._cfg.appName);
+    const result = await this._client.webApps.listApplicationSettings(
+      this._app.resourceGroup,
+      this._cfg.appName,
+    );
 
     const update = {
       ...cfg.packageParams,
       ...result.properties,
     };
 
-    await this._client.webApps.updateApplicationSettings(this._app.resourceGroup,
+    await this._client.webApps.updateApplicationSettings(
+      this._app.resourceGroup,
       this._cfg.appName,
       {
         properties: update,
-      });
+      },
+    );
 
     this.log.info(`${Object.keys(update).length} package parameters have been updated.`);
   }

package/src/deploy/BaseDeployer.js

@@ -24,6 +24,11 @@ class BaseDeployer {
     return this.cfg.log;
   }
 
+  // eslint-disable-next-line class-methods-use-this
+  async init() {
+    // nothing to do
+  }
+
   ready() {
     return this.cfg && false;
   }
@@ -37,9 +42,7 @@ class BaseDeployer {
   getOrCreateFetchContext() {
     if (!this._fetchContext) {
       this._fetchContext = process.env.HELIX_FETCH_FORCE_HTTP1
-        ? fetchAPI.context({
-          alpnProtocols: [fetchAPI.ALPN_HTTP1_1],
-        })
+        ? fetchAPI.h1()
         : fetchAPI.context();
     }
     return this._fetchContext;
@@ -109,6 +112,8 @@ class BaseDeployer {
       if (ret.ok) {
         this.log.info(`id: ${chalk.grey(id)}`);
         this.log.info(`${chalk.green('ok:')} ${ret.status}`);
+        this.log.debug(chalk.grey(JSON.stringify(ret.headers.plain(), null, 2)));
+        this.log.debug('');
         this.log.debug(chalk.grey(body));
         return;
       }
@@ -123,7 +128,9 @@ class BaseDeployer {
         // eslint-disable-next-line no-param-reassign
         retry404 -= 1;
         // eslint-disable-next-line no-await-in-loop
-        await new Promise((resolve) => setTimeout(resolve, 1500));
+        await new Promise((resolve) => {
+          setTimeout(resolve, 1500);
+        });
       } else {
         // this.log.info(`${chalk.red('error:')} test failed: ${ret.status} ${body}`);
         throw new Error(`test failed: ${ret.status} ${body}`);

package/src/deploy/CloudflareConfig.js

@@ -0,0 +1,71 @@
+/*
+ * Copyright 2021 Adobe. All rights reserved.
+ * This file is licensed to you under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License. You may obtain a copy
+ * of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under
+ * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
+ * OF ANY KIND, either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
+class CloudflareConfig {
+  constructor() {
+    Object.assign(this, {});
+  }
+
+  configure(argv) {
+    return this
+      .withEmail(argv.cloudflareEmail)
+      .withAuth(argv.cloudflareAuth)
+      .withTestDomain(argv.cloudflareTestDomain)
+      .withAccountID(argv.cloudflareAccountId);
+  }
+
+  withAccountID(value) {
+    this.accountID = value;
+    return this;
+  }
+
+  withEmail(value) {
+    this.email = value;
+    return this;
+  }
+
+  withTestDomain(value) {
+    this.testDomain = value;
+    return this;
+  }
+
+  withAuth(value) {
+    this.auth = value;
+    return this;
+  }
+
+  static yarg(yargs) {
+    return yargs
+      .group(['cloudflare-account-id', 'cloudflare-auth', 'cloudflare-email', 'cloudflare-test-domain'], 'Cloudflare Workers Deployment Options')
+      .option('cloudflare-account-id', {
+        description: 'the Cloudflare account ID to deploy to',
+        type: 'string',
+        default: '',
+      })
+      .option('cloudflare-email', {
+        description: 'the Cloudflare email address belonging to the authentication token',
+        type: 'string',
+        default: '',
+      })
+      .option('cloudflare-test-domain', {
+        description: 'the *.workers.dev subdomain to use for testing deployed scripts',
+        type: 'string',
+        default: '',
+      })
+      .option('cloudflare-auth', {
+        description: 'the Cloudflare API token from https://dash.cloudflare.com/profile/api-tokens',
+        type: 'string',
+        default: '',
+      });
+  }
+}
+
+module.exports = CloudflareConfig;

package/src/deploy/CloudflareDeployer.js

@@ -0,0 +1,145 @@
+/*
+ * Copyright 2021 Adobe. All rights reserved.
+ * This file is licensed to you under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License. You may obtain a copy
+ * of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under
+ * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
+ * OF ANY KIND, either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
+const path = require('path');
+const fs = require('fs');
+const FormData = require('form-data');
+const BaseDeployer = require('./BaseDeployer');
+const CloudflareConfig = require('./CloudflareConfig');
+
+class CloudflareDeployer extends BaseDeployer {
+  constructor(baseConfig, config) {
+    super(baseConfig);
+    Object.assign(this, {
+      id: 'cloudflare',
+      name: 'Cloudflare',
+      _cfg: config,
+      noGatewayBackend: true,
+    });
+  }
+
+  ready() {
+    return !!this._cfg.auth && !!this._cfg.accountID && !!this.cfg.edgeBundle;
+  }
+
+  validate() {
+    if (!this.ready()) {
+      throw new Error('Cloudflare target needs email, token, and account ID');
+    }
+  }
+
+  get fullFunctionName() {
+    return `${this.cfg.packageName}--${this.cfg.name}`
+      .replace(/\./g, '_')
+      .replace('@', '_');
+  }
+
+  async deploy() {
+    const body = fs.readFileSync(path.relative(this.cfg.cwd, this.cfg.edgeBundle));
+    const { id } = await this.createKVNamespace(`${this.cfg.packageName}--secrets`);
+
+    const metadata = {
+      body_part: 'script',
+      bindings: [
+        ...Object.entries(this.cfg.params).map(([key, value]) => ({
+          name: key,
+          type: 'secret_text',
+          text: value,
+        })),
+        {
+          name: 'PACKAGE',
+          namespace_id: id,
+          type: 'kv_namespace',
+        },
+      ],
+    };
+
+    // what https://api.cloudflare.com/#worker-script-upload-worker won't tell you:
+    // you can use multipart/formdata to set metadata according to
+    // https://community.cloudflare.com/t/bind-kv-and-workers-via-api/221391
+    const form = new FormData();
+    form.append('script', body, {
+      contentType: 'application/javascript',
+    });
+    form.append('metadata', JSON.stringify(metadata), {
+      contentType: 'application/json',
+    });
+
+    const res = await this.fetch(`https://api.cloudflare.com/client/v4/accounts/${this._cfg.accountID}/workers/scripts/${this.fullFunctionName}`, {
+      method: 'PUT',
+      headers: form.getHeaders({
+        Authorization: `Bearer ${this._cfg.auth}`,
+      }),
+      body: form.getBuffer(),
+    });
+
+    if (!res.ok) {
+      const { errors } = await res.json();
+      throw new Error(`Unable to upload worker to Cloudflare: ${errors[0].message}`);
+    }
+
+    await this.updatePackageParams(id, this.cfg.packageParams);
+  }
+
+  async updatePackageParams(id, params) {
+    const kvlist = Object.entries(params).map(([key, value]) => ({
+      key, value,
+    }));
+
+    const res = await this.fetch(`https://api.cloudflare.com/client/v4/accounts/${this._cfg.accountID}/storage/kv/namespaces/${id}/bulk`, {
+      method: 'PUT',
+      headers: {
+        Authorization: `Bearer ${this._cfg.auth}`,
+        'content-type': 'application/json',
+      },
+      body: JSON.stringify(kvlist),
+    });
+    return res.ok;
+  }
+
+  async createKVNamespace(name) {
+    const postres = await this.fetch(`https://api.cloudflare.com/client/v4/accounts/${this._cfg.accountID}/storage/kv/namespaces`, {
+      method: 'POST',
+      headers: {
+        Authorization: `Bearer ${this._cfg.auth}`,
+        'content-type': 'application/json',
+      },
+      body: {
+        title: name,
+      },
+    });
+    let { result } = await postres.json();
+    if (!result) {
+      const listres = await this.fetch(`https://api.cloudflare.com/client/v4/accounts/${this._cfg.accountID}/storage/kv/namespaces`, {
+        method: 'GET',
+        headers: {
+          Authorization: `Bearer ${this._cfg.auth}`,
+        },
+      });
+      const { result: results } = await listres.json();
+      result = results.find((r) => r.title === name);
+    }
+    return result;
+  }
+
+  async test() {
+    return this._cfg.testDomain
+      ? this.testRequest({
+        url: `https://${this.fullFunctionName}.${this._cfg.testDomain}.workers.dev`,
+        idHeader: 'CF-RAY',
+        retry404: 0,
+      })
+      : undefined;
+  }
+}
+
+CloudflareDeployer.Config = CloudflareConfig;
+module.exports = CloudflareDeployer;

package/src/deploy/ComputeAtEdgeConfig.js

@@ -0,0 +1,93 @@
+/*
+ * Copyright 2021 Adobe. All rights reserved.
+ * This file is licensed to you under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License. You may obtain a copy
+ * of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under
+ * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
+ * OF ANY KIND, either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
+class ComputeAtEdgeConfig {
+  constructor() {
+    Object.assign(this, {});
+  }
+
+  configure(argv) {
+    return this
+      .withServiceID(argv.computeServiceId)
+      .withAuth(argv.fastlyAuth)
+      .withCoralogixToken(argv.coralogixToken)
+      .withFastlyGateway(argv.fastlyGateway)
+      .withComputeDomain(argv.computeTestDomain)
+      .withCoralogixApp(argv.computeCoralogixApp);
+  }
+
+  withServiceID(value) {
+    this.service = value;
+    return this;
+  }
+
+  withAuth(value) {
+    this.auth = value;
+    return this;
+  }
+
+  withCoralogixToken(value) {
+    this.coralogixToken = value;
+    return this;
+  }
+
+  withCoralogixApp(value) {
+    this.coralogixApp = value;
+    return this;
+  }
+
+  withFastlyGateway(value) {
+    this.fastlyGateway = value;
+    return this;
+  }
+
+  withComputeDomain(value) {
+    this.testDomain = value;
+    return this;
+  }
+
+  static yarg(yargs) {
+    return yargs
+      .group(['compute-service-id', 'compute-domain', 'fastly-auth', 'coralogix-token', 'compute-coralogix-app'], 'Fastly Compute@Edge Options')
+      .option('compute-service-id', {
+        description: 'the Fastly Service to deploy the action to',
+        type: 'string',
+        default: '',
+      })
+      .option('compute-test-domain', {
+        description: 'the domain name of the Compute@Edge service (used for testing)',
+        type: 'string',
+        default: '',
+      })
+      .option('fastly-auth', {
+        description: 'the Fastly token',
+        type: 'string',
+        default: '',
+      })
+      .option('coralogix-token', {
+        description: 'the Coralogix token (to enable logging)',
+        type: 'string',
+        default: '',
+      })
+      .option('fastly-gateway', {
+        description: 'the hostname of the Fastly gateway for package params',
+        type: 'string',
+        default: '',
+      })
+      .option('compute-coralogix-app', {
+        description: 'the Application name',
+        type: 'string',
+        default: 'fastly-compute',
+      });
+  }
+}
+
+module.exports = ComputeAtEdgeConfig;

package/src/deploy/ComputeAtEdgeDeployer.js

@@ -0,0 +1,190 @@
+/*
+ * Copyright 2021 Adobe. All rights reserved.
+ * This file is licensed to you under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License. You may obtain a copy
+ * of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under
+ * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
+ * OF ANY KIND, either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
+const { fork } = require('child_process');
+const path = require('path');
+const fs = require('fs/promises');
+const tar = require('tar');
+const getStream = require('get-stream');
+const Fastly = require('@adobe/fastly-native-promises');
+const BaseDeployer = require('./BaseDeployer');
+const ComputeAtEdgeConfig = require('./ComputeAtEdgeConfig');
+
+/**
+ * The class ComputeAtEdgeDeployer deploys to Fastly's Compute(at)Edge (WASM) runtime.
+ * It should be seen as a functional equivalent to the CloudflareDeployer
+ * and not confused with the FastlyGateway (which only routes requests, but
+ * does not handle them.)
+ */
+class ComputeAtEdgeDeployer extends BaseDeployer {
+  constructor(baseConfig, config) {
+    super(baseConfig);
+    Object.assign(this, {
+      id: 'c@e',
+      name: 'Fastly Compute@Edge',
+      _cfg: config,
+      _fastly: null,
+      noGatewayBackend: true,
+    });
+  }
+
+  ready() {
+    return !!this._cfg.service && !!this._cfg.auth && !!this.cfg.edgeBundle;
+  }
+
+  validate() {
+    if (!this.ready()) {
+      throw new Error('Compute@Edge target needs token and service ID');
+    }
+  }
+
+  init() {
+    if (this.ready() && !this._fastly) {
+      this._fastly = Fastly(this._cfg.auth, this._cfg.service, 60000);
+    }
+  }
+
+  get log() {
+    return this.cfg.log;
+  }
+
+  /**
+   *
+   * @returns
+   */
+  async bundle() {
+    const bundleDir = path.dirname(this.cfg.edgeBundle);
+    this.log.debug(`Creating fastly.toml in ${bundleDir}`);
+    fs.writeFile(path.resolve(bundleDir, 'fastly.toml'), `
+# This file describes a Fastly Compute@Edge package. To learn more visit:
+# https://developer.fastly.com/reference/fastly-toml/
+
+authors = ["Helix Deploy"]
+description = "Test Project"
+language = "javascript"
+manifest_version = 2
+name = "Test"
+service_id = ""
+    `);
+
+    return new Promise((resolve, reject) => {
+      const child = fork(
+        path.resolve(
+          __dirname,
+          '..',
+          '..',
+          'node_modules',
+          '@fastly',
+          'js-compute',
+          'js-compute-runtime-cli.js',
+        ),
+        [this.cfg.edgeBundle, 'bin/main.wasm'],
+        {
+          cwd: bundleDir,
+        },
+      );
+      child.on('data', (data) => resolve(data));
+      child.on('error', (err) => reject(err));
+      child.on('close', (err) => {
+        if (err) {
+          // non-zero status code
+          reject(err);
+        } else {
+          this.log.debug(`Created WASM bundle of script and interpreter in ${bundleDir}/bin/main.wasm`);
+          const stream = tar.c({
+            gzip: true,
+            // sync: true,
+            cwd: bundleDir,
+            prefix: 'Test',
+            // file: path.resolve(bundleDir, 'fastly-bundle.tar.gz')
+          }, ['bin/main.wasm', 'fastly.toml']);
+          // this.log.debug(`Created tar file in ${bundleDir}/fastly-bundle.tar.gz`);
+          resolve(getStream.buffer(stream));
+        }
+      });
+    });
+  }
+
+  async deploy() {
+    const buf = await this.bundle();
+
+    this.init();
+
+    await this._fastly.transact(async (version) => {
+      await this._fastly.writePackage(version, buf);
+
+      await this._fastly.writeDictionary(version, 'secrets', {
+        name: 'secrets',
+        write_only: 'true',
+      });
+
+      const host = this._cfg.fastlyGateway;
+      console.log('Host', host);
+      const backend = {
+        hostname: host,
+        ssl_cert_hostname: host,
+        ssl_sni_hostname: host,
+        address: host,
+        override_host: host,
+        name: 'gateway',
+        error_threshold: 0,
+        first_byte_timeout: 60000,
+        weight: 100,
+        connect_timeout: 5000,
+        port: 443,
+        between_bytes_timeout: 10000,
+        shield: '', // 'bwi-va-us',
+        max_conn: 200,
+        use_ssl: true,
+      };
+      await this._fastly.writeBackend(version, 'gateway', backend);
+    }, true);
+  }
+
+  async updatePackage() {
+    this.log.info('--: updating app (gateway) config ...');
+
+    this.init();
+
+    const functionparams = Object
+      .entries(this.cfg.params)
+      .map(([key, value]) => ({
+        item_key: key,
+        item_value: value,
+        op: 'update',
+      }));
+
+    await this._fastly.bulkUpdateDictItems(undefined, 'secrets', ...functionparams);
+    await this._fastly.updateDictItem(undefined, 'secrets', '_token', this.cfg.packageToken);
+    console.log('package', `https://${this._cfg.fastlyGateway}/${this.cfg.packageName}/`);
+    await this._fastly.updateDictItem(undefined, 'secrets', '_package', `https://${this._cfg.fastlyGateway}/${this.cfg.packageName}/`);
+
+    this._fastly.discard();
+  }
+
+  get fullFunctionName() {
+    return `${this.cfg.packageName}--${this.cfg.name}`
+      .replace(/\./g, '_')
+      .replace('@', '_');
+  }
+
+  async test() {
+    return this._cfg.testDomain
+      ? this.testRequest({
+        url: `https://${this._cfg.testDomain}.edgecompute.app`,
+        retry404: 0,
+      })
+      : undefined;
+  }
+}
+
+ComputeAtEdgeDeployer.Config = ComputeAtEdgeConfig;
+module.exports = ComputeAtEdgeDeployer;