@adobe/helix-deploy 6.2.26 → 6.2.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/package.json +1 -1
  3. package/src/deploy/AWSDeployer.js +78 -51
package/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ## [6.2.27](https://github.com/adobe/helix-deploy/compare/v6.2.26...v6.2.27) (2022-04-25)
2
+
3
+
4
+ ### Bug Fixes
5
+
6
+ * update links should link route to alias, not specific version ([#402](https://github.com/adobe/helix-deploy/issues/402)) ([45d7ea3](https://github.com/adobe/helix-deploy/commit/45d7ea31350f7027330a97dd3773404963f85149))
7
+
1
8
  ## [6.2.26](https://github.com/adobe/helix-deploy/compare/v6.2.25...v6.2.26) (2022-04-22)
2
9
 
3
10
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@adobe/helix-deploy",
3
- "version": "6.2.26",
3
+ "version": "6.2.27",
4
4
  "description": "Library and Commandline Tools to build and deploy OpenWhisk Actions",
5
5
  "license": "Apache-2.0",
6
6
  "homepage": "https://github.com/adobe/helix-deploy#readme",
package/src/deploy/AWSDeployer.js CHANGED
@@ -228,7 +228,8 @@ export default class AWSDeployer extends BaseDeployer {
228
228
  if (e.name === 'ResourceNotFoundException') {
229
229
  this.log.info(chalk`{green ok}: does not exist yet.`);
230
230
  this.log.info(chalk`--: creating new Lambda function {yellow ${functionName}}`);
231
- await this._lambda.send(new CreateFunctionCommand(functionConfig));
231
+ const res = await this._lambda.send(new CreateFunctionCommand(functionConfig));
232
+ baseARN = res.FunctionArn;
232
233
  } else {
233
234
  this.log.error(chalk`Unable to verify existence of Lambda function {yellow ${functionName}}`);
234
235
  throw e;
@@ -627,21 +628,23 @@ export default class AWSDeployer extends BaseDeployer {
627
628
  Name: name,
628
629
  }));
629
630
  this.log.info(chalk`--: updating alias {blue ${name}}...`);
630
- await this._lambda.send(new UpdateAliasCommand({
631
+ const res = await this._lambda.send(new UpdateAliasCommand({
631
632
  FunctionName: functionName,
632
633
  Name: name,
633
634
  FunctionVersion: functionVersion,
634
635
  }));
635
636
  this.log.info(chalk`{green ok:} updated alias {blue ${name}} to version {yellow ${functionVersion}}.`);
637
+ return res.AliasArn;
636
638
  } catch (e) {
637
639
  if (e.name === 'ResourceNotFoundException') {
638
640
  this.log.info(chalk`--: creating alias {blue ${name}}...`);
639
- await this._lambda.send(new CreateAliasCommand({
641
+ const res = await this._lambda.send(new CreateAliasCommand({
640
642
  FunctionName: functionName,
641
643
  Name: name,
642
644
  FunctionVersion: functionVersion,
643
645
  }));
644
646
  this.log.info(chalk`{green ok:} created alias {blue ${name}} for version {yellow ${functionVersion}}.`);
647
+ return res.AliasArn;
645
648
  } else {
646
649
  this.log.error(`Unable to verify existence of Lambda alias ${name}`);
647
650
  throw e;
@@ -654,9 +657,7 @@ export default class AWSDeployer extends BaseDeployer {
654
657
  const { ApiId } = await this.initApiId();
655
658
  const functionVersion = cfg.version.replace(/\./g, '_');
656
659
 
657
- // get function alias
658
660
  let res;
659
- let aliasArn;
660
661
  let incrementalVersion;
661
662
  try {
662
663
  this.log.info(chalk`--: fetching alias ...`);
@@ -664,71 +665,97 @@ export default class AWSDeployer extends BaseDeployer {
664
665
  FunctionName: functionName,
665
666
  Name: functionVersion,
666
667
  }));
667
- aliasArn = res.AliasArn;
668
668
  incrementalVersion = res.FunctionVersion;
669
- this.log.info(chalk`{green ok}: ${aliasArn}`);
669
+ // eslint-disable-next-line prefer-destructuring
670
+ this._accountId = res.AliasArn.split(':')[4];
671
+ this.log.info(chalk`{green ok}: ${functionName}@${functionVersion} => ${incrementalVersion}`);
670
672
  } catch (e) {
671
673
  this.log.error(chalk`{red error}: Unable to create link to function ${functionName}`);
672
674
  throw e;
673
675
  }
674
676
 
675
- // find integration
676
- let integration = await this.findIntegration(ApiId, aliasArn);
677
- let cleanup = false;
678
- if (integration) {
679
- this.log.info(`--: using existing integration "${integration.IntegrationId}" for "${aliasArn}"`);
680
- } else {
681
- integration = await this._api.send(new CreateIntegrationCommand({
682
- ApiId,
683
- IntegrationMethod: 'POST',
684
- IntegrationType: 'AWS_PROXY',
685
- IntegrationUri: aliasArn,
686
- PayloadFormatVersion: '2.0',
687
- TimeoutInMillis: Math.min(cfg.timeout, 30000),
688
- }));
689
- this.log.info(chalk`{green ok:} created new integration "${integration.IntegrationId}" for "${aliasArn}"`);
690
- cleanup = true;
691
- }
692
- const { IntegrationId } = integration;
693
-
694
677
  // get all the routes
695
678
  this.log.info(chalk`--: fetching routes ...`);
696
679
  const routes = await this.fetchRoutes(ApiId);
697
- const routeParams = {
698
- ApiId,
699
- Target: `integrations/${IntegrationId}`,
700
- AuthorizerId: undefined,
701
- AuthorizationType: 'NONE',
702
- };
703
- if (this._cfg.attachAuthorizer) {
704
- this.log.info(chalk`--: fetching authorizers...`);
705
- const authorizers = await this.fetchAuthorizers(ApiId);
706
- const authorizer = authorizers.find((info) => info.Name === this._cfg.attachAuthorizer);
707
- if (!authorizer) {
708
- throw Error(`Specified authorizer ${this._cfg.attachAuthorizer} does not exist in api ${ApiId}.`);
709
- }
710
- routeParams.AuthorizerId = authorizer.AuthorizerId;
711
- routeParams.AuthorizationType = 'CUSTOM';
712
- this.log.info(chalk`{green ok:} configuring routes with authorizer {blue ${this._cfg.attachAuthorizer}} {yellow ${authorizer.AuthorizerId}}`);
713
- }
714
680
 
715
681
  // create routes for each symlink
716
682
  const sfx = this.getLinkVersions();
717
683
 
718
684
  for (const suffix of sfx) {
719
- // check if route already exists
685
+ // create or update alias
686
+ const aliasArn = await this.createOrUpdateAlias(suffix.replace('.', '_'), functionName, incrementalVersion);
687
+
688
+ // find or create integration
689
+ let integration = await this.findIntegration(ApiId, aliasArn);
690
+ if (integration) {
691
+ this.log.info(`--: using existing integration "${integration.IntegrationId}" for "${aliasArn}"`);
692
+ } else {
693
+ integration = await this._api.send(new CreateIntegrationCommand({
694
+ ApiId,
695
+ IntegrationMethod: 'POST',
696
+ IntegrationType: 'AWS_PROXY',
697
+ IntegrationUri: aliasArn,
698
+ PayloadFormatVersion: '2.0',
699
+ TimeoutInMillis: Math.min(cfg.timeout, 30000),
700
+ }));
701
+ this.log.info(chalk`{green ok:} created new integration "${integration.IntegrationId}" for "${aliasArn}"`);
702
+ }
703
+ const { IntegrationId } = integration;
704
+
705
+ const routeParams = {
706
+ ApiId,
707
+ Target: `integrations/${IntegrationId}`,
708
+ AuthorizerId: undefined,
709
+ AuthorizationType: 'NONE',
710
+ };
711
+ if (this._cfg.attachAuthorizer) {
712
+ this.log.info(chalk`--: fetching authorizers...`);
713
+ const authorizers = await this.fetchAuthorizers(ApiId);
714
+ const authorizer = authorizers.find((info) => info.Name === this._cfg.attachAuthorizer);
715
+ if (!authorizer) {
716
+ throw Error(`Specified authorizer ${this._cfg.attachAuthorizer} does not exist in api ${ApiId}.`);
717
+ }
718
+ routeParams.AuthorizerId = authorizer.AuthorizerId;
719
+ routeParams.AuthorizationType = 'CUSTOM';
720
+ this.log.info(chalk`{green ok:} configuring routes with authorizer {blue ${this._cfg.attachAuthorizer}} {yellow ${authorizer.AuthorizerId}}`);
721
+ }
722
+
723
+ // create or update routes
720
724
  await this.createOrUpdateRoute(routes, routeParams, `ANY /${cfg.packageName}/${cfg.baseName}/${suffix}`);
721
725
  await this.createOrUpdateRoute(routes, routeParams, `ANY /${cfg.packageName}/${cfg.baseName}/${suffix}/{path+}`);
722
726
 
723
- // create or update alias
724
- await this.createOrUpdateAlias(suffix.replace('.', '_'), functionName, incrementalVersion);
725
- }
727
+ await this.updateAuthorizers(ApiId, functionName, aliasArn);
726
728
 
727
- if (cleanup) {
728
- await this.cleanUpIntegrations(functionName);
729
+ // add permissions to invoke function (with and without path)
730
+ let sourceArn = `arn:aws:execute-api:${this._cfg.region}:${this._accountId}:${ApiId}/*/*/${cfg.packageName}/${cfg.baseName}/${suffix}`;
731
+ try {
732
+ // eslint-disable-next-line no-await-in-loop
733
+ await this._lambda.send(new AddPermissionCommand({
734
+ FunctionName: aliasArn,
735
+ Action: 'lambda:InvokeFunction',
736
+ SourceArn: sourceArn,
737
+ Principal: 'apigateway.amazonaws.com',
738
+ StatementId: crypto.createHash('md5').update(aliasArn + sourceArn).digest('hex'),
739
+ }));
740
+ this.log.info(chalk`{green ok:} added invoke permissions for ${sourceArn}`);
741
+ } catch (e) {
742
+ // ignore, most likely the permission already exists
743
+ }
744
+ sourceArn = `arn:aws:execute-api:${this._cfg.region}:${this._accountId}:${ApiId}/*/*/${cfg.packageName}/${cfg.baseName}/${suffix}/{path+}`;
745
+ try {
746
+ // eslint-disable-next-line no-await-in-loop
747
+ await this._lambda.send(new AddPermissionCommand({
748
+ FunctionName: aliasArn,
749
+ Action: 'lambda:InvokeFunction',
750
+ SourceArn: sourceArn,
751
+ Principal: 'apigateway.amazonaws.com',
752
+ StatementId: crypto.createHash('md5').update(aliasArn + sourceArn).digest('hex'),
753
+ }));
754
+ this.log.info(chalk`{green ok:} added invoke permissions for ${sourceArn}`);
755
+ } catch (e) {
756
+ // ignore, most likely the permission already exists
757
+ }
729
758
  }
730
-
731
- await this.updateAuthorizers(ApiId, functionName, aliasArn);
732
759
  }
733
760
 
734
761
  async updateAuthorizers(ApiId, functionName, aliasArn) {