@adobe/helix-deploy 6.2.28 → 6.2.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +21 -0
  2. package/package.json +15 -15
  3. package/src/deploy/AWSConfig.js +14 -2
  4. package/src/deploy/AWSDeployer.js +40 -1
package/CHANGELOG.md CHANGED
@@ -1,3 +1,24 @@
1
+ ## [6.2.31](https://github.com/adobe/helix-deploy/compare/v6.2.30...v6.2.31) (2022-05-07)
2
+
3
+
4
+ ### Bug Fixes
5
+
6
+ * **deps:** update external fixes ([88eb649](https://github.com/adobe/helix-deploy/commit/88eb64908850cd80e0a679f659d9a1a7644ef791))
7
+
8
+ ## [6.2.30](https://github.com/adobe/helix-deploy/compare/v6.2.29...v6.2.30) (2022-05-02)
9
+
10
+
11
+ ### Bug Fixes
12
+
13
+ * **deps:** update external fixes ([15750cb](https://github.com/adobe/helix-deploy/commit/15750cb0ad2d4c29218f2ffe0a7292fed8bfd88f))
14
+
15
+ ## [6.2.29](https://github.com/adobe/helix-deploy/compare/v6.2.28...v6.2.29) (2022-04-27)
16
+
17
+
18
+ ### Bug Fixes
19
+
20
+ * add tags to newly created polyfunc bucket ([#405](https://github.com/adobe/helix-deploy/issues/405)) ([db4286e](https://github.com/adobe/helix-deploy/commit/db4286ea579d91ee2ad8963b87f7fa6562f8947c))
21
+
1
22
  ## [6.2.28](https://github.com/adobe/helix-deploy/compare/v6.2.27...v6.2.28) (2022-04-25)
2
23
 
3
24
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@adobe/helix-deploy",
3
- "version": "6.2.28",
3
+ "version": "6.2.31",
4
4
  "description": "Library and Commandline Tools to build and deploy OpenWhisk Actions",
5
5
  "license": "Apache-2.0",
6
6
  "homepage": "https://github.com/adobe/helix-deploy#readme",
@@ -39,31 +39,31 @@
39
39
  "dependencies": {
40
40
  "@adobe/fastly-native-promises": "2.0.7",
41
41
  "@adobe/helix-fetch": "3.0.9",
42
- "@aws-sdk/client-apigatewayv2": "3.76.0",
43
- "@aws-sdk/client-lambda": "3.76.0",
44
- "@aws-sdk/client-s3": "3.76.0",
45
- "@aws-sdk/client-secrets-manager": "3.76.0",
46
- "@aws-sdk/client-ssm": "3.76.0",
42
+ "@aws-sdk/client-apigatewayv2": "3.85.0",
43
+ "@aws-sdk/client-lambda": "3.85.0",
44
+ "@aws-sdk/client-s3": "3.86.0",
45
+ "@aws-sdk/client-secrets-manager": "3.85.0",
46
+ "@aws-sdk/client-ssm": "3.85.0",
47
47
  "@fastly/js-compute": "0.2.4",
48
48
  "@google-cloud/functions": "1.3.0",
49
49
  "@google-cloud/secret-manager": "3.12.0",
50
- "@google-cloud/storage": "5.19.3",
50
+ "@google-cloud/storage": "5.19.4",
51
51
  "@rollup/plugin-alias": "3.1.9",
52
- "@rollup/plugin-commonjs": "21.1.0",
52
+ "@rollup/plugin-commonjs": "22.0.0",
53
53
  "@rollup/plugin-json": "4.1.0",
54
- "@rollup/plugin-node-resolve": "13.2.1",
54
+ "@rollup/plugin-node-resolve": "13.3.0",
55
55
  "archiver": "5.3.1",
56
56
  "chalk-template": "0.4.0",
57
57
  "constants-browserify": "1.0.0",
58
58
  "dotenv": "16.0.0",
59
- "express": "4.17.3",
59
+ "express": "4.18.1",
60
60
  "form-data": "4.0.0",
61
61
  "fs-extra": "10.1.0",
62
62
  "get-stream": "6.0.1",
63
63
  "isomorphic-git": "1.17.1",
64
64
  "openwhisk": "3.21.6",
65
65
  "proxyquire": "2.1.3",
66
- "rollup": "2.70.2",
66
+ "rollup": "2.72.0",
67
67
  "rollup-plugin-terser": "7.0.2",
68
68
  "semver": "7.3.7",
69
69
  "tar": "6.1.11",
@@ -72,7 +72,7 @@
72
72
  },
73
73
  "devDependencies": {
74
74
  "@adobe/eslint-config-helix": "1.3.2",
75
- "@adobe/helix-shared-wrap": "1.0.4",
75
+ "@adobe/helix-shared-wrap": "1.0.5",
76
76
  "@adobe/helix-status": "9.2.11",
77
77
  "@adobe/helix-universal-logger": "2.0.7",
78
78
  "@semantic-release/changelog": "6.0.1",
@@ -81,12 +81,12 @@
81
81
  "chai": "4.3.6",
82
82
  "chai-http": "4.3.0",
83
83
  "codecov": "3.8.3",
84
- "eslint": "8.14.0",
84
+ "eslint": "8.15.0",
85
85
  "eslint-plugin-header": "3.1.1",
86
86
  "eslint-plugin-import": "2.26.0",
87
87
  "husky": "7.0.4",
88
- "lint-staged": "12.4.0",
89
- "mocha": "9.2.2",
88
+ "lint-staged": "12.4.1",
89
+ "mocha": "10.0.0",
90
90
  "mocha-junit-reporter": "2.0.2",
91
91
  "mocha-multi-reporters": "1.5.1",
92
92
  "nock": "13.2.4",
package/src/deploy/AWSConfig.js CHANGED
@@ -27,6 +27,7 @@ export default class AWSConfig {
27
27
  createAuthorizer: '',
28
28
  attachAuthorizer: '',
29
29
  identitySources: ['$request.header.Authorization'],
30
+ deployTemplate: 'helix-deploy-template',
30
31
  });
31
32
  }
32
33
 
@@ -42,7 +43,8 @@ export default class AWSConfig {
42
43
  .withAWSCleanUpBuckets(argv.awsCleanupBuckets)
43
44
  .withAWSCleanUpIntegrations(argv.awsCleanupIntegrations)
44
45
  .withAWSCreateRoutes(argv.awsCreateRoutes)
45
- .withAWSParamsManager(argv.awsParameterManager);
46
+ .withAWSParamsManager(argv.awsParameterManager)
47
+ .withAWSDeployTemplate(argv.awsDeployTemplate);
46
48
  }
47
49
 
48
50
  withAWSRegion(value) {
@@ -100,11 +102,16 @@ export default class AWSConfig {
100
102
  return this;
101
103
  }
102
104
 
105
+ withAWSDeployTemplate(value) {
106
+ this.deployTemplate = value;
107
+ return this;
108
+ }
109
+
103
110
  static yarg(yargs) {
104
111
  return yargs
105
112
  .group(['aws-region', 'aws-api', 'aws-role', 'aws-cleanup-buckets', 'aws-cleanup-integrations',
106
113
  'aws-create-routes', 'aws-create-authorizer', 'aws-attach-authorizer', 'aws-lambda-format',
107
- 'aws-parameter-manager'], 'AWS Deployment Options')
114
+ 'aws-parameter-manager', 'aws-deploy-template'], 'AWS Deployment Options')
108
115
  .option('aws-region', {
109
116
  description: 'the AWS region to deploy lambda functions to',
110
117
  type: 'string',
@@ -162,6 +169,11 @@ export default class AWSConfig {
162
169
  description: 'Cleans up unused integrations',
163
170
  type: 'boolean',
164
171
  default: false,
172
+ })
173
+ .option('aws-deploy-template', {
174
+ description: 'Name of the deploy S3 bucket template to use',
175
+ type: 'string',
176
+ default: 'helix-deploy-template',
165
177
  });
166
178
  }
167
179
  }
package/src/deploy/AWSDeployer.js CHANGED
@@ -13,8 +13,9 @@
13
13
  import chalk from 'chalk-template';
14
14
  import {
15
15
  CreateBucketCommand, DeleteBucketCommand, DeleteObjectCommand, DeleteObjectsCommand,
16
- ListBucketsCommand,
16
+ GetBucketTaggingCommand, ListBucketsCommand,
17
17
  ListObjectsV2Command, PutObjectCommand,
18
+ PutPublicAccessBlockCommand, PutBucketTaggingCommand,
18
19
  S3Client,
19
20
  } from '@aws-sdk/client-s3';
20
21
 
@@ -151,6 +152,44 @@ export default class AWSDeployer extends BaseDeployer {
151
152
  Bucket: this._bucket,
152
153
  }));
153
154
  this.log.info(chalk`{green ok:} bucket ${data.Location} created`);
155
+
156
+ const { deployTemplate } = this._cfg;
157
+ if (!deployTemplate) {
158
+ return;
159
+ }
160
+
161
+ let tags;
162
+ try {
163
+ // Obtain tags from template bucket
164
+ const result = await this._s3.send(new GetBucketTaggingCommand({
165
+ Bucket: deployTemplate,
166
+ }));
167
+ tags = result.TagSet;
168
+ } catch (e) {
169
+ this.log.warn(`Unable to obtain default tags from template bucket: ${this.bucket}`, e);
170
+ return;
171
+ }
172
+
173
+ // Block public access
174
+ await this._s3.send(new PutPublicAccessBlockCommand({
175
+ Bucket: this._bucket,
176
+ PublicAccessBlockConfiguration: {
177
+ BlockPublicAcls: true,
178
+ IgnorePublicAcls: true,
179
+ BlockPublicPolicy: true,
180
+ RestrictPublicBuckets: true,
181
+ },
182
+ }));
183
+ this.log.info(chalk`{green ok:} bucket ${data.Location} hidden from public`);
184
+
185
+ // Put required tags
186
+ await this._s3.send(new PutBucketTaggingCommand({
187
+ Bucket: this._bucket,
188
+ Tagging: {
189
+ TagSet: tags,
190
+ },
191
+ }));
192
+ this.log.info(chalk`{green ok:} added tags to bucket ${data.Location}`);
154
193
  }
155
194
 
156
195
  async uploadZIP() {