@architect/inventory 3.0.0-RC.6 → 3.0.0-RC.7

package/changelog.md

@@ -44,6 +44,11 @@
 Update CI
 - Stop publishing to the GitHub Package registry
 
+
+### Fixed
+
+- Added file path validation because `aws-sdk` blows up on !ascii paths; fixes #1292, thanks @GustMartins!
+
 ---
 
 ## [2.2.1] 2021-11-22

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@architect/inventory",
-  "version": "3.0.0-RC.6",
+  "version": "3.0.0-RC.7",
   "description": "Architect project resource enumeration utility",
   "main": "src/index.js",
   "scripts": {
@@ -42,7 +42,7 @@
   "eslintConfig": {
     "extends": "@architect/eslint-config"
   },
-  "_nyc": {
+  "nyc": {
     "check-coverage": true,
     "branches": 100,
     "lines": 100,

package/src/config/pragmas/plugins.js

@@ -1,6 +1,6 @@
 let { join } = require('path')
 let { existsSync } = require('fs')
-let { is, normalizeSrc, pragmas } = require('../../lib')
+let { is, normalizeSrc, pragmas, validationPatterns } = require('../../lib')
 let { lambdas } = pragmas
 let nonLambdaSetters = [ 'customLambdas', 'env', 'runtimes' ]
 let setters = [ ...lambdas, ...nonLambdaSetters ]
@@ -37,6 +37,10 @@ module.exports = function getPluginModules ({ arc, inventory, errors }) {
       errors.push('Plugin name _methods is reserved, please rename your plugin')
       continue
     }
+    if (!validationPatterns.veryLooseName.test(name)) {
+      errors.push('Plugin names can only contain [a-zA-Z0-9/\\-._]')
+      continue
+    }
     if (pluginPath) {
       try {
         if (type === 'plugin') {

package/src/config/pragmas/populate-lambda/index.js

@@ -1,3 +1,4 @@
+let { sep } = require('path')
 let read = require('../../../read')
 let getLambda = require('./get-lambda')
 let getRuntime = require('./get-runtime')
@@ -9,22 +10,44 @@ let { compiledRuntimes, is } = require('../../../lib')
 /**
  * Build out the Lambda tree from the Arc manifest or a passed pragma, and plugins
  */
-function populateLambda (type, { arc, inventory, errors, pragma }) {
+function populateLambda (type, params) {
+  // Passing a pragma array via params allows special overrides
+  // See: @tables populating inv['tables-streams']
+  let { arc, inventory, errors, pragma } = params
+
   let plugins = inventory.plugins?._methods?.set?.[type]
   let pluginLambda = []
   if (plugins) {
     let pluginResults = plugins.flatMap(fn => {
-      let result = fn({ arc, inventory: { inv: inventory } })
-      if (!result) {
+      try {
+        var result = fn({ arc, inventory: { inv: inventory } })
+      }
+      catch (err) {
+        err.message = `Setter plugin exception: plugin: ${fn.plugin}, method: set.${type}`
+                      + `\n` + err.message
+        throw err
+      }
+      if (!result ||
+          (!is.object(result) && !is.array(result)) ||
+          (is.array(result) && result.some(r => !is.object(r)))) {
         errors.push(`Setter plugins must return a valid response: plugin: ${fn.plugin}, method: set.${type}`)
         return []
       }
-      result.plugin = fn.plugin
-      result.type = fn.type
+      if (is.array(result)) {
+        result.forEach(item => {
+          item.plugin = fn.plugin
+          item.type = fn.type
+        })
+      }
+      else {
+        result.plugin = fn.plugin
+        result.type = fn.type
+      }
       return result
     })
     pluginLambda = populate(type, pluginResults, inventory, errors, true) || []
   }
+
   let pragmaLambda = populate(type, pragma || arc[type], inventory, errors) || []
   let aggregate = [ ...pluginLambda, ...pragmaLambda ]
   return aggregate.length ? aggregate : null
@@ -46,6 +69,11 @@ function populate (type, pragma, inventory, errors, plugin) {
     if (!result) continue
 
     let { name, src, build } = result
+
+    // Normalize paths, especially since plugin authors may not use path.join
+    src = normalize(src)
+    if (build) build = normalize(build)
+
     // Set up fresh config, then overlay plugin config
     let config = defaultProjectConfig()
     config = { ...config, ...getKnownProps(configProps, result.config) }
@@ -82,7 +110,7 @@ function populate (type, pragma, inventory, errors, plugin) {
 
     // Tidy up any irrelevant properties
     if (!compiledRuntimes.includes(config.runtimeConfig?.type)) {
-      // Important: if we don't clean up the build prop, many explosions will explode
+      // Super important! If we don't clean up the build prop, many explosions will explode
       build = undefined
     }
     if (type !== 'http') {
@@ -111,8 +139,10 @@ function populate (type, pragma, inventory, errors, plugin) {
   return lambdas
 }
 
+let normalize = path => path.replace(/[\\\/]/g, sep)
+
 // Lambda setter plugins can technically return anything, so this ensures everything is tidy
-let lambdaProps = [ 'cron', 'method', 'path', 'plugin', 'rate', 'route', 'table' ]
+let lambdaProps = [ 'cron', 'method', 'path', 'plugin', 'rate', 'route', 'table', 'type' ]
 let configProps = [ ...Object.keys(defaultFunctionConfig()), 'fifo', 'views' ]
 let getKnownProps = (knownProps, raw = {}) => {
   let props = knownProps.flatMap(prop => is.defined(raw[prop]) ? [ [ prop, raw[prop] ] ] : [])

package/src/config/pragmas/static.js

@@ -1,8 +1,10 @@
 let { asapSrc, is } = require('../../lib')
 
 module.exports = function configureStatic ({ arc, inventory }) {
+  let httpSetters = inventory.plugins?._methods?.set?.http
+
   // @static is inferred by @http
-  if (!arc.static && !arc.http) return null
+  if (!arc.static && !arc.http && !httpSetters) return null
 
   let staticPragma = arc.static || []
   let _static = {
@@ -37,7 +39,7 @@ module.exports = function configureStatic ({ arc, inventory }) {
   }
 
   // Handy shortcut to ASAP for bare @static
-  if (!arc.http) {
+  if (!arc.http && !httpSetters) {
     inventory._project.rootHandler = 'arcStaticAssetProxy'
     inventory._project.asapSrc = asapSrc()
   }

package/src/config/pragmas/validate/_lib.js

@@ -1,15 +1,8 @@
-let { is } = require('../../../lib')
-
-let patterns = {
-  looseName: new RegExp(/^[a-z][a-zA-Z0-9-_]+$/),
-  strictName: new RegExp(/^[a-z][a-z0-9-]+$/),
-  // DynamoDB, SNS, SQS
-  veryLooseName: new RegExp(/^[a-zA-Z0-9/\-._]*$/),
-}
+let { is, validationPatterns } = require('../../../lib')
 
 function regex (value, pattern, pragmaName, errors) {
-  if (!patterns[pattern]) throw ReferenceError(`Invalid validation pattern specified: ${pattern}`)
-  if (!patterns[pattern].test(value)) errors.push(`Invalid ${pragmaName} item: '${value}' must match ${patterns[pattern]}`)
+  if (!validationPatterns[pattern]) throw ReferenceError(`Invalid validation pattern specified: ${pattern}`)
+  if (!validationPatterns[pattern].test(value)) errors.push(`Invalid ${pragmaName} item: '${value}' must match ${validationPatterns[pattern]}`)
 }
 
 function size (value, min, max, pragmaName, errors) {

package/src/config/pragmas/views.js

@@ -48,8 +48,8 @@ module.exports = function configureViews ({ arc, pragmas, inventory, errors }) {
 
     // Set new views settings
     for (let view of arc.views) {
-      let method = view[0].toLowerCase()
-      let path = view[1]
+      let method = view?.[0]?.toLowerCase()
+      let path = view?.[1]
       if (method === 'src') continue
       let name = `${method} ${path}`
       let route = pragmas.http.find(n => n.name === name)

package/src/config/project/index.js

@@ -68,7 +68,7 @@ module.exports = function getProjectConfig (params) {
     })
 
     let { build, runtimes } = plugins.runtimes(params, _project)
-    if (build)    _project.build = join(_project.cwd, build)
+    if (build) _project.build = join(_project.cwd, build)
     if (runtimes) _project.customRuntimes = runtimes
   }
 

package/src/config/project/plugins/env.js

@@ -1,10 +1,22 @@
 let { is } = require('../../../lib')
+let envs = [ 'testing', 'staging', 'production' ]
+let str = value => {
+  if (is.object(value) || is.array(value)) return JSON.stringify(value)
+  return String(value)
+}
 
 module.exports = function setEnvPlugins (params, project) {
   let { errors, inventory } = params
   let envPlugins = inventory.plugins?._methods?.set?.env
   if (envPlugins?.length) {
-    let env = {}
+    let env = {
+      testing: null,
+      staging: null,
+      production: null,
+    }
+
+    // IEEE 1003.1-2001 does not allow lowercase, so consider this a compromise for the Windows folks in the house
+    let validName = /^[a-zA-Z0-9_]+$/
 
     // inventory._project is not yet built, so provide as much as we can to plugins for now
     let inv = { ...inventory, _project: project }
@@ -15,19 +27,44 @@ module.exports = function setEnvPlugins (params, project) {
         if (!is.object(result) || !Object.keys(result).length) {
           return errors.push(`Env plugin returned invalid data, must return an Object with one or more keys + values: ${errType}`)
         }
-        Object.entries(result).forEach(([ k, v ]) => {
-          if (env[k]) {
-            return errors.push(`Env var '${k}' already registered: ${errType}`)
-          }
-          if (is.object(v) || is.array(v)) env[k] = JSON.stringify(v)
-          else env[k] = String(v)
-        })
+        // Populate env vars based on environment
+        // If any keys are environment names, disregard all keys except environment names
+        if (Object.keys(result).some(k => envs.includes(k))) {
+          envs.forEach(e => {
+            if (result[e]) Object.entries(result[e]).forEach(([ k, v ]) => {
+              let errored = false, val = str(v)
+              if (!env[e]) env[e] = { [k]: val }
+              else if (env[e][k] && !errored) {
+                errored = true
+                errors.push(`Env var '${k}' already registered: ${errType}`)
+              }
+              else env[e][k] = val
+            })
+          })
+        }
+        // Populate all environments based on env var
+        else {
+          Object.entries(result).forEach(([ k, v ]) => {
+            if (!validName.test(k)) {
+              return errors.push(`Env var '${k}' is invalid, must be [a-zA-Z0-9_]`)
+            }
+            let errored = false, val = str(v)
+            envs.forEach(e => {
+              if (!env[e]) env[e] = { [k]: val }
+              else if (env[e][k] && !errored) {
+                errored = true
+                errors.push(`Env var '${k}' already registered: ${errType}`)
+              }
+              else env[e][k] = val
+            })
+          })
+        }
       }
       catch (err) {
         errors.push(`Runtime plugin '${fn.plugin}' failed: ${err.message}`)
       }
     })
-    return { testing: env, staging: env, production: env }
+    return env
   }
   return inventory._project.env.plugins
 }

package/src/config/project/plugins/runtimes.js

@@ -1,6 +1,9 @@
-let { is } = require('../../../lib')
+let { is, validationPatterns } = require('../../../lib')
 let { aliases, runtimeList } = require('lambda-runtimes')
+let { looserName } = validationPatterns
 let allRuntimes = runtimeList.concat([ 'deno', ...Object.keys(aliases) ])
+let validTypes = [ 'transpiled', 'compiled', 'interpreted' ]
+let builtTypes = validTypes.filter(t => t !== 'interpreted')
 
 module.exports = function setRuntimePlugins (params, project) {
   let { errors, inventory } = params
@@ -15,40 +18,47 @@ module.exports = function setRuntimePlugins (params, project) {
     runtimePlugins.forEach(fn => {
       let errType = `plugin: ${fn.plugin}, method: set.runtimes`
       try {
-        let result = fn({ inventory: { inv } })
-        result = is.array(result) ? result : [ result ]
-        result.forEach(runtime => {
-          // TODO add more validation
-          let { name } = runtime
-          if (!name) {
-            let msg = `Runtime plugin must provide a name: ${errType}`
-            return errors.push(msg)
-          }
-          if (allRuntimes.includes(name)) {
-            let msg = `Runtime name '${name}' is reserved: ${errType}`
-            return errors.push(msg)
-          }
-          if (runtimes[name]) {
-            let msg = `Runtime '${name}' already registered: ${errType}`
-            return errors.push(msg)
-          }
-          if (runtime.build) {
-            if (build && build !== runtime.build) {
-              errors.push(`Runtime '${name}' cannot set a build directory, as it is already configured to: ${build}`)
-            }
-            else if (is.bool(runtime.build) ||
-                !is.string(runtime.build)) {
-              build = 'build'
-            }
-            else build = runtime.build
-          }
-          runtimes.runtimes.push(name)
-          runtimes[name] = runtime
-        })
+        var result = fn({ inventory: { inv } })
       }
       catch (err) {
-        errors.push(`Runtime plugin '${fn.plugin}' failed: ${err.message}`)
+        err.message = `Runtime plugin exception: ${errType}`
+                      + `\n` + err.message
+        throw err
       }
+      // Accept one or more results, then loop through them
+      result = is.array(result) ? result : [ result ]
+      result.forEach(runtime => {
+        let { name, type, baseRuntime } = runtime
+        if (!name || !looserName.test(name)) {
+          let msg = `Runtime plugin must provide a valid name: ${errType}`
+          return errors.push(msg)
+        }
+        if (!type || !validTypes.includes(type)) {
+          let msg = `Runtime plugin must provide a valid type: ${errType}`
+          return errors.push(msg)
+        }
+        if (allRuntimes.includes(name)) {
+          let msg = `Runtime name '${name}' is reserved: ${errType}`
+          return errors.push(msg)
+        }
+        if (runtimes[name]) {
+          let msg = `Runtime name '${name}' already registered: ${errType}`
+          return errors.push(msg)
+        }
+        if (builtTypes.includes(type)) {
+          if (build && runtime.build && build !== runtime.build) {
+            return errors.push(`Runtime '${name}' cannot set a build directory, as it is already configured to: ${build}`)
+          }
+          // Adhere to Postel's Law
+          build = 'build'
+          if (is.string(runtime.build)) build = runtime.build
+        }
+        if (type === 'transpiled' && !allRuntimes.includes(baseRuntime)) {
+          return errors.push(`Runtime '${name}' must include a valid baseRuntime property corresponding to a valid Lambda runtime (e.g. 'nodejs14.x')`)
+        }
+        runtimes.runtimes.push(name)
+        runtimes[name] = runtime
+      })
     })
     return { build, runtimes }
   }

package/src/defaults/index.js

@@ -33,9 +33,9 @@ module.exports = function inventoryDefaults (params = {}) {
       defaultFunctionConfig,        // Project-level function config
       rootHandler: null,            // null | configured | arcStaticAssetProxy | proxy
       env: {                        // Env vars pulled from:
-        local: null,                // Local/global prefs or .env
-        plugins: null,              // Plugins
-        aws: null,                  // SSM
+        local: null,                // - Local/global prefs or .env
+        plugins: null,              // - Plugins
+        aws: null,                  // - SSM
       },
       customRuntimes: null,         // Runtime plugins
       arc: [],                      // Raw arc obj

package/src/lib/index.js

@@ -15,6 +15,13 @@ let compiledRuntimes = [ 'compiled', 'transpiled' ]
 // `any` must come last for Sandbox route sorting purposes
 let httpMethods = [ 'get', 'post', 'put', 'patch', 'delete', 'options', 'head', 'any' ]
 
+let validationPatterns = {
+  strictName: /^[a-z][a-z0-9-]+$/,
+  looseName: /^[a-z][a-zA-Z0-9-_]+$/,
+  looserName: /^[a-z][a-zA-Z0-9-._]+$/,
+  veryLooseName: /^[a-zA-Z0-9/\-._]*$/,
+}
+
 module.exports = {
   asapSrc,
   compiledRuntimes,
@@ -25,4 +32,5 @@ module.exports = {
   mergeEnvVars,
   normalizeSrc: getLambdaDirs.normalizeSrc,
   pragmas,
+  validationPatterns,
 }

package/src/validate/index.js

@@ -1,7 +1,8 @@
 let config = require('./config')
 let layers = require('./layers')
 let tablesChildren = require('./tables-children')
-let errorFmt = require('../lib/error-fmt')
+let paths = require('./paths')
+let { errorFmt } = require('../lib')
 
 /**
  * Final inventory validation
@@ -11,26 +12,32 @@ module.exports = function finalValidation (params, inventory) {
 
   /**
    * Deal with vendor configuration errors
+   * - Analyze function configuration
+   * - Ensure layer configuration will work, AWS blows up with awful errors on this
+   * - TODO add deeper policy validation
    */
-  // Analyze function configuration
   config(params, inventory, errors)
-
-  // Ensure layer configuration will work, AWS blows up with awful errors on this
   layers(params, inventory, errors)
-
-  // TODO add deeper policy validation here
-
   if (errors.length) {
     return errorFmt({ type: 'configuration', errors })
   }
 
   /**
    * Deal with project validation errors
+   * - Ensure @tables children (@tables-streams, @tables-indexes) have parent tables present
    */
-  // Ensure @tables children (@tables-streams, @tables-indexes) have parent tables present
   tablesChildren(inventory, errors)
-
   if (errors.length) {
     return errorFmt({ type: 'validation', errors })
   }
+
+  /**
+   * File path validation
+   * - Ensure all file paths are ascii
+   */
+  paths(inventory, errors)
+  if (errors.length) {
+    return errorFmt({ type: 'file path', errors })
+  }
+
 }

package/src/validate/paths.js

@@ -0,0 +1,17 @@
+module.exports = function checkFilePaths (inventory, errors) {
+  let ascii = /^[ -~]+$/
+  let err = str => errors.push(`${str} path must contain only ascii characters`)
+
+  let { _project: proj } = inventory
+  if (!ascii.test(proj.cwd)) return err('Project file')
+  if (!ascii.test(proj.src)) return err('Project source')
+  if (proj.build && !ascii.test(proj.build)) return err('Build')
+
+  let lambdas = inventory.lambdasBySrcDir
+  if (lambdas){
+    Object.values(lambdas).forEach(lambda => {
+      let { name, pragma, src } = lambda
+      if (!ascii.test(src)) err(`@${pragma} ${name} source`)
+    })
+  }
+}