@catladder/cli 1.145.0 → 1.146.0

package/package.json

@@ -52,7 +52,7 @@
     }
   ],
   "license": "MIT",
-  "version": "1.145.0",
+  "version": "1.146.0",
   "scripts": {
     "lint": "eslint \"src/**/*.ts\"",
     "lint:fix": "eslint \"src/**/*.ts\" --fix",
@@ -102,7 +102,7 @@
     "memoizee": "^0.4.14",
     "node-fetch": "^2.3.0",
     "open": "^8.4.0",
-    "prettier": "^2.5.1",
+    "prettier": "^3.3.2",
     "tmp-promise": "^2.0.2",
     "ts-results-es": "^4.1.0-alpha.1",
     "tsc-alias": "^1.8.10",

package/src/apps/catci/commands/security/auditDocument.ts

@@ -22,7 +22,7 @@ const rows = [
     t.description,
     "",
     t.more,
-  ])
+  ]),
 );
 
 function makeTable(rows: string[][]) {
@@ -33,7 +33,7 @@ ${makeRow(rows[0], colWidths, " ")}
 ${makeRow(
   rows[0].map(() => ""),
   colWidths,
-  "-"
+  "-",
 )}
 ${rows
   .slice(1)
@@ -45,7 +45,7 @@ ${rows
 function calculateColumnWidths(rows: string[][]) {
   const columnCount = rows[0].length;
   return Array.from({ length: columnCount }, (_, i) => i).map((columnIndex) =>
-    Math.max(...rows.map((row) => row[columnIndex].length))
+    Math.max(...rows.map((row) => row[columnIndex].length)),
   );
 }
 
@@ -115,7 +115,7 @@ export function evaluateDocument(document: string): SecurityEvaluation {
       !isUnknown &&
       !answer.includes(checkPlaceholder) &&
       !responsibles.some((responsible) =>
-        responsible.includes(responsiblePlaceholder)
+        responsible.includes(responsiblePlaceholder),
       );
     const isSecured = !isUnknown && isAnswered && answer.includes(checkYes);
 

package/src/apps/catci/commands/security/commands.ts

@@ -21,7 +21,7 @@ export default function (vorpal: Vorpal) {
 type ActionFunc = (args: Vorpal.Args) => Promise<void>;
 
 function resultAsExitCode(
-  func: (args: Vorpal.Args) => Promise<Result<unknown, unknown>>
+  func: (args: Vorpal.Args) => Promise<Result<unknown, unknown>>,
 ): ActionFunc {
   return async (args: Vorpal.Args) => {
     const result = await func(args);
@@ -40,7 +40,7 @@ async function commandCiJob(vorpal: Vorpal) {
 <main-branch> main branch name
 <project-id> project id to create security audit for
 <user-id> gitlab user id that will be assignee of the audit
-`
+`,
     )
     .action(
       resultAsExitCode(async (args) => {
@@ -49,7 +49,7 @@ async function commandCiJob(vorpal: Vorpal) {
         if (evaluation.isErr()) {
           console.log("could not evaluate security audit document");
           console.log(
-            "creating new merge request with security audit template..."
+            "creating new merge request with security audit template...",
           );
 
           const { token, mainBranch, projectId, userId } = args;
@@ -67,14 +67,14 @@ async function commandCiJob(vorpal: Vorpal) {
 
           if (mr.isErr()) {
             console.error(
-              `could not create merge request with security audit template: ${mr.error}`
+              `could not create merge request with security audit template: ${mr.error}`,
             );
             return mr;
           }
 
           console.log("security audit merge request created successfully");
           console.log(
-            `please finish the MR by updating SECURITY.md document: ${mr.value.web_url}`
+            `please finish the MR by updating SECURITY.md document: ${mr.value.web_url}`,
           );
           return Err("merge request created" as const);
         }
@@ -82,14 +82,14 @@ async function commandCiJob(vorpal: Vorpal) {
         if (evaluation.value.score.answeredTopics === 0) {
           console.error("audit document has no answered topics");
           console.error(
-            `please answer security topics in ${SECURITY_AUDIT_FILE_NAME} by adding responsible people and check/cross in the table`
+            `please answer security topics in ${SECURITY_AUDIT_FILE_NAME} by adding responsible people and check/cross in the table`,
           );
           return Err("audit document has no answered topics" as const);
         }
 
         console.log(makeSecurityAuditOverview(evaluation.value));
         return Ok({});
-      })
+      }),
     );
 }
 
@@ -97,7 +97,7 @@ async function commandEvaluate(vorpal: Vorpal) {
   vorpal
     .command(
       "security-audit-evaluate <path>",
-      "Evaluates security audit document in given <path>"
+      "Evaluates security audit document in given <path>",
     )
     .action(
       resultAsExitCode(async (args) => {
@@ -107,13 +107,13 @@ async function commandEvaluate(vorpal: Vorpal) {
         if (result.isErr()) {
           console.error(result.error);
           console.error(
-            `please make sure the security audit document ${SECURITY_AUDIT_FILE_NAME} is in the repository`
+            `please make sure the security audit document ${SECURITY_AUDIT_FILE_NAME} is in the repository`,
           );
         } else {
           console.log(makeSecurityAuditOverview(result.value));
         }
         return result;
-      })
+      }),
     );
 }
 
@@ -127,7 +127,7 @@ async function commandCreate(vorpal: Vorpal) {
 <main-branch> main branch name
 <project-id> project id to create security audit for
 <user-id> gitlab user id that will be assignee of the audit
-`
+`,
     )
     .action(
       resultAsExitCode(async (args) => {
@@ -147,15 +147,15 @@ async function commandCreate(vorpal: Vorpal) {
 
         if (result.isErr()) {
           console.error(
-            `could not create security audit merge request: ${result.error}`
+            `could not create security audit merge request: ${result.error}`,
           );
         } else {
           console.log("security audit merge request created successfully");
           console.log(
-            `please finish the MR by updating SECURITY.md document: ${result.value.web_url}`
+            `please finish the MR by updating SECURITY.md document: ${result.value.web_url}`,
           );
         }
         return result;
-      })
+      }),
     );
 }

package/src/apps/catci/commands/security/createSecurityAuditMergeRequest.ts

@@ -27,7 +27,7 @@ export async function createSecurityAuditMergeRequest({
         state: "opened",
         wip: "yes",
         labels: "security-audit",
-      })
+      }),
     )
   ).mapErr(() => `could not search for existing merge requests` as const);
   if (mrs.isErr()) return mrs;
@@ -35,11 +35,11 @@ export async function createSecurityAuditMergeRequest({
   const existingMr = mrs.value[0];
   if (existingMr)
     return Err(
-      `open merge request with security audit already exists: ${existingMr.web_url}`
+      `open merge request with security audit already exists: ${existingMr.web_url}`,
     );
 
   const auditTemplate = Result.wrap(() => makeTemplate()).mapErr(
-    () => "could not make security audit template document" as const
+    () => "could not make security audit template document" as const,
   );
   if (auditTemplate.isErr()) return auditTemplate;
 
@@ -48,8 +48,8 @@ export async function createSecurityAuditMergeRequest({
       api.Branches.create(
         projectId,
         makeDatedBranchName("chore/security-audit"),
-        mainBranch
-      )
+        mainBranch,
+      ),
     )
   ).mapErr((e) => {
     console.log(e);
@@ -70,8 +70,8 @@ export async function createSecurityAuditMergeRequest({
             content: auditTemplate.value,
             encoding: "text",
           },
-        ]
-      )
+        ],
+      ),
     )
   ).mapErr(() => "could not create commit" as const);
   if (commit.isErr()) return commit;
@@ -89,8 +89,8 @@ export async function createSecurityAuditMergeRequest({
           squash: true,
           labels: "security-audit",
           removeSourceBranch: true,
-        }
-      )
+        },
+      ),
     )
   ).mapErr(() => "could not create merge request" as const);
 

package/src/apps/catci/commands/security/evaluateSecurityAudit.ts

@@ -25,6 +25,6 @@ export function makeSecurityAuditOverview(evaluation: SecurityEvaluation) {
  📢 Answered topics: ${evaluation.score.answeredTopics}
  ❔ Unknown topics: ${evaluation.score.unknownTopics}
  📊 Rating: ${ratingToEmo(evaluation.score.rating)} ${
-    evaluation.score.rating
-  }/100`;
+   evaluation.score.rating
+ }/100`;
 }

package/src/apps/catci/commands/security/topics.json

@@ -20,8 +20,7 @@
     "more": "[Logging guide](https://www.notion.so/panterch/Long-story-logging-022722bb878f4724ae5b49e17667b630?pvs=4#9e5a36b7158a4953b73ec6a345bd8989), [Tracing guide](https://www.notion.so/panterch/Long-story-tracing-d8a9ec1ac2ff4fa78cefa8991233224e?pvs=4#535121b5bf9741fbaf8654b4b64d879d)"
   },
   {
-    "description":
-      "Passwords are stored hashed with salt and salt is not stored in the repository",
+    "description": "Passwords are stored hashed with salt and salt is not stored in the repository",
     "responsibles": 1,
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/hash.md)"
   },
@@ -46,8 +45,7 @@
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/cookies.md)"
   },
   {
-    "description":
-      "The app uses JWT with a secret and the secret is not stored in the repository",
+    "description": "The app uses JWT with a secret and the secret is not stored in the repository",
     "responsibles": 1,
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/cookies.md)"
   },
@@ -62,8 +60,7 @@
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/cors.md)"
   },
   {
-    "description":
-      "CSP headers are properly configured (no `unsafe-inline` or `unsafe-eval`)",
+    "description": "CSP headers are properly configured (no `unsafe-inline` or `unsafe-eval`)",
     "responsibles": 1,
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/csp.md)"
   },
@@ -73,8 +70,7 @@
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/dos.md)"
   },
   {
-    "description":
-      "YAML/XML parsing is not used or used YAML/XML parsers have disabled DTD",
+    "description": "YAML/XML parsing is not used or used YAML/XML parsers have disabled DTD",
     "responsibles": 1,
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/dos.md)"
   },
@@ -89,8 +85,7 @@
     "more": ""
   },
   {
-    "description":
-      "The app has disabled GraphQL introspection and schema registry",
+    "description": "The app has disabled GraphQL introspection and schema registry",
     "responsibles": 1,
     "more": "[guide](https://git.panter.ch/panter/security-guide/-/blob/main/docs/audit/graphql.md)"
   },
@@ -105,20 +100,17 @@
     "more": ""
   },
   {
-    "description":
-      "Cloud storage is (private) configured to not leak any sensitive data publicly",
+    "description": "Cloud storage is (private) configured to not leak any sensitive data publicly",
     "responsibles": 1,
     "more": ""
   },
   {
-    "description":
-      "Security Dashboard checks weekly vulnerable dependencies https://dep.panter.swiss/",
+    "description": "Security Dashboard checks weekly vulnerable dependencies https://dep.panter.swiss/",
     "responsibles": 1,
     "more": ""
   },
   {
-    "description":
-      "The app has `.well-known/security.txt` https://securitytxt.org/",
+    "description": "The app has `.well-known/security.txt` https://securitytxt.org/",
     "responsibles": 1,
     "more": ""
   }

package/src/apps/catenv/catenv.ts

@@ -11,13 +11,14 @@ export default async (choice?: Choice) => {
     return;
   }
 
-  if (config.pipelineType) {
-    await generatePipelineFiles(config, config.pipelineType, "local");
-  }
-
-  await writeDotEnvFiles(config, choice);
+  await Promise.all([
+    config.pipelineType
+      ? generatePipelineFiles(config, config.pipelineType, "local")
+      : undefined,
+    writeDotEnvFiles(config, choice),
 
-  await writeDTsFiles(config, choice);
+    writeDTsFiles(config, choice),
 
-  await printVariables(config, choice);
+    printVariables(config, choice),
+  ]);
 };

package/src/apps/catenv/printVariables.ts

@@ -10,7 +10,7 @@ import {
 const getAllVariablesToPrint = async (config: Config, choice?: Choice) => {
   const { env, currentComponent } = await getCurrentComponentAndEnvFromChoice(
     config,
-    choice
+    choice,
   );
 
   if (currentComponent) {
@@ -39,11 +39,11 @@ const getAllVariablesToPrint = async (config: Config, choice?: Choice) => {
             Object.entries(subappvars).map(([key, value]) => [
               `${sanitizeEnvVarName(componentName.toUpperCase())}_${key}`,
               value,
-            ])
+            ]),
           ),
         };
       },
-      Promise.resolve({} as Record<string, string>)
+      Promise.resolve({} as Record<string, string>),
     );
   }
 };

package/src/apps/catenv/utils.ts

@@ -5,7 +5,7 @@ import type { Choice, Variables } from "./types";
 export const getComponentFullPath = (
   gitRoot: string,
   config: Config,
-  componentName: string
+  componentName: string,
 ) => {
   return join(gitRoot, config.components[componentName].dir);
 };
@@ -13,13 +13,13 @@ const getCurrentComponentName = async (config: Config) => {
   const gitRoot = await getGitRoot();
   const currentDir = process.cwd();
   return Object.keys(config.components).find((c) =>
-    currentDir.startsWith(getComponentFullPath(gitRoot, config, c))
+    currentDir.startsWith(getComponentFullPath(gitRoot, config, c)),
   );
 };
 
 export const getCurrentComponentAndEnvFromChoice = async (
   config: Config,
-  choice?: Choice
+  choice?: Choice,
 ) => {
   const env = choice?.env ?? "local";
   const currentComponent =
@@ -41,7 +41,7 @@ export const sanitizeMultiLine = (variables: Variables) => {
     Object.entries(variables).map(([key, value]) => [
       key,
       value.replaceAll("\n", "\\n"),
-    ])
+    ]),
   );
 };
 

package/src/apps/catenv/writeDotEnvFiles.ts

@@ -14,7 +14,7 @@ import {
 export const writeDotEnvFiles = async (config: Config, choice?: Choice) => {
   const { env, currentComponent } = await getCurrentComponentAndEnvFromChoice(
     config,
-    choice
+    choice,
   );
 
   const componentsWithEnabledDotEnvWrite = Object.entries(config.components)

package/src/apps/catenv/writeEnvDTs.ts

@@ -11,7 +11,7 @@ import {
 export const writeDTsFiles = async (config: Config, choice?: Choice) => {
   const { env, currentComponent } = await getCurrentComponentAndEnvFromChoice(
     config,
-    choice
+    choice,
   );
 
   const componentsWithEnabledEnvDTsWrite = Object.entries(config.components)
@@ -39,7 +39,7 @@ export const writeDTsFiles = async (config: Config, choice?: Choice) => {
 
 async function getEnvsForDTs(
   env: string,
-  componentName: string
+  componentName: string,
 ): Promise<string[]> {
   const environment = await getEnvironment(env, componentName);
   const allEnvKeys = Object.keys(environment.envVars);
@@ -47,7 +47,7 @@ async function getEnvsForDTs(
     environment.secretEnvVarKeys
       .filter((s) => s.hidden)
       .map((s) => s.key)
-      .concat(["_ALL_ENV_VAR_KEYS"])
+      .concat(["_ALL_ENV_VAR_KEYS"]),
   );
   const dTsEnvKeys = allEnvKeys.filter((k) => !hiddenEnvKeys.has(k));
 

package/src/apps/cli/cli.ts

@@ -16,7 +16,7 @@ export default async () => {
   const vorpal = new Vorpal();
 
   const welcomeMessage = boxWithAsci(
-    `catladder 😻 v${packageInfos.version} ✨`
+    `catladder 😻 v${packageInfos.version} ✨`,
   );
 
   vorpal

package/src/apps/cli/commands/cloudSQL/commandRestoreDb.ts

@@ -7,7 +7,7 @@ export default async (vorpal: Vorpal) =>
   vorpal
     .command(
       "cloud-sql-restore-db",
-      "restore a db from one source to another target"
+      "restore a db from one source to another target",
     )
     .action(async function restoreDb() {
       const { sourceInstance } = await this.prompt({

package/src/apps/cli/commands/general/index.ts

@@ -17,7 +17,7 @@ const getAllNamespaces = memoizee(
     const res = await k8sApi.listNamespace();
     return res.body.items;
   },
-  { maxAge: 30000, promise: true }
+  { maxAge: 30000, promise: true },
 );
 
 export const getAllNamespacesNames = async () => {
@@ -65,7 +65,7 @@ export default async (vorpal: Vorpal) => {
   vorpal
     .command(
       "kube-get-shell <namespace>",
-      "get a shell to a pod in the environment"
+      "get a shell to a pod in the environment",
     )
     .autocomplete(namespaceAutoCompletion)
     .action(async function ({ namespace }) {

package/src/apps/cli/commands/general/namespaceAutoCompletion.ts

@@ -3,5 +3,5 @@ export const namespaceAutoCompletion = {
   async data() {
     const namespaces = await getAllNamespacesNames();
     return namespaces;
-  }
+  },
 };

package/src/apps/cli/commands/mongodb/projectMongoDestroyMember.ts

@@ -10,22 +10,22 @@ import { getMongoDbPodsWithReplInfo } from "./utils";
 const removeFinalizer = async (
   namespace: string,
   type: "pod" | "pv" | "pvc",
-  name: string
+  name: string,
 ) =>
   exec(
-    `kubectl patch --namespace ${namespace} ${type} ${name} -p '{"metadata":{"finalizers":null}}'`
+    `kubectl patch --namespace ${namespace} ${type} ${name} -p '{"metadata":{"finalizers":null}}'`,
   );
 
 const deleteResource = async (
   namespace: string,
   type: "pod" | "pv" | "pvc",
-  name: string
+  name: string,
 ) => exec(`kubectl delete --namespace ${namespace} ${type} ${name}`);
 
 const removeFinalizerAndDelete = async (
   namespace: string,
   type: "pod" | "pv" | "pvc",
-  name: string
+  name: string,
 ) => {
   return Promise.all([
     removeFinalizer(namespace, type, name),
@@ -36,29 +36,29 @@ export default async (vorpal: Vorpal) =>
   vorpal
     .command(
       "project-mongo-destroy-member <envComponent>",
-      "DESTROY a member of a replicaset in order to reinitialize it"
+      "DESTROY a member of a replicaset in order to reinitialize it",
     )
     .autocomplete(await envAndComponents())
     .action(async function ({ envComponent }) {
       await ensureCluster.call(this, envComponent);
       this.log(
-        "this command tries to delete a (secondary) member of the replicaset, it's persistent volume claim (pvc) and the volume"
+        "this command tries to delete a (secondary) member of the replicaset, it's persistent volume claim (pvc) and the volume",
       );
       this.log("");
       this.log(
-        "this is useful, if you update the stateful set with new volume configuration (different size or storage class)"
+        "this is useful, if you update the stateful set with new volume configuration (different size or storage class)",
       );
       this.log("");
       this.log(
-        "Kubernetes will usually recreate the missing member with the updated config and mongodb will start synchronizing the new member."
+        "Kubernetes will usually recreate the missing member with the updated config and mongodb will start synchronizing the new member.",
       );
       this.log("");
       this.log(
-        "This works without downtime, but should be done when load on the db is low. Also it has not been tested with large dbs (> 10gi)"
+        "This works without downtime, but should be done when load on the db is low. Also it has not been tested with large dbs (> 10gi)",
       );
       this.log("");
       this.log(
-        "Deleting the volume and claim often stuck, just wait or cancel and restart."
+        "Deleting the volume and claim often stuck, just wait or cancel and restart.",
       );
       this.log("");
       const { understood } = await this.prompt({
@@ -96,7 +96,7 @@ export default async (vorpal: Vorpal) =>
       ).podName;
 
       const thePvc = pvcs.find(
-        (pvc) => pvc.metadata.name === `datadir-${podName}`
+        (pvc) => pvc.metadata.name === `datadir-${podName}`,
       );
       if (!thePvc) {
         logError(this, `sorry, no pvc found for ${podName}`);

package/src/apps/cli/commands/mongodb/projectMongoGetShell.ts

@@ -12,15 +12,14 @@ export default async (vorpal: Vorpal) =>
   vorpal
     .command(
       "project-mongo-get-shell <envComponent>",
-      "get a shell to a mongodb in the environment"
+      "get a shell to a mongodb in the environment",
     )
     .autocomplete(await envAndComponents())
     .action(async function ({ envComponent }) {
       await ensureCluster.call(this, envComponent);
       const namespace = await getProjectNamespace(envComponent);
-      const podNames = await getProjectMongodbAllPodsSortedWithLabel(
-        envComponent
-      );
+      const podNames =
+        await getProjectMongodbAllPodsSortedWithLabel(envComponent);
       if (podNames.length === 0) {
         logError(this, "sorry, no pods found");
         return;

package/src/apps/cli/commands/mongodb/projectMongoPortForward.ts

@@ -15,15 +15,14 @@ export default async (vorpal: Vorpal) =>
   vorpal
     .command(
       "project-mongo-port-forward <envComponent>",
-      "port foward to a mongodb"
+      "port foward to a mongodb",
     )
     .autocomplete(await envAndComponents())
     .action(async function ({ envComponent }) {
       await ensureCluster.call(this, envComponent);
       const namespace = await getProjectNamespace(envComponent);
-      const podNames = await getProjectMongodbAllPodsSortedWithLabel(
-        envComponent
-      );
+      const podNames =
+        await getProjectMongodbAllPodsSortedWithLabel(envComponent);
       if (podNames.length === 0) {
         logError(this, "sorry, no pods found");
         return;

package/src/apps/cli/commands/mongodb/utils/index.ts

@@ -7,7 +7,7 @@ const filterMongoDbs = (podNames: string[]) =>
     (name) =>
       name.includes("mongodb") &&
       !name.includes("mongodb-backup") &&
-      !name.includes("arbiter")
+      !name.includes("arbiter"),
   );
 
 export const getProjectMongodbAllPods = async (envComponent: string) =>
@@ -32,7 +32,7 @@ export const getMongodbShell = async (namespace: string, podName: string) => {
 export const executeMongodbCommand = async (
   namespace: string,
   podName: string,
-  mongoCommand: string
+  mongoCommand: string,
 ) => {
   const fullCommand = `kubectl exec -it ${podName} --namespace ${namespace} -- mongo --quiet --eval "JSON.stringify(${mongoCommand})"`;
   const { stdout } = await exec(fullCommand, {
@@ -50,7 +50,7 @@ export const podIsMaster = async (namespace: string, podName: string) => {
     const result = await executeMongodbCommand(
       namespace,
       podName,
-      "db.isMaster()"
+      "db.isMaster()",
     );
 
     return result.ismaster;
@@ -66,28 +66,26 @@ export const getMongoDbPodsWithReplInfo = async (envComponent: string) => {
   const namespace = await getProjectNamespace(envComponent);
   return (
     await Promise.all(
-      (
-        await getProjectMongodbAllPods(envComponent)
-      ).map(async (podName) => ({
+      (await getProjectMongodbAllPods(envComponent)).map(async (podName) => ({
         podName,
         componentName: podName.replace(/-mongodb-replicaset-[0-9]+/, ""),
         isMaster: await podIsMaster(namespace, podName),
-      }))
+      })),
     )
   ).sort((podA, podB) => (podA.isMaster ? (podB.isMaster ? 0 : -1) : 1));
 };
 
 export const getProjectMongodbAllPodsSortedWithLabel = async (
-  envComponent: string
+  envComponent: string,
 ) => {
   const pods = await getMongoDbPodsWithReplInfo(envComponent);
   const maxComponentNameLength = Math.max(
-    ...pods.map((c) => c.componentName.length)
+    ...pods.map((c) => c.componentName.length),
   );
   return pods.map(({ podName, isMaster, componentName }) => ({
     value: podName,
     name: `[ ${componentName}${spaces(
-      maxComponentNameLength - componentName.length
+      maxComponentNameLength - componentName.length,
     )} ${isMaster ? "  PRIMARY  " : " secondary "}] ${podName}`,
   }));
 };