@catladder/cli 1.43.0 → 1.44.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/dist/apps/cli/commands/project/setup/setupCloudRun.d.ts +3 -0
  2. package/dist/apps/cli/commands/project/setup/setupCloudRun.js +92 -0
  3. package/dist/apps/cli/commands/project/setup/setupCloudRun.js.map +1 -0
  4. package/dist/apps/cli/commands/project/setup/setupContext.js +12 -5
  5. package/dist/apps/cli/commands/project/setup/setupContext.js.map +1 -1
  6. package/dist/apps/cli/commands/shared/index.js.map +1 -1
  7. package/dist/bundles/catenv/index.js +3 -3
  8. package/dist/bundles/cli/index.js +2 -2
  9. package/dist/gcloud/artifactsRegistry.d.ts +5 -0
  10. package/dist/gcloud/artifactsRegistry.js +59 -0
  11. package/dist/gcloud/artifactsRegistry.js.map +1 -0
  12. package/dist/gcloud/cloudRun/getCloudRunDomainSuffix.d.ts +2 -0
  13. package/dist/gcloud/cloudRun/getCloudRunDomainSuffix.js +67 -0
  14. package/dist/gcloud/cloudRun/getCloudRunDomainSuffix.js.map +1 -0
  15. package/dist/gcloud/enableServices.d.ts +3 -0
  16. package/dist/gcloud/enableServices.js +63 -0
  17. package/dist/gcloud/enableServices.js.map +1 -0
  18. package/dist/gcloud/serviceAccounts.d.ts +12 -0
  19. package/dist/gcloud/serviceAccounts.js +144 -0
  20. package/dist/gcloud/serviceAccounts.js.map +1 -0
  21. package/dist/tsconfig.tsbuildinfo +1 -1
  22. package/dist/utils/gitlab.js +1 -1
  23. package/dist/utils/gitlab.js.map +1 -1
  24. package/package.json +2 -2
  25. package/src/apps/cli/commands/project/setup/setupCloudRun.ts +69 -0
  26. package/src/apps/cli/commands/project/setup/setupContext.ts +4 -1
  27. package/src/apps/cli/commands/shared/index.ts +0 -4
  28. package/src/gcloud/artifactsRegistry.ts +16 -0
  29. package/src/gcloud/cloudRun/getCloudRunDomainSuffix.ts +34 -0
  30. package/src/gcloud/enableServices.ts +14 -0
  31. package/src/gcloud/serviceAccounts.ts +101 -0
  32. package/src/utils/gitlab.ts +2 -2
package/dist/gcloud/artifactsRegistry.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import type { Gcloudregion } from "@catladder/pipeline";
2
+ export declare const upsertGcloudArtifactsRegistry: (config: {
3
+ projectId: string;
4
+ region: Gcloudregion;
5
+ }) => Promise<void>;
package/dist/gcloud/artifactsRegistry.js ADDED
@@ -0,0 +1,59 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __generator = (this && this.__generator) || function (thisArg, body) {
12
+ var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
13
+ return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
14
+ function verb(n) { return function (v) { return step([n, v]); }; }
15
+ function step(op) {
16
+ if (f) throw new TypeError("Generator is already executing.");
17
+ while (_) try {
18
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
19
+ if (y = 0, t) op = [op[0] & 2, t.value];
20
+ switch (op[0]) {
21
+ case 0: case 1: t = op; break;
22
+ case 4: _.label++; return { value: op[1], done: false };
23
+ case 5: _.label++; y = op[1]; op = [0]; continue;
24
+ case 7: op = _.ops.pop(); _.trys.pop(); continue;
25
+ default:
26
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
27
+ if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
28
+ if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
29
+ if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
30
+ if (t[2]) _.ops.pop();
31
+ _.trys.pop(); continue;
32
+ }
33
+ op = body.call(thisArg, _);
34
+ } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
35
+ if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
36
+ }
37
+ };
38
+ exports.__esModule = true;
39
+ exports.upsertGcloudArtifactsRegistry = void 0;
40
+ var child_process_promise_1 = require("child-process-promise");
41
+ var upsertGcloudArtifactsRegistry = function (config) { return __awaiter(void 0, void 0, void 0, function () {
42
+ var e_1;
43
+ return __generator(this, function (_a) {
44
+ switch (_a.label) {
45
+ case 0:
46
+ _a.trys.push([0, 2, , 3]);
47
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud artifacts repositories create catladder-deploy --project=\"".concat(config.projectId, "\" --repository-format=docker --location=").concat(config.region))];
48
+ case 1:
49
+ _a.sent();
50
+ return [3 /*break*/, 3];
51
+ case 2:
52
+ e_1 = _a.sent();
53
+ return [3 /*break*/, 3];
54
+ case 3: return [2 /*return*/];
55
+ }
56
+ });
57
+ }); };
58
+ exports.upsertGcloudArtifactsRegistry = upsertGcloudArtifactsRegistry;
59
+ //# sourceMappingURL=artifactsRegistry.js.map
package/dist/gcloud/artifactsRegistry.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"artifactsRegistry.js","sourceRoot":"","sources":["../../src/gcloud/artifactsRegistry.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,+DAA6C;AAEtC,IAAM,6BAA6B,GAAG,UAAO,MAGnD;;;;;;gBAEG,qBAAM,IAAA,4BAAI,EACR,4EAAoE,MAAM,CAAC,SAAS,sDAA2C,MAAM,CAAC,MAAM,CAAE,CAC/I,EAAA;;gBAFD,SAEC,CAAC;;;;;;;;KAKL,CAAC;AAZW,QAAA,6BAA6B,iCAYxC"}
package/dist/gcloud/cloudRun/getCloudRunDomainSuffix.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { DeployConfigCloudRun } from "@catladder/pipeline";
2
+ export declare const getCloudRunDomainSuffix: (config: DeployConfigCloudRun) => Promise<any>;
package/dist/gcloud/cloudRun/getCloudRunDomainSuffix.js ADDED
@@ -0,0 +1,67 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __generator = (this && this.__generator) || function (thisArg, body) {
12
+ var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
13
+ return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
14
+ function verb(n) { return function (v) { return step([n, v]); }; }
15
+ function step(op) {
16
+ if (f) throw new TypeError("Generator is already executing.");
17
+ while (_) try {
18
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
19
+ if (y = 0, t) op = [op[0] & 2, t.value];
20
+ switch (op[0]) {
21
+ case 0: case 1: t = op; break;
22
+ case 4: _.label++; return { value: op[1], done: false };
23
+ case 5: _.label++; y = op[1]; op = [0]; continue;
24
+ case 7: op = _.ops.pop(); _.trys.pop(); continue;
25
+ default:
26
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
27
+ if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
28
+ if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
29
+ if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
30
+ if (t[2]) _.ops.pop();
31
+ _.trys.pop(); continue;
32
+ }
33
+ op = body.call(thisArg, _);
34
+ } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
35
+ if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
36
+ }
37
+ };
38
+ exports.__esModule = true;
39
+ exports.getCloudRunDomainSuffix = void 0;
40
+ var child_process_promise_1 = require("child-process-promise");
41
+ var getSuffixFromService = function (service) {
42
+ var fullUrl = service.status.url;
43
+ var name = service.metadata.name;
44
+ return fullUrl.replace("https://" + name + "-", "");
45
+ };
46
+ var getCloudRunDomainSuffix = function (config) { return __awaiter(void 0, void 0, void 0, function () {
47
+ var dummyServiceName, existingServices, result;
48
+ return __generator(this, function (_a) {
49
+ switch (_a.label) {
50
+ case 0:
51
+ dummyServiceName = "cl-dummy-service";
52
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud run services list --format=json --project=\"".concat(config.projectId, "\" --region=").concat(config.region, " --limit=1")).then(function (r) { return JSON.parse(r.stdout); })];
53
+ case 1:
54
+ existingServices = _a.sent();
55
+ if (existingServices.length > 0) {
56
+ return [2 /*return*/, getSuffixFromService(existingServices[0])];
57
+ }
58
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud run deploy ".concat(dummyServiceName, " --region=").concat(config.region, " --allow-unauthenticated --project ").concat(config.projectId, " --image=us-docker.pkg.dev/cloudrun/container/hello --format=json")).then(function (r) { return JSON.parse(r.stdout); })];
59
+ case 2:
60
+ result = _a.sent();
61
+ return [4 /*yield*/, getSuffixFromService(result)];
62
+ case 3: return [2 /*return*/, _a.sent()];
63
+ }
64
+ });
65
+ }); };
66
+ exports.getCloudRunDomainSuffix = getCloudRunDomainSuffix;
67
+ //# sourceMappingURL=getCloudRunDomainSuffix.js.map
package/dist/gcloud/cloudRun/getCloudRunDomainSuffix.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"getCloudRunDomainSuffix.js","sourceRoot":"","sources":["../../../src/gcloud/cloudRun/getCloudRunDomainSuffix.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,+DAA6C;AAE7C,IAAM,oBAAoB,GAAG,UAAC,OAAY;IACxC,IAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC;IACnC,IAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;IAEnC,OAAO,OAAO,CAAC,OAAO,CAAC,UAAU,GAAG,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;AACtD,CAAC,CAAC;AACK,IAAM,uBAAuB,GAAG,UAAO,MAA4B;;;;;gBAUlE,gBAAgB,GAAG,kBAAkB,CAAC;gBAEnB,qBAAM,IAAA,4BAAI,EACjC,8DAAsD,MAAM,CAAC,SAAS,0BAAe,MAAM,CAAC,MAAM,eAAY,CAC/G,CAAC,IAAI,CAAC,UAAC,CAAC,IAAK,OAAA,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,EAApB,CAAoB,CAAC,EAAA;;gBAF7B,gBAAgB,GAAG,SAEU;gBAEnC,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC/B,sBAAO,oBAAoB,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAC;iBAClD;gBAEc,qBAAM,IAAA,4BAAI,EACvB,4BAAqB,gBAAgB,uBAAa,MAAM,CAAC,MAAM,gDAAsC,MAAM,CAAC,SAAS,sEAAmE,CACzL,CAAC,IAAI,CAAC,UAAC,CAAC,IAAK,OAAA,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,EAApB,CAAoB,CAAC,EAAA;;gBAF7B,MAAM,GAAG,SAEoB;gBAC5B,qBAAM,oBAAoB,CAAC,MAAM,CAAC,EAAA;oBAAzC,sBAAO,SAAkC,EAAC;;;KAC3C,CAAC;AAxBW,QAAA,uBAAuB,2BAwBlC"}
package/dist/gcloud/enableServices.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ export declare const enableGCloudServices: (services: string[], config: {
2
+ projectId: string;
3
+ }) => Promise<void>;
package/dist/gcloud/enableServices.js ADDED
@@ -0,0 +1,63 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __generator = (this && this.__generator) || function (thisArg, body) {
12
+ var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
13
+ return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
14
+ function verb(n) { return function (v) { return step([n, v]); }; }
15
+ function step(op) {
16
+ if (f) throw new TypeError("Generator is already executing.");
17
+ while (_) try {
18
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
19
+ if (y = 0, t) op = [op[0] & 2, t.value];
20
+ switch (op[0]) {
21
+ case 0: case 1: t = op; break;
22
+ case 4: _.label++; return { value: op[1], done: false };
23
+ case 5: _.label++; y = op[1]; op = [0]; continue;
24
+ case 7: op = _.ops.pop(); _.trys.pop(); continue;
25
+ default:
26
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
27
+ if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
28
+ if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
29
+ if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
30
+ if (t[2]) _.ops.pop();
31
+ _.trys.pop(); continue;
32
+ }
33
+ op = body.call(thisArg, _);
34
+ } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
35
+ if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
36
+ }
37
+ };
38
+ exports.__esModule = true;
39
+ exports.enableGCloudServices = void 0;
40
+ var child_process_promise_1 = require("child-process-promise");
41
+ var enableGCloudServices = function (services, config) { return __awaiter(void 0, void 0, void 0, function () {
42
+ var _i, services_1, service;
43
+ return __generator(this, function (_a) {
44
+ switch (_a.label) {
45
+ case 0:
46
+ _i = 0, services_1 = services;
47
+ _a.label = 1;
48
+ case 1:
49
+ if (!(_i < services_1.length)) return [3 /*break*/, 4];
50
+ service = services_1[_i];
51
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud services enable ".concat(service, " --project=").concat(config.projectId))];
52
+ case 2:
53
+ _a.sent();
54
+ _a.label = 3;
55
+ case 3:
56
+ _i++;
57
+ return [3 /*break*/, 1];
58
+ case 4: return [2 /*return*/];
59
+ }
60
+ });
61
+ }); };
62
+ exports.enableGCloudServices = enableGCloudServices;
63
+ //# sourceMappingURL=enableServices.js.map
package/dist/gcloud/enableServices.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"enableServices.js","sourceRoot":"","sources":["../../src/gcloud/enableServices.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+DAA6C;AAEtC,IAAM,oBAAoB,GAAG,UAClC,QAAkB,EAClB,MAEC;;;;;sBAE6B,EAAR,qBAAQ;;;qBAAR,CAAA,sBAAQ,CAAA;gBAAnB,OAAO;gBAChB,qBAAM,IAAA,4BAAI,EACR,iCAA0B,OAAO,wBAAc,MAAM,CAAC,SAAS,CAAE,CAClE,EAAA;;gBAFD,SAEC,CAAC;;;gBAHkB,IAAQ,CAAA;;;;;KAK/B,CAAC;AAXW,QAAA,oBAAoB,wBAW/B"}
package/dist/gcloud/serviceAccounts.d.ts ADDED
@@ -0,0 +1,12 @@
1
+ import type { Context } from "@catladder/pipeline";
2
+ import type { CommandInstance } from "vorpal";
3
+ export declare const accountExists: (fullIdentifier: string) => Promise<boolean>;
4
+ declare type ServiceAccount = {
5
+ projectId: string;
6
+ name: string;
7
+ displayName: string;
8
+ roles: string[];
9
+ description: string;
10
+ };
11
+ export declare const upsertGcloudServiceAccountAndSaveSecret: (instance: CommandInstance, context: Context, account: ServiceAccount, secretName: string) => Promise<void>;
12
+ export {};
package/dist/gcloud/serviceAccounts.js ADDED
@@ -0,0 +1,144 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __generator = (this && this.__generator) || function (thisArg, body) {
12
+ var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
13
+ return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
14
+ function verb(n) { return function (v) { return step([n, v]); }; }
15
+ function step(op) {
16
+ if (f) throw new TypeError("Generator is already executing.");
17
+ while (_) try {
18
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
19
+ if (y = 0, t) op = [op[0] & 2, t.value];
20
+ switch (op[0]) {
21
+ case 0: case 1: t = op; break;
22
+ case 4: _.label++; return { value: op[1], done: false };
23
+ case 5: _.label++; y = op[1]; op = [0]; continue;
24
+ case 7: op = _.ops.pop(); _.trys.pop(); continue;
25
+ default:
26
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
27
+ if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
28
+ if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
29
+ if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
30
+ if (t[2]) _.ops.pop();
31
+ _.trys.pop(); continue;
32
+ }
33
+ op = body.call(thisArg, _);
34
+ } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
35
+ if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
36
+ }
37
+ };
38
+ exports.__esModule = true;
39
+ exports.upsertGcloudServiceAccountAndSaveSecret = exports.accountExists = void 0;
40
+ var child_process_promise_1 = require("child-process-promise");
41
+ var crypto_1 = require("crypto");
42
+ var gitlab_1 = require("../utils/gitlab");
43
+ var accountExists = function (fullIdentifier) { return __awaiter(void 0, void 0, void 0, function () {
44
+ var _a;
45
+ return __generator(this, function (_b) {
46
+ switch (_b.label) {
47
+ case 0:
48
+ _b.trys.push([0, 2, , 3]);
49
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud iam service-accounts describe ".concat(fullIdentifier))];
50
+ case 1:
51
+ _b.sent();
52
+ return [2 /*return*/, true];
53
+ case 2:
54
+ _a = _b.sent();
55
+ return [2 /*return*/, false];
56
+ case 3: return [2 /*return*/];
57
+ }
58
+ });
59
+ }); };
60
+ exports.accountExists = accountExists;
61
+ var upsertGcloudServiceAccount = function (context, account) { return __awaiter(void 0, void 0, void 0, function () {
62
+ var projectId, name, displayName, roles, description, namePrefix, nameSuffix, nameMiddleLength, nameMiddle, middle, fullName, fullDisplayName, fullIdentifier, existing, memberName, _i, roles_1, role, keys, _a, keys_1, key;
63
+ return __generator(this, function (_b) {
64
+ switch (_b.label) {
65
+ case 0:
66
+ projectId = account.projectId, name = account.name, displayName = account.displayName, roles = account.roles, description = account.description;
67
+ namePrefix = "".concat(name, "-");
68
+ nameSuffix = "-".concat(context.environment.shortName, "-").concat(context.componentName);
69
+ nameMiddleLength = 30 - namePrefix.length - nameSuffix.length;
70
+ nameMiddle = "".concat(context.fullConfig.customerName, "-").concat(context.fullConfig.appName);
71
+ middle = hashIfNessecary(nameMiddle, nameMiddleLength);
72
+ fullName = "".concat(namePrefix).concat(middle).concat(nameSuffix);
73
+ fullDisplayName = "".concat(context.fullConfig.customerName, "-").concat(context.fullConfig.appName, " ").concat(context.environment.shortName, ":").concat(context.componentName, " | ").concat(displayName);
74
+ fullIdentifier = "".concat(fullName, "@").concat(projectId, ".iam.gserviceaccount.com");
75
+ return [4 /*yield*/, (0, exports.accountExists)(fullIdentifier)];
76
+ case 1:
77
+ existing = _b.sent();
78
+ if (!!existing) return [3 /*break*/, 3];
79
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud iam service-accounts create ".concat(fullName, " --display-name=\"").concat(fullDisplayName, "\" --project=\"").concat(projectId, "\" --description=\"").concat(description, "\""))];
80
+ case 2:
81
+ _b.sent();
82
+ _b.label = 3;
83
+ case 3:
84
+ memberName = "serviceAccount:".concat(fullIdentifier);
85
+ _i = 0, roles_1 = roles;
86
+ _b.label = 4;
87
+ case 4:
88
+ if (!(_i < roles_1.length)) return [3 /*break*/, 7];
89
+ role = roles_1[_i];
90
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud projects add-iam-policy-binding ".concat(projectId, " --member=").concat(memberName, " --role=").concat(role, " "))];
91
+ case 5:
92
+ _b.sent();
93
+ _b.label = 6;
94
+ case 6:
95
+ _i++;
96
+ return [3 /*break*/, 4];
97
+ case 7: return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud iam service-accounts keys list --iam-account=".concat(fullIdentifier, " --managed-by=user --format=json")).then(function (o) { return JSON.parse(o.stdout); })];
98
+ case 8:
99
+ keys = _b.sent();
100
+ _a = 0, keys_1 = keys;
101
+ _b.label = 9;
102
+ case 9:
103
+ if (!(_a < keys_1.length)) return [3 /*break*/, 12];
104
+ key = keys_1[_a];
105
+ return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud iam service-accounts keys delete ".concat(key.name, " --quiet --iam-account=").concat(fullIdentifier))];
106
+ case 10:
107
+ _b.sent();
108
+ _b.label = 11;
109
+ case 11:
110
+ _a++;
111
+ return [3 /*break*/, 9];
112
+ case 12: return [4 /*yield*/, (0, child_process_promise_1.exec)("gcloud iam service-accounts keys create /dev/stdout --iam-account=".concat(fullIdentifier)).then(function (o) { return o.stdout; })];
113
+ case 13: return [2 /*return*/, _b.sent()];
114
+ }
115
+ });
116
+ }); };
117
+ var upsertGcloudServiceAccountAndSaveSecret = function (instance, context, account, secretName) { return __awaiter(void 0, void 0, void 0, function () {
118
+ var key;
119
+ var _a;
120
+ return __generator(this, function (_b) {
121
+ switch (_b.label) {
122
+ case 0:
123
+ instance.log("upserting service account " + account.name + "...");
124
+ return [4 /*yield*/, upsertGcloudServiceAccount(context, account)];
125
+ case 1:
126
+ key = _b.sent();
127
+ return [4 /*yield*/, (0, gitlab_1.upsertAllVariables)(instance, (_a = {},
128
+ _a[secretName] = key,
129
+ _a), context.environment.shortName, context.componentName)];
130
+ case 2:
131
+ _b.sent();
132
+ instance.log("done!");
133
+ return [2 /*return*/];
134
+ }
135
+ });
136
+ }); };
137
+ exports.upsertGcloudServiceAccountAndSaveSecret = upsertGcloudServiceAccountAndSaveSecret;
138
+ var hashIfNessecary = function (str, maxLength) {
139
+ return str.length > maxLength ? hash(str, maxLength) : str;
140
+ };
141
+ var hash = function (str, length) {
142
+ return (0, crypto_1.createHmac)("sha256", str).digest("hex").substring(0, length);
143
+ };
144
+ //# sourceMappingURL=serviceAccounts.js.map
package/dist/gcloud/serviceAccounts.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"serviceAccounts.js","sourceRoot":"","sources":["../../src/gcloud/serviceAccounts.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,+DAA6C;AAC7C,iCAAoC;AAEpC,0CAAqD;AAE9C,IAAM,aAAa,GAAG,UAAO,cAAsB;;;;;;gBAEtD,qBAAM,IAAA,4BAAI,EAAC,+CAAwC,cAAc,CAAE,CAAC,EAAA;;gBAApE,SAAoE,CAAC;gBACrE,sBAAO,IAAI,EAAC;;;gBAEZ,sBAAO,KAAK,EAAC;;;;KAEhB,CAAC;AAPW,QAAA,aAAa,iBAOxB;AASF,IAAM,0BAA0B,GAAG,UACjC,OAAgB,EAChB,OAAuB;;;;;gBAEf,SAAS,GAA4C,OAAO,UAAnD,EAAE,IAAI,GAAsC,OAAO,KAA7C,EAAE,WAAW,GAAyB,OAAO,YAAhC,EAAE,KAAK,GAAkB,OAAO,MAAzB,EAAE,WAAW,GAAK,OAAO,YAAZ,CAAa;gBAG/D,UAAU,GAAG,UAAG,IAAI,MAAG,CAAC;gBACxB,UAAU,GAAG,WAAI,OAAO,CAAC,WAAW,CAAC,SAAS,cAAI,OAAO,CAAC,aAAa,CAAE,CAAC;gBAC1E,gBAAgB,GAAG,EAAE,GAAG,UAAU,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;gBAC9D,UAAU,GAAG,UAAG,OAAO,CAAC,UAAU,CAAC,YAAY,cAAI,OAAO,CAAC,UAAU,CAAC,OAAO,CAAE,CAAC;gBAEhF,MAAM,GAAG,eAAe,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC;gBAEvD,QAAQ,GAAG,UAAG,UAAU,SAAG,MAAM,SAAG,UAAU,CAAE,CAAC;gBAEjD,eAAe,GAAG,UAAG,OAAO,CAAC,UAAU,CAAC,YAAY,cAAI,OAAO,CAAC,UAAU,CAAC,OAAO,cAAI,OAAO,CAAC,WAAW,CAAC,SAAS,cAAI,OAAO,CAAC,aAAa,gBAAM,WAAW,CAAE,CAAC;gBAEhK,cAAc,GAAG,UAAG,QAAQ,cAAI,SAAS,6BAA0B,CAAC;gBAEzD,qBAAM,IAAA,qBAAa,EAAC,cAAc,CAAC,EAAA;;gBAA9C,QAAQ,GAAG,SAAmC;qBAEhD,CAAC,QAAQ,EAAT,wBAAS;gBACX,qBAAM,IAAA,4BAAI,EACR,6CAAsC,QAAQ,+BAAoB,eAAe,4BAAgB,SAAS,iCAAqB,WAAW,OAAG,CAC9I,EAAA;;gBAFD,SAEC,CAAC;;;gBAEE,UAAU,GAAG,yBAAkB,cAAc,CAAE,CAAC;sBAC9B,EAAL,eAAK;;;qBAAL,CAAA,mBAAK,CAAA;gBAAb,IAAI;gBACb,qBAAM,IAAA,4BAAI,EACR,iDAA0C,SAAS,uBAAa,UAAU,qBAAW,IAAI,MAAG,CAC7F,EAAA;;gBAFD,SAEC,CAAC;;;gBAHe,IAAK,CAAA;;oBASX,qBAAM,IAAA,4BAAI,EACrB,8DAAuD,cAAc,qCAAkC,CACxG,CAAC,IAAI,CAAC,UAAC,CAAC,IAAK,OAAA,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,EAApB,CAAoB,CAAC,EAAA;;gBAF7B,IAAI,GAAG,SAEsB;sBAEb,EAAJ,aAAI;;;qBAAJ,CAAA,kBAAI,CAAA;gBAAX,GAAG;gBACZ,qBAAM,IAAA,4BAAI,EACR,kDAA2C,GAAG,CAAC,IAAI,oCAA0B,cAAc,CAAE,CAC9F,EAAA;;gBAFD,SAEC,CAAC;;;gBAHc,IAAI,CAAA;;qBAMf,qBAAM,IAAA,4BAAI,EACf,4EAAqE,cAAc,CAAE,CACtF,CAAC,IAAI,CAAC,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,MAAM,EAAR,CAAQ,CAAC,EAAA;qBAFvB,sBAAO,SAEgB,EAAC;;;KACzB,CAAC;AAEK,IAAM,uCAAuC,GAAG,UACrD,QAAyB,EACzB,OAAgB,EAChB,OAAuB,EACvB,UAAkB;;;;;;gBAElB,QAAQ,CAAC,GAAG,CAAC,4BAA4B,GAAG,OAAO,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC;gBACtD,qBAAM,0BAA0B,CAAC,OAAO,EAAE,OAAO,CAAC,EAAA;;gBAAxD,GAAG,GAAG,SAAkD;gBAE9D,qBAAM,IAAA,2BAAkB,EACtB,QAAQ;wBAEN,GAAC,UAAU,IAAG,GAAG;6BAEnB,OAAO,CAAC,WAAW,CAAC,SAAS,EAC7B,OAAO,CAAC,aAAa,CACtB,EAAA;;gBAPD,SAOC,CAAC;gBACF,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;;;;KACvB,CAAC;AAlBW,QAAA,uCAAuC,2CAkBlD;AAEF,IAAM,eAAe,GAAG,UAAC,GAAW,EAAE,SAAiB;IACrD,OAAA,GAAG,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG;AAAnD,CAAmD,CAAC;AAEtD,IAAM,IAAI,GAAG,UAAC,GAAW,EAAE,MAAc;IACvC,OAAO,IAAA,mBAAU,EAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACtE,CAAC,CAAC"}