npm - @cloudsnorkel/cdk-github-runners - Versions diffs - 0.2.0 → 0.3.2 - Mend

@cloudsnorkel/cdk-github-runners 0.2.0 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

package/.gitattributes +8 -1
package/.jsii +1371 -206
package/API.md +1191 -93
package/README.md +59 -49
package/lib/index.d.ts +3 -1
package/lib/index.js +7 -1
package/lib/lambdas/build-image/index.js +121 -0
package/lib/lambdas/delete-runner/index.js +5151 -2999
package/lib/lambdas/setup/index.html +37 -0
package/lib/lambdas/setup/index.js +140 -255
package/lib/lambdas/status/index.js +5151 -2999
package/lib/lambdas/token-retriever/index.js +5151 -2999
package/lib/lambdas/update-lambda/index.js +55 -0
package/lib/providers/codebuild.d.ts +31 -1
package/lib/providers/codebuild.js +57 -13
package/lib/providers/common.d.ts +87 -6
package/lib/providers/common.js +64 -4
package/lib/providers/docker-images/codebuild/linux-arm64/Dockerfile +63 -0
package/lib/providers/docker-images/codebuild/{Dockerfile → linux-x64/Dockerfile} +14 -5
package/lib/providers/docker-images/fargate/linux-arm64/Dockerfile +45 -0
package/lib/providers/docker-images/fargate/{runner.sh → linux-arm64/runner.sh} +0 -0
package/lib/providers/docker-images/fargate/{Dockerfile → linux-x64/Dockerfile} +14 -5
package/lib/providers/docker-images/fargate/linux-x64/runner.sh +5 -0
package/lib/providers/docker-images/lambda/linux-arm64/Dockerfile +36 -0
package/lib/providers/docker-images/lambda/{runner.js → linux-arm64/runner.js} +0 -0
package/lib/providers/docker-images/lambda/{runner.sh → linux-arm64/runner.sh} +0 -0
package/lib/providers/docker-images/lambda/linux-x64/Dockerfile +35 -0
package/lib/providers/docker-images/lambda/linux-x64/runner.js +29 -0
package/lib/providers/docker-images/lambda/linux-x64/runner.sh +12 -0
package/lib/providers/fargate.d.ts +33 -1
package/lib/providers/fargate.js +39 -8
package/lib/providers/image-builders/codebuild.d.ts +178 -0
package/lib/providers/image-builders/codebuild.js +354 -0
package/lib/providers/image-builders/static.d.ts +29 -0
package/lib/providers/image-builders/static.js +58 -0
package/lib/providers/lambda.d.ts +27 -1
package/lib/providers/lambda.js +88 -9
package/lib/runner.d.ts +56 -9
package/lib/runner.js +37 -11
package/lib/secrets.js +1 -1
package/lib/utils.d.ts +2 -1
package/lib/utils.js +14 -3
package/lib/webhook.js +2 -1
package/package.json +30 -12
package/setup/index.html +12 -0
package/setup/src/App.svelte +291 -0
package/setup/src/app.scss +15 -0
package/setup/src/main.ts +8 -0
package/setup/src/vite-env.d.ts +2 -0
package/setup/svelte.config.mjs +7 -0
package/setup/tsconfig.json +21 -0
package/setup/tsconfig.node.json +8 -0
package/setup/vite.config.ts +15 -0
package/lib/providers/docker-images/lambda/Dockerfile +0 -27

package/lib/webhook.js CHANGED Viewed

@@ -14,6 +14,7 @@ class GithubWebhookHandler extends constructs_1.Construct {
     constructor(scope, id, props) {
         super(scope, id);
         this.handler = new utils_1.BundledNodejsFunction(this, 'webhook-handler', {
+            description: 'Handle GitHub webhook and start runner orchestrator',
             environment: {
                 STEP_FUNCTION_ARN: props.orchestrator.stateMachineArn,
                 WEBHOOK_SECRET_ARN: props.secrets.webhook.secretArn,
@@ -26,4 +27,4 @@ class GithubWebhookHandler extends constructs_1.Construct {
     }
 }
 exports.GithubWebhookHandler = GithubWebhookHandler;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2ViaG9vay5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy93ZWJob29rLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLG1DQUFtQztBQUNuQyx1REFBNkQ7QUFDN0QsMkNBQXVDO0FBRXZDLG1DQUFnRDtBQWtCaEQ7Ozs7R0FJRztBQUNILE1BQWEsb0JBQXFCLFNBQVEsc0JBQVM7SUFZakQsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFnQztRQUN4RSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksQ0FBQyxPQUFPLEdBQUcsSUFBSSw2QkFBcUIsQ0FDdEMsSUFBSSxFQUNKLGlCQUFpQixFQUNqQjtZQUNFLFdBQVcsRUFBRTtnQkFDWCxpQkFBaUIsRUFBRSxLQUFLLENBQUMsWUFBWSxDQUFDLGVBQWU7Z0JBQ3JELGtCQUFrQixFQUFFLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLFNBQVM7YUFDcEQ7WUFDRCxPQUFPLEVBQUUsR0FBRyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1NBQ2xDLENBQ0YsQ0FBQztRQUVGLElBQUksQ0FBQyxHQUFHLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxjQUFjLENBQUMsRUFBRSxRQUFRLEVBQUUsZ0NBQW1CLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUM7UUFFbkYsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM5QyxLQUFLLENBQUMsWUFBWSxDQUFDLG1CQUFtQixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUN2RCxDQUFDO0NBQ0Y7QUFoQ0Qsb0RBZ0NDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgYXdzX3N0ZXBmdW5jdGlvbnMgYXMgc3RlcGZ1bmN0aW9ucyB9IGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCAqIGFzIGNkayBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgeyBGdW5jdGlvblVybEF1dGhUeXBlIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCB7IFNlY3JldHMgfSBmcm9tICcuL3NlY3JldHMnO1xuaW1wb3J0IHsgQnVuZGxlZE5vZGVqc0Z1bmN0aW9uIH0gZnJvbSAnLi91dGlscyc7XG5cbi8qKlxuICogUHJvcGVydGllcyBmb3IgR2l0aHViV2ViaG9va0hhbmRsZXJcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBHaXRodWJXZWJob29rSGFuZGxlclByb3BzIHtcblxuICAvKipcbiAgICogU3RlcCBmdW5jdGlvbiBpbiBjaGFyZ2Ugb2YgaGFuZGxpbmcgdGhlIHdvcmtmbG93IGpvYiBldmVudHMgYW5kIHN0YXJ0IHRoZSBydW5uZXJzLlxuICAgKi9cbiAgcmVhZG9ubHkgb3JjaGVzdHJhdG9yOiBzdGVwZnVuY3Rpb25zLlN0YXRlTWFjaGluZTtcblxuICAvKipcbiAgICogU2VjcmV0cyB1c2VkIHRvIGNvbW11bmljYXRlIHdpdGggR2l0SHViLlxuICAgKi9cbiAgcmVhZG9ubHkgc2VjcmV0czogU2VjcmV0cztcbn1cblxuLyoqXG4gKiBDcmVhdGUgYSBMYW1iZGEgd2l0aCBhIHB1YmxpYyBVUkwgdG8gaGFuZGxlIEdpdEh1YiB3ZWJob29rIGV2ZW50cy4gQWZ0ZXIgdmFsaWRhdGluZyB0aGUgZXZlbnQgd2l0aCB0aGUgZ2l2ZW4gc2VjcmV0LCB0aGUgb3JjaGVzdHJhdG9yIHN0ZXAgZnVuY3Rpb24gaXMgY2FsbGVkIHdpdGggaW5mb3JtYXRpb24gYWJvdXQgdGhlIHdvcmtmbG93IGpvYi5cbiAqXG4gKiBUaGlzIGNvbnN0cnVjdCBpcyBub3QgbWVhbnQgdG8gYmUgdXNlZCBieSBpdHNlbGYuXG4gKi9cbmV4cG9ydCBjbGFzcyBHaXRodWJXZWJob29rSGFuZGxlciBleHRlbmRzIENvbnN0cnVjdCB7XG5cbiAgLyoqXG4gICAqIFB1YmxpYyBVUkwgb2Ygd2ViaG9vayB0byBiZSB1c2VkIHdpdGggR2l0SHViLlxuICAgKi9cbiAgcmVhZG9ubHkgdXJsOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFdlYmhvb2sgZXZlbnQgaGFuZGxlci5cbiAgICovXG4gIHJlYWRvbmx5IGhhbmRsZXI6IEJ1bmRsZWROb2RlanNGdW5jdGlvbjtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogR2l0aHViV2ViaG9va0hhbmRsZXJQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICB0aGlzLmhhbmRsZXIgPSBuZXcgQnVuZGxlZE5vZGVqc0Z1bmN0aW9uKFxuICAgICAgdGhpcyxcbiAgICAgICd3ZWJob29rLWhhbmRsZXInLFxuICAgICAge1xuICAgICAgICBlbnZpcm9ubWVudDoge1xuICAgICAgICAgIFNURVBfRlVOQ1RJT05fQVJOOiBwcm9wcy5vcmNoZXN0cmF0b3Iuc3RhdGVNYWNoaW5lQXJuLFxuICAgICAgICAgIFdFQkhPT0tfU0VDUkVUX0FSTjogcHJvcHMuc2VjcmV0cy53ZWJob29rLnNlY3JldEFybixcbiAgICAgICAgfSxcbiAgICAgICAgdGltZW91dDogY2RrLkR1cmF0aW9uLnNlY29uZHMoMzApLFxuICAgICAgfSxcbiAgICApO1xuXG4gICAgdGhpcy51cmwgPSB0aGlzLmhhbmRsZXIuYWRkRnVuY3Rpb25VcmwoeyBhdXRoVHlwZTogRnVuY3Rpb25VcmxBdXRoVHlwZS5OT05FIH0pLnVybDtcblxuICAgIHByb3BzLnNlY3JldHMud2ViaG9vay5ncmFudFJlYWQodGhpcy5oYW5kbGVyKTtcbiAgICBwcm9wcy5vcmNoZXN0cmF0b3IuZ3JhbnRTdGFydEV4ZWN1dGlvbih0aGlzLmhhbmRsZXIpO1xuICB9XG59Il19
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2ViaG9vay5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy93ZWJob29rLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLG1DQUFtQztBQUNuQyx1REFBNkQ7QUFDN0QsMkNBQXVDO0FBRXZDLG1DQUFnRDtBQWtCaEQ7Ozs7R0FJRztBQUNILE1BQWEsb0JBQXFCLFNBQVEsc0JBQVM7SUFZakQsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFnQztRQUN4RSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksQ0FBQyxPQUFPLEdBQUcsSUFBSSw2QkFBcUIsQ0FDdEMsSUFBSSxFQUNKLGlCQUFpQixFQUNqQjtZQUNFLFdBQVcsRUFBRSxxREFBcUQ7WUFDbEUsV0FBVyxFQUFFO2dCQUNYLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxZQUFZLENBQUMsZUFBZTtnQkFDckQsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsU0FBUzthQUNwRDtZQUNELE9BQU8sRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7U0FDbEMsQ0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLEdBQUcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQyxFQUFFLFFBQVEsRUFBRSxnQ0FBbUIsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQztRQUVuRixLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQzlDLEtBQUssQ0FBQyxZQUFZLENBQUMsbUJBQW1CLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQ3ZELENBQUM7Q0FDRjtBQWpDRCxvREFpQ0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBhd3Nfc3RlcGZ1bmN0aW9ucyBhcyBzdGVwZnVuY3Rpb25zIH0gZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCB7IEZ1bmN0aW9uVXJsQXV0aFR5cGUgfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtbGFtYmRhJztcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gJ2NvbnN0cnVjdHMnO1xuaW1wb3J0IHsgU2VjcmV0cyB9IGZyb20gJy4vc2VjcmV0cyc7XG5pbXBvcnQgeyBCdW5kbGVkTm9kZWpzRnVuY3Rpb24gfSBmcm9tICcuL3V0aWxzJztcblxuLyoqXG4gKiBQcm9wZXJ0aWVzIGZvciBHaXRodWJXZWJob29rSGFuZGxlclxuICovXG5leHBvcnQgaW50ZXJmYWNlIEdpdGh1YldlYmhvb2tIYW5kbGVyUHJvcHMge1xuXG4gIC8qKlxuICAgKiBTdGVwIGZ1bmN0aW9uIGluIGNoYXJnZSBvZiBoYW5kbGluZyB0aGUgd29ya2Zsb3cgam9iIGV2ZW50cyBhbmQgc3RhcnQgdGhlIHJ1bm5lcnMuXG4gICAqL1xuICByZWFkb25seSBvcmNoZXN0cmF0b3I6IHN0ZXBmdW5jdGlvbnMuU3RhdGVNYWNoaW5lO1xuXG4gIC8qKlxuICAgKiBTZWNyZXRzIHVzZWQgdG8gY29tbXVuaWNhdGUgd2l0aCBHaXRIdWIuXG4gICAqL1xuICByZWFkb25seSBzZWNyZXRzOiBTZWNyZXRzO1xufVxuXG4vKipcbiAqIENyZWF0ZSBhIExhbWJkYSB3aXRoIGEgcHVibGljIFVSTCB0byBoYW5kbGUgR2l0SHViIHdlYmhvb2sgZXZlbnRzLiBBZnRlciB2YWxpZGF0aW5nIHRoZSBldmVudCB3aXRoIHRoZSBnaXZlbiBzZWNyZXQsIHRoZSBvcmNoZXN0cmF0b3Igc3RlcCBmdW5jdGlvbiBpcyBjYWxsZWQgd2l0aCBpbmZvcm1hdGlvbiBhYm91dCB0aGUgd29ya2Zsb3cgam9iLlxuICpcbiAqIFRoaXMgY29uc3RydWN0IGlzIG5vdCBtZWFudCB0byBiZSB1c2VkIGJ5IGl0c2VsZi5cbiAqL1xuZXhwb3J0IGNsYXNzIEdpdGh1YldlYmhvb2tIYW5kbGVyIGV4dGVuZHMgQ29uc3RydWN0IHtcblxuICAvKipcbiAgICogUHVibGljIFVSTCBvZiB3ZWJob29rIHRvIGJlIHVzZWQgd2l0aCBHaXRIdWIuXG4gICAqL1xuICByZWFkb25seSB1cmw6IHN0cmluZztcblxuICAvKipcbiAgICogV2ViaG9vayBldmVudCBoYW5kbGVyLlxuICAgKi9cbiAgcmVhZG9ubHkgaGFuZGxlcjogQnVuZGxlZE5vZGVqc0Z1bmN0aW9uO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBHaXRodWJXZWJob29rSGFuZGxlclByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMuaGFuZGxlciA9IG5ldyBCdW5kbGVkTm9kZWpzRnVuY3Rpb24oXG4gICAgICB0aGlzLFxuICAgICAgJ3dlYmhvb2staGFuZGxlcicsXG4gICAgICB7XG4gICAgICAgIGRlc2NyaXB0aW9uOiAnSGFuZGxlIEdpdEh1YiB3ZWJob29rIGFuZCBzdGFydCBydW5uZXIgb3JjaGVzdHJhdG9yJyxcbiAgICAgICAgZW52aXJvbm1lbnQ6IHtcbiAgICAgICAgICBTVEVQX0ZVTkNUSU9OX0FSTjogcHJvcHMub3JjaGVzdHJhdG9yLnN0YXRlTWFjaGluZUFybixcbiAgICAgICAgICBXRUJIT09LX1NFQ1JFVF9BUk46IHByb3BzLnNlY3JldHMud2ViaG9vay5zZWNyZXRBcm4sXG4gICAgICAgIH0sXG4gICAgICAgIHRpbWVvdXQ6IGNkay5EdXJhdGlvbi5zZWNvbmRzKDMwKSxcbiAgICAgIH0sXG4gICAgKTtcblxuICAgIHRoaXMudXJsID0gdGhpcy5oYW5kbGVyLmFkZEZ1bmN0aW9uVXJsKHsgYXV0aFR5cGU6IEZ1bmN0aW9uVXJsQXV0aFR5cGUuTk9ORSB9KS51cmw7XG5cbiAgICBwcm9wcy5zZWNyZXRzLndlYmhvb2suZ3JhbnRSZWFkKHRoaXMuaGFuZGxlcik7XG4gICAgcHJvcHMub3JjaGVzdHJhdG9yLmdyYW50U3RhcnRFeGVjdXRpb24odGhpcy5oYW5kbGVyKTtcbiAgfVxufSJdfQ==

package/package.json CHANGED Viewed

@@ -15,6 +15,12 @@
     "docgen": "npx projen docgen",
     "eject": "npx projen eject",
     "eslint": "npx projen eslint",
+    "integ:default:assert": "npx projen integ:default:assert",
+    "integ:default:deploy": "npx projen integ:default:deploy",
+    "integ:default:destroy": "npx projen integ:default:destroy",
+    "integ:default:snapshot": "npx projen integ:default:snapshot",
+    "integ:default:watch": "npx projen integ:default:watch",
+    "integ:snapshot-all": "npx projen integ:snapshot-all",
     "package": "npx projen package",
     "package-all": "npx projen package-all",
     "package:dotnet": "npx projen package:dotnet",
@@ -40,34 +46,46 @@
     "organization": false
   },
   "devDependencies": {
-    "@aws-sdk/types": "^3.110.0",
+    "@aws-sdk/types": "^3.127.0",
     "@octokit/auth-app": "^3.6.1",
     "@octokit/core": "^3.6.0",
     "@octokit/rest": "^18.12.0",
-    "@types/jest": "^27.5.2",
+    "@sveltejs/vite-plugin-svelte": "^1.0.1",
+    "@tsconfig/svelte": "^3.0.0",
+    "@types/aws-lambda": "^8.10.101",
+    "@types/jest": "^27",
     "@types/node": "^14",
     "@typescript-eslint/eslint-plugin": "^5",
     "@typescript-eslint/parser": "^5",
+    "aws-cdk": "^2",
     "aws-cdk-lib": "2.21.1",
-    "aws-sdk": "^2.1155.0",
+    "aws-sdk": "^2.1181.0",
+    "bootstrap": "^5.2.0",
     "constructs": "10.0.5",
-    "esbuild": "^0.14.44",
+    "esbuild": "^0.14.49",
     "eslint": "^8",
     "eslint-import-resolver-node": "^0.3.6",
     "eslint-import-resolver-typescript": "^2.7.1",
     "eslint-plugin-import": "^2.26.0",
     "jest": "^27",
     "jest-junit": "^13",
-    "jsii": "^1.60.1",
-    "jsii-diff": "^1.60.1",
+    "jsii": "^1.62.0",
+    "jsii-diff": "^1.62.0",
     "jsii-docgen": "^6.3.27",
-    "jsii-pacmak": "^1.60.1",
+    "jsii-pacmak": "^1.62.0",
     "json-schema": "^0.4.0",
-    "npm-check-updates": "^12",
-    "projen": "^0.58.15",
+    "npm-check-updates": "^15",
+    "projen": "^0.60.1",
+    "sass": "^1.54.0",
     "standard-version": "^9",
+    "svelte": "^3.49.0",
+    "svelte-check": "^2.8.0",
+    "svelte-preprocess": "^4.10.7",
     "ts-jest": "^27",
-    "typescript": "^4.7.3"
+    "ts-node": "^10.9.1",
+    "typescript": "^4.7.4",
+    "vite": "^3.0.0",
+    "vite-plugin-singlefile": "^0.11.0"
   },
   "peerDependencies": {
     "aws-cdk-lib": "^2.21.1",
@@ -87,11 +105,11 @@
   ],
   "main": "lib/index.js",
   "license": "Apache-2.0",
-  "version": "0.2.0",
+  "version": "0.3.2",
   "jest": {
     "testMatch": [
       "<rootDir>/src/**/__tests__/**/*.ts?(x)",
-      "<rootDir>/(test|src)/**/?(*.)+(spec|test).ts?(x)"
+      "<rootDir>/(test|src)/**/*(*.)@(spec|test).ts?(x)"
     ],
     "clearMocks": true,
     "collectCoverage": true,

package/setup/index.html ADDED Viewed

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Setup GitHub Runners</title>
+  </head>
+  <body>
+    <div id="app"></div>
+    <script type="module" src="/src/main.ts"></script>
+  </body>
+</html>

package/setup/src/App.svelte ADDED Viewed

@@ -0,0 +1,291 @@
+<script lang="ts">
+  const secret = 'INSERT_SECRET_ARN_HERE';
+  const token = 'INSERT_TOKEN_HERE';
+  let instance: undefined | 'github.com' | 'ghes';
+  let domain = 'INSERT_DOMAIN_HERE';
+  let auth: undefined | 'newApp' | 'existingApp' | 'pat';
+  let appScope: 'user' | 'org' = 'user';
+  let org = 'ORGANIZATION';
+  let existingAppId: string = '';
+  let existingAppPk: string = '';
+  let pat: string = '';
+  let success: boolean;
+  let result: string | undefined;
+  const manifest = {
+    url: 'https://github.com/CloudSnorkel/cdk-github-runners',
+    hook_attributes: {
+      url: 'INSERT_WEBHOOK_URL_HERE',
+    },
+    redirect_url: `INSERT_BASE_URL_HERE/complete-new-app`,
+    public: false,
+    default_permissions: {
+      actions: 'write',
+      administration: 'write',
+    },
+    default_events: [
+      'workflow_job',
+    ],
+  };
+  function isSubmitDisabled(instance, auth, existingAppId, existingAppPk, pat, success) {
+    if (success) {
+      return true;
+    }
+    if (instance === undefined || auth === undefined) {
+      return true;
+    }
+    if (auth === 'newApp') {
+      return false;
+    }
+    if (auth === 'existingApp') {
+      return existingAppId === '' || existingAppPk === '';
+    }
+    if (auth === 'pat') {
+      return pat === '';
+    }
+    console.error('Something is broken', instance, auth, existingAppId);
+    return true;
+  }
+  function submitText(auth) {
+    if (auth === 'newApp') {
+      return 'Create GitHub App';
+    }
+    return 'Setup';
+  }
+  function postJson(url, data): Promise<string> {
+    return new Promise<string>((resolve, reject) => {
+      fetch(`${url}?token=${token}`, {
+        method: 'POST',
+        mode: 'same-origin',
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify(data),
+        redirect: 'error',
+      })
+        .then(response => {
+          if (!response.ok) {
+            response.text()
+              .then(text => {
+                reject(new Error(`${text} [${response.status}]`));
+              })
+              .catch(reject);
+          } else {
+            response.text()
+              .then(resolve)
+              .catch(reject);
+          }
+        })
+        .catch(reject);
+    });
+  }
+  function submit(ev) {
+    ev.preventDefault();
+    function promise(): Promise<string> {
+      const rightDomain = instance === 'ghes' ? domain : 'github.com';
+      switch (auth) {
+        case 'newApp':
+          return postJson('domain', { domain: rightDomain })
+            .then(_ => {
+              (document.getElementById('appform') as HTMLFormElement).submit();
+              return Promise.resolve('Redirecting to GitHub...');
+            });
+        case 'existingApp':
+          return postJson('app', {
+            appid: existingAppId,
+            pk: existingAppPk,
+            domain: rightDomain,
+          });
+        case 'pat':
+          return postJson('pat', {
+            pat: pat,
+            domain: rightDomain,
+          });
+      }
+    }
+    promise()
+      .then(successText => {
+        result = successText;
+        success = true;
+      })
+      .catch(error => {
+        result = `${error}`;
+        success = false;
+      });
+  }
+</script>
+<main>
+  <div class="container py-3 px-2">
+    <div class="row">
+      <form class="col" on:submit={submit}>
+        <h1>Setup GitHub Runners</h1>
+        <p>Answer all the questions on this page to automatically configure GitHub integration and get the
+          runners working. This page will not be accessible once you complete this operation. If you ever want
+          to access it again, edit <code>{secret}</code> and run the status function again.</p>
+        <h3>Choose GitHub Instance</h3>
+        <div class="px-3 py-3">
+          <p>Are your repositories hosted on GitHub.com or are you using an on-premise installation of GitHub
+            Enterprise Server?</p>
+          <div class="form-check">
+            <input class="form-check-input" type="radio" bind:group={instance} value="github.com"
+                   id="github.com">
+            <label class="form-check-label" for="github.com">
+              GitHub.com
+            </label>
+          </div>
+          <div class="form-check">
+            <input class="form-check-input" type="radio" bind:group={instance} value="ghes" id="ghes">
+            <label class="form-check-label" for="ghes">
+              GitHub Enterprise Server
+            </label>
+          </div>
+        </div>
+        {#if instance === 'ghes'}
+          <h3>GitHub Enterprise Server Domain</h3>
+          <div class="px-3 py-3">
+            <p>Where is GitHub Enterprise Server hosted? Type in the domain without <code>https://</code>
+              and without any path. It should look something like <code>github.mycompany.com</code>.</p>
+            <input class="form-control" bind:value={domain}>
+          </div>
+        {/if}
+        {#if instance}
+          <h3>Authentication Type</h3>
+          <div class="px-3 py-3">
+            <p>You can choose between creating a new app that will provide authentication for specific
+              repositories, or a personal access token that will provide access to all repositories
+              available to you. Apps are easier to set up and provide more fine-grained access control. If
+              you have previously created an app, you can choose to use an existing app.</p>
+            <div class="form-check">
+              <input class="form-check-input" type="radio" bind:group={auth} value="newApp" id="newApp">
+              <label class="form-check-label" for="newApp">
+                New GitHub App <b>(recommended)</b>
+              </label>
+            </div>
+            <div class="form-check">
+              <input class="form-check-input" type="radio" bind:group={auth} value="existingApp"
+                     id="existingApp">
+              <label class="form-check-label" for="existingApp">
+                Existing GitHub App
+              </label>
+            </div>
+            <div class="form-check">
+              <input class="form-check-input" type="radio" bind:group={auth} value="pat" id="pat">
+              <label class="form-check-label" for="pat">
+                Personal Authentication Token
+              </label>
+            </div>
+          </div>
+        {/if}
+        {#if auth === 'newApp'}
+          <h3>New App Settings</h3>
+          <div class="px-3 py-3">
+            <p>Choose whether to create a new personal app or organization app. A private personal app can
+              only be used for repositories under your user. A private origination app can only be used
+              for repositories under that organization.</p>
+            <div class="form-check">
+              <input class="form-check-input" type="radio" bind:group={appScope} value="user"
+                     id="userScope">
+              <label class="form-check-label" for="userScope">
+                User app
+              </label>
+            </div>
+            <div class="form-check">
+              <input class="form-check-input" type="radio" bind:group={appScope} value="org"
+                     id="orgScope">
+              <label class="form-check-label" for="orgScope">
+                Organization app
+              </label>
+            </div>
+            {#if instance === 'ghes'}
+              <p class="pt-2">If multiple organizations under the same GitHub Enterprise Server need to use the runners,
+                you can make the app public.</p>
+              <div class="form-check">
+                <input class="form-check-input" type="checkbox" bind:value={manifest.public} id="public">
+                <label class="form-check-label" for="public">
+                  Public app
+                </label>
+              </div>
+            {/if}
+          </div>
+          {#if appScope === 'org'}
+            <h3>Organization name</h3>
+            <div class="px-3 py-3">
+              <p>What is the slug for your organization? If your repositories have a URL like
+                <code>https://{domain}/MyOrg/my-repo</code>
+                then your organization slug is <code>MyOrg</code>.</p>
+              <input class="form-control" bind:value={org}>
+            </div>
+          {/if}
+        {:else if auth === 'existingApp'}
+          <h3>Existing App Details</h3>
+          <div class="px-3 py-3">
+            <p>Existing apps must have <code>actions</code> and <code>administration</code> write
+              permissions. Don't forget to set up the webhook and its secret as described in <a
+                href="https://github.com/CloudSnorkel/cdk-github-runners/blob/main/SETUP_GITHUB.md">SETUP_GITHUB.md</a>.
+            </p>
+            <div class="form-group row px-3 py-2">
+              <label for="appid" class="col-sm-2 col-form-label">App Id</label>
+              <div class="col-sm-10">
+                <input type="number" class="form-control" id="appid" bind:value={existingAppId}>
+              </div>
+            </div>
+            <div class="form-group row px-3 py-2">
+              <label for="pk" class="col-sm-2 col-form-label">Private Key</label>
+              <div class="col-sm-10">
+                <textarea class="form-control" id="pk" bind:value={existingAppPk} rows="10"></textarea>
+              </div>
+            </div>
+          </div>
+        {:else if auth === 'pat'}
+          <h2>Personal Access Token</h2>
+          <div class="px-3 py-3">
+            <p>The <a href="https://{domain}/settings/tokens">personal access token</a> must have the <code>repo</code>
+              scope enabled. Don't forget to also create a webhook as described in <a
+                href="https://github.com/CloudSnorkel/cdk-github-runners/blob/main/SETUP_GITHUB.md">SETUP_GITHUB.md</a>.
+            </p>
+            <input class="form-control" bind:value={pat}
+                   placeholder="Token e.g. ghp_abcdefghijklmnopqrstuvwxyz1234567890">
+          </div>
+        {/if}
+        <h2>Finish Setup</h2>
+        <div class="px-3 py-3">
+          {#if result === undefined}
+            <p>This button will be enabled once all the questions above are answered.</p>
+          {:else}
+            <div class="alert alert-{success ? 'success' : 'danger'}" role="alert">
+              {result}
+            </div>
+          {/if}
+          {#if manifest.public && auth === 'newApp'}
+            <p><b class="text-danger">WARNING:</b> using a public app means anyone with access to <code>{domain}</code>
+              can use the runners you're setting up now. Anyone can create a workflow that will run on those runners,
+              have access to their instance profile, and be part of their security group. Consider the security
+              implications before continuing.</p>
+          {/if}
+          <button type="submit" class="btn btn-success"
+                  disabled={isSubmitDisabled(instance, auth, existingAppId, existingAppPk, pat, success)}>
+            {submitText(auth)}
+          </button>
+        </div>
+      </form>
+    </div>
+  </div>
+  <form action="https://{domain}/{appScope === 'org' ? `organizations/${org}/` : ''}settings/apps/new?state={token}"
+        method="post" id="appform">
+    <input type="hidden" name="manifest" value={JSON.stringify(manifest)}>
+  </form>
+</main>

package/setup/src/app.scss ADDED Viewed

@@ -0,0 +1,15 @@
+@import "~bootstrap/scss/functions";
+@import "~bootstrap/scss/variables";
+@import "~bootstrap/scss/mixins";
+@import "~bootstrap/scss/maps";
+@import "~bootstrap/scss/utilities";
+@import "~bootstrap/scss/utilities/api";
+@import "~bootstrap/scss/root";
+@import "~bootstrap/scss/reboot";
+@import "~bootstrap/scss/type";
+@import "~bootstrap/scss/containers";
+@import "~bootstrap/scss/grid";
+@import "~bootstrap/scss/forms";
+@import "~bootstrap/scss/buttons";
+@import "~bootstrap/scss/alert";

package/setup/src/main.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import './app.scss'
+import App from './App.svelte'
+const app = new App({
+  target: document.getElementById('app')
+})
+export default app

package/setup/src/vite-env.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ /// <reference types="svelte" />
2	+ /// <reference types="vite/client" />

package/setup/svelte.config.mjs ADDED Viewed

@@ -0,0 +1,7 @@
+import sveltePreprocess from 'svelte-preprocess'
+export default {
+  // Consult https://github.com/sveltejs/svelte-preprocess
+  // for more information about preprocessors
+  preprocess: sveltePreprocess()
+}

package/setup/tsconfig.json ADDED Viewed

@@ -0,0 +1,21 @@
+{
+  "extends": "@tsconfig/svelte/tsconfig.json",
+  "compilerOptions": {
+    "target": "ESNext",
+    "useDefineForClassFields": true,
+    "module": "ESNext",
+    "resolveJsonModule": true,
+    "baseUrl": ".",
+    /**
+     * Typecheck JS in `.svelte` and `.js` files by default.
+     * Disable checkJs if you'd like to use dynamic types in JS.
+     * Note that setting allowJs false does not prevent the use
+     * of JS in `.svelte` files.
+     */
+    "allowJs": true,
+    "checkJs": true,
+    "isolatedModules": true
+  },
+  "include": ["src/**/*.d.ts", "src/**/*.ts", "src/**/*.js", "src/**/*.svelte"],
+  "references": [{ "path": "./tsconfig.node.json" }]
+}

package/setup/tsconfig.node.json ADDED Viewed

@@ -0,0 +1,8 @@
+{
+  "compilerOptions": {
+    "composite": true,
+    "module": "ESNext",
+    "moduleResolution": "Node"
+  },
+  "include": ["vite.config.ts"]
+}

package/setup/vite.config.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { defineConfig } from 'vite';
+import { svelte } from '@sveltejs/vite-plugin-svelte';
+import * as path from 'path';
+import { viteSingleFile } from 'vite-plugin-singlefile';
+// https://vitejs.dev/config/
+export default defineConfig({
+  plugins: [svelte(), viteSingleFile()],
+  resolve: {
+    alias: {
+      '~bootstrap': path.resolve(__dirname, '..', 'node_modules/bootstrap'),
+    },
+  },
+});

package/lib/providers/docker-images/lambda/Dockerfile DELETED Viewed

@@ -1,27 +0,0 @@
-FROM public.ecr.aws/lambda/nodejs:14-x86_64
-WORKDIR /runner
-# add dependencies
-RUN yum update -y && yum install -y jq tar gzip bzip2 which binutils git zip unzip
-# add awscli
-RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o awscliv2.zip && \
-    unzip -q awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws
-# add ghcli
-RUN GHCLI_URL=`curl -fsSL https://api.github.com/repos/cli/cli/releases/latest | jq -r '.assets | map(select(.name | contains("linux_amd64.rpm"))) |.[0].browser_download_url'` && \
-    curl -fsSL "${GHCLI_URL}" -o ghcli.rpm && yum install -y ghcli.rpm && rm -f ghcli.rpm
-# add runner
-ARG RUNNER_VERSION
-RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl -fsSL https://api.github.com/repos/actions/runner/releases/latest | jq -r .tag_name | cut -c2-`; fi && \
-    curl -fsSLO  "https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
-    tar xzf "actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
-    rm -f actions-runner-linux-x64-*.tar.gz \
-RUN ./bin/installdependencies.sh
-# prepare for execution
-WORKDIR ${LAMBDA_TASK_ROOT}
-COPY runner.js runner.sh ${LAMBDA_TASK_ROOT}
-CMD ["runner.handler"]