@devramps/cli 0.1.23 → 0.1.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +185 -72
  2. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -1556,10 +1556,11 @@ function addOidcProviderResource(template, conditional = true, oidcProviderUrl)
1556
1556
  }
1557
1557
  };
1558
1558
  }
1559
- function buildOidcTrustPolicy(accountId, subject, oidcProviderUrl, additionalTrustedAccounts) {
1559
+ function buildOidcTrustPolicy(accountId, subject, oidcProviderUrl, additionalTrustedAccounts, skipOidc) {
1560
1560
  const providerUrl = oidcProviderUrl || OIDC_PROVIDER_URL;
1561
- const statements = [
1562
- {
1561
+ const statements = [];
1562
+ if (!skipOidc) {
1563
+ statements.push({
1563
1564
  Effect: "Allow",
1564
1565
  Principal: {
1565
1566
  Federated: `arn:aws:iam::${accountId}:oidc-provider/${providerUrl}`
@@ -1571,8 +1572,8 @@ function buildOidcTrustPolicy(accountId, subject, oidcProviderUrl, additionalTru
1571
1572
  [`${providerUrl}:aud`]: "sts.amazonaws.com"
1572
1573
  }
1573
1574
  }
1574
- }
1575
- ];
1575
+ });
1576
+ }
1576
1577
  if (additionalTrustedAccounts && additionalTrustedAccounts.length > 0) {
1577
1578
  statements.push({
1578
1579
  Effect: "Allow",
@@ -1948,7 +1949,7 @@ function createTerraformStateBucketPolicy(bucketName, cicdAccountId, allowedAcco
1948
1949
 
1949
1950
  // src/templates/org-stack.ts
1950
1951
  function generateOrgStackTemplate(options) {
1951
- const { orgSlug, cicdAccountId, targetAccountIds, oidcProviderUrl, additionalTrustedAccounts } = options;
1952
+ const { orgSlug, cicdAccountId, targetAccountIds, oidcProviderUrl, additionalTrustedAccounts, skipOidc } = options;
1952
1953
  const template = createBaseTemplate(`DevRamps Org Stack for ${orgSlug}`);
1953
1954
  const kmsKeyPolicy = buildKmsKeyPolicy(cicdAccountId, targetAccountIds);
1954
1955
  template.Resources.DevRampsKMSKey = createKmsKeyResource(
@@ -1978,7 +1979,7 @@ function generateOrgStackTemplate(options) {
1978
1979
  PolicyDocument: bucketPolicy
1979
1980
  }
1980
1981
  };
1981
- const trustPolicy = buildOidcTrustPolicy(cicdAccountId, `org:${orgSlug}/cicd`, oidcProviderUrl, additionalTrustedAccounts);
1982
+ const trustPolicy = buildOidcTrustPolicy(cicdAccountId, `org:${orgSlug}/cicd`, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
1982
1983
  const orgRolePolicies = buildOrgRolePolicies(orgSlug);
1983
1984
  template.Resources.DevRampsCICDDeploymentRole = createIamRoleResource(
1984
1985
  getOrgRoleName(),
@@ -2139,7 +2140,8 @@ function buildOrgRolePolicies(orgSlug) {
2139
2140
 
2140
2141
  // src/templates/pipeline-stack.ts
2141
2142
  function generatePipelineStackTemplate(options) {
2142
- const { pipelineSlug, cicdAccountId, dockerArtifacts, bundleArtifacts } = options;
2143
+ const { pipelineSlug, cicdAccountId, dockerArtifacts, bundleArtifacts, stageAccountIds } = options;
2144
+ const allAccountIds = [.../* @__PURE__ */ new Set([cicdAccountId, ...stageAccountIds])];
2143
2145
  const template = createBaseTemplate(`DevRamps Pipeline Stack for ${pipelineSlug}`);
2144
2146
  const ecrOutputs = {};
2145
2147
  const s3Outputs = {};
@@ -2155,6 +2157,25 @@ function generatePipelineStackTemplate(options) {
2155
2157
  { Key: "ArtifactType", Value: artifact.type }
2156
2158
  ]
2157
2159
  );
2160
+ if (stageAccountIds.length > 0) {
2161
+ template.Resources[resourceId].Properties.RepositoryPolicyText = {
2162
+ Version: "2012-10-17",
2163
+ Statement: [
2164
+ {
2165
+ Sid: "AllowStageAccountPull",
2166
+ Effect: "Allow",
2167
+ Principal: {
2168
+ AWS: allAccountIds.map((id) => `arn:aws:iam::${id}:root`)
2169
+ },
2170
+ Action: [
2171
+ "ecr:GetDownloadUrlForLayer",
2172
+ "ecr:BatchGetImage",
2173
+ "ecr:BatchCheckLayerAvailability"
2174
+ ]
2175
+ }
2176
+ ]
2177
+ };
2178
+ }
2158
2179
  ecrOutputs[artifact.name] = { repoName, resourceId };
2159
2180
  }
2160
2181
  for (const artifact of bundleArtifacts) {
@@ -2169,6 +2190,41 @@ function generatePipelineStackTemplate(options) {
2169
2190
  { Key: "ArtifactType", Value: artifact.type }
2170
2191
  ]
2171
2192
  );
2193
+ if (stageAccountIds.length > 0) {
2194
+ const policyResourceId = sanitizeResourceId(`BucketPolicy${artifactId}`);
2195
+ template.Resources[policyResourceId] = {
2196
+ Type: "AWS::S3::BucketPolicy",
2197
+ Properties: {
2198
+ Bucket: { Ref: resourceId },
2199
+ PolicyDocument: {
2200
+ Version: "2012-10-17",
2201
+ Statement: [
2202
+ {
2203
+ Sid: "AllowStageAccountRead",
2204
+ Effect: "Allow",
2205
+ Principal: {
2206
+ AWS: allAccountIds.map((id) => `arn:aws:iam::${id}:root`)
2207
+ },
2208
+ Action: [
2209
+ "s3:GetObject",
2210
+ "s3:HeadObject"
2211
+ ],
2212
+ Resource: `arn:aws:s3:::${bucketName}/*`
2213
+ },
2214
+ {
2215
+ Sid: "AllowStageAccountList",
2216
+ Effect: "Allow",
2217
+ Principal: {
2218
+ AWS: allAccountIds.map((id) => `arn:aws:iam::${id}:root`)
2219
+ },
2220
+ Action: "s3:ListBucket",
2221
+ Resource: `arn:aws:s3:::${bucketName}`
2222
+ }
2223
+ ]
2224
+ }
2225
+ }
2226
+ };
2227
+ }
2172
2228
  s3Outputs[artifact.name] = { bucketName, resourceId };
2173
2229
  }
2174
2230
  for (const [artifactName, { resourceId }] of Object.entries(ecrOutputs)) {
@@ -2444,14 +2500,15 @@ function generateStageStackTemplate(options) {
2444
2500
  dockerArtifacts,
2445
2501
  bundleArtifacts,
2446
2502
  oidcProviderUrl,
2447
- additionalTrustedAccounts
2503
+ additionalTrustedAccounts,
2504
+ skipOidc
2448
2505
  } = options;
2449
2506
  const template = createBaseTemplate(
2450
2507
  `DevRamps Stage Stack for ${pipelineSlug}/${stageName}`
2451
2508
  );
2452
2509
  const roleName = generateStageRoleName(pipelineSlug, stageName);
2453
- const trustPolicy = buildStageTrustPolicy(accountId, orgSlug, pipelineSlug, oidcProviderUrl, additionalTrustedAccounts);
2454
- const policies = buildStagePolicies(steps, additionalPolicies);
2510
+ const trustPolicy = buildStageTrustPolicy(accountId, orgSlug, pipelineSlug, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
2511
+ const policies = buildStagePolicies(steps, additionalPolicies, dockerArtifacts, bundleArtifacts);
2455
2512
  template.Resources.StageDeploymentRole = createIamRoleResource(
2456
2513
  roleName,
2457
2514
  trustPolicy,
@@ -2494,8 +2551,6 @@ function generateStageStackTemplate(options) {
2494
2551
  );
2495
2552
  s3Outputs[artifact.name] = { resourceId };
2496
2553
  }
2497
- const providerUrl = oidcProviderUrl || OIDC_PROVIDER_URL;
2498
- const oidcProviderArn = `arn:aws:iam::${accountId}:oidc-provider/${providerUrl}`;
2499
2554
  template.Outputs = {
2500
2555
  StageRoleArn: {
2501
2556
  Description: "ARN of the stage deployment role",
@@ -2506,10 +2561,6 @@ function generateStageStackTemplate(options) {
2506
2561
  Description: "Name of the stage deployment role",
2507
2562
  Value: { Ref: "StageDeploymentRole" }
2508
2563
  },
2509
- OIDCProviderArn: {
2510
- Description: "ARN of the OIDC provider (created by Account Bootstrap stack)",
2511
- Value: oidcProviderArn
2512
- },
2513
2564
  PipelineSlug: {
2514
2565
  Description: "Pipeline slug",
2515
2566
  Value: pipelineSlug
@@ -2519,6 +2570,13 @@ function generateStageStackTemplate(options) {
2519
2570
  Value: stageName
2520
2571
  }
2521
2572
  };
2573
+ if (!skipOidc) {
2574
+ const providerUrl = oidcProviderUrl || OIDC_PROVIDER_URL;
2575
+ template.Outputs.OIDCProviderArn = {
2576
+ Description: "ARN of the OIDC provider (created by Account Bootstrap stack)",
2577
+ Value: `arn:aws:iam::${accountId}:oidc-provider/${providerUrl}`
2578
+ };
2579
+ }
2522
2580
  for (const [artifactName, { resourceId }] of Object.entries(ecrOutputs)) {
2523
2581
  const safeName = sanitizeResourceId(artifactName);
2524
2582
  template.Outputs[`${safeName}RepoUri`] = {
@@ -2535,11 +2593,11 @@ function generateStageStackTemplate(options) {
2535
2593
  }
2536
2594
  return template;
2537
2595
  }
2538
- function buildStageTrustPolicy(accountId, orgSlug, pipelineSlug, oidcProviderUrl, additionalTrustedAccounts) {
2596
+ function buildStageTrustPolicy(accountId, orgSlug, pipelineSlug, oidcProviderUrl, additionalTrustedAccounts, skipOidc) {
2539
2597
  const subject = `org:${orgSlug}/pipeline:${pipelineSlug}`;
2540
- return buildOidcTrustPolicy(accountId, subject, oidcProviderUrl, additionalTrustedAccounts);
2598
+ return buildOidcTrustPolicy(accountId, subject, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
2541
2599
  }
2542
- function buildStagePolicies(steps, additionalPolicies) {
2600
+ function buildStagePolicies(steps, additionalPolicies, dockerArtifacts, bundleArtifacts) {
2543
2601
  const policies = [];
2544
2602
  policies.push({
2545
2603
  PolicyName: "DevRampsValidationPolicy",
@@ -2560,6 +2618,38 @@ function buildStagePolicies(steps, additionalPolicies) {
2560
2618
  ]
2561
2619
  }
2562
2620
  });
2621
+ if (dockerArtifacts.length > 0) {
2622
+ policies.push({
2623
+ PolicyName: "DevRampsMirrorECRPolicy",
2624
+ PolicyDocument: {
2625
+ Version: "2012-10-17",
2626
+ Statement: [
2627
+ {
2628
+ Sid: "AllowECRMirror",
2629
+ Effect: "Allow",
2630
+ Action: MIRROR_ECR_PERMISSIONS.actions,
2631
+ Resource: MIRROR_ECR_PERMISSIONS.resources || ["*"]
2632
+ }
2633
+ ]
2634
+ }
2635
+ });
2636
+ }
2637
+ if (bundleArtifacts.length > 0) {
2638
+ policies.push({
2639
+ PolicyName: "DevRampsMirrorS3Policy",
2640
+ PolicyDocument: {
2641
+ Version: "2012-10-17",
2642
+ Statement: [
2643
+ {
2644
+ Sid: "AllowS3Mirror",
2645
+ Effect: "Allow",
2646
+ Action: MIRROR_S3_PERMISSIONS.actions,
2647
+ Resource: MIRROR_S3_PERMISSIONS.resources || ["*"]
2648
+ }
2649
+ ]
2650
+ }
2651
+ });
2652
+ }
2563
2653
  for (const step of steps) {
2564
2654
  if (!hasPermissions(step.type)) {
2565
2655
  continue;
@@ -2606,12 +2696,12 @@ function buildStagePolicies(steps, additionalPolicies) {
2606
2696
 
2607
2697
  // src/templates/import-stack.ts
2608
2698
  function generateImportStackTemplate(options) {
2609
- const { pipelineSlug, orgSlug, accountId, oidcProviderUrl, additionalTrustedAccounts } = options;
2699
+ const { pipelineSlug, orgSlug, accountId, oidcProviderUrl, additionalTrustedAccounts, skipOidc } = options;
2610
2700
  const template = createBaseTemplate(
2611
2701
  `DevRamps Import Stack for ${pipelineSlug} - grants read access for artifact imports`
2612
2702
  );
2613
2703
  const roleName = generateImportRoleName(pipelineSlug);
2614
- const trustPolicy = buildOidcTrustPolicy(accountId, `org:${orgSlug}/cicd`, oidcProviderUrl, additionalTrustedAccounts);
2704
+ const trustPolicy = buildOidcTrustPolicy(accountId, `org:${orgSlug}/cicd`, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
2615
2705
  const policies = buildImportRolePolicies();
2616
2706
  template.Resources.ImportRole = createIamRoleResource(
2617
2707
  roleName,
@@ -2739,6 +2829,15 @@ function getOidcProviderUrlFromEndpoint(endpointOverride) {
2739
2829
  return void 0;
2740
2830
  }
2741
2831
  }
2832
+ function isLocalhostEndpoint(endpointOverride) {
2833
+ if (!endpointOverride) return false;
2834
+ try {
2835
+ const url = new URL(endpointOverride);
2836
+ return url.hostname === "localhost" || url.hostname === "127.0.0.1";
2837
+ } catch {
2838
+ return false;
2839
+ }
2840
+ }
2742
2841
  async function bootstrapCommand(options) {
2743
2842
  try {
2744
2843
  if (options.verbose) {
@@ -2790,7 +2889,11 @@ async function bootstrapCommand(options) {
2790
2889
  }
2791
2890
  const oidcProviderUrl = getOidcProviderUrlFromEndpoint(options.endpointOverride);
2792
2891
  const additionalTrustedAccounts = options.additionalTrustedAccounts ? options.additionalTrustedAccounts.split(",").map((s) => s.trim()) : void 0;
2793
- await executeDeployment(plan, pipelines, pipelineArtifacts, authData, identity.accountId, options, oidcProviderUrl, additionalTrustedAccounts);
2892
+ const skipOidc = isLocalhostEndpoint(options.endpointOverride);
2893
+ if (skipOidc) {
2894
+ info("Localhost endpoint detected \u2014 OIDC provider creation will be skipped");
2895
+ }
2896
+ await executeDeployment(plan, pipelines, pipelineArtifacts, authData, identity.accountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
2794
2897
  } catch (error2) {
2795
2898
  if (error2 instanceof DevRampsError) {
2796
2899
  error(error2.message);
@@ -2847,7 +2950,8 @@ async function buildDeploymentPlan(pipelines, pipelineArtifacts, authData, curre
2847
2950
  action: await determineStackAction(stackName, cicdCredentials, cicdRegion),
2848
2951
  pipelineSlug: pipeline.slug,
2849
2952
  dockerArtifacts: filteredArtifacts.docker,
2850
- bundleArtifacts: filteredArtifacts.bundle
2953
+ bundleArtifacts: filteredArtifacts.bundle,
2954
+ stageAccountIds: pipeline.targetAccountIds
2851
2955
  });
2852
2956
  }
2853
2957
  const accountStacks = [];
@@ -3063,48 +3167,53 @@ async function confirmDeploymentPlan(plan) {
3063
3167
  ]
3064
3168
  });
3065
3169
  }
3066
- async function executeDeployment(plan, pipelines, pipelineArtifacts, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts) {
3170
+ async function executeDeployment(plan, pipelines, pipelineArtifacts, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc) {
3067
3171
  const results = { success: 0, failed: 0 };
3068
3172
  const remainingStacks = 1 + plan.pipelineStacks.length + plan.stageStacks.length + plan.importStacks.length;
3069
- newline();
3070
- header("Phase 1: Deploying Account Bootstrap Stacks");
3071
- info(`Deploying ${plan.accountStacks.length} account stack(s) in parallel...`);
3072
- newline();
3073
- const accountProgress = getMultiStackProgress();
3074
- for (const stack of plan.accountStacks) {
3075
- accountProgress.addStack(stack.stackName, "account", stack.accountId, stack.region, 1);
3076
- }
3077
- accountProgress.start();
3078
- const accountResults = await Promise.all(
3079
- plan.accountStacks.map(async (stack) => {
3080
- try {
3081
- await deployAccountStack(stack, currentAccountId, options, oidcProviderUrl);
3082
- return { stack: `${stack.stackName} (${stack.accountId})`, success: true };
3083
- } catch (error2) {
3084
- return {
3085
- stack: `${stack.stackName} (${stack.accountId})`,
3086
- success: false,
3087
- error: error2 instanceof Error ? error2.message : String(error2)
3088
- };
3173
+ if (skipOidc) {
3174
+ newline();
3175
+ header("Phase 1: Skipping Account Bootstrap Stacks (localhost endpoint, OIDC not needed)");
3176
+ } else {
3177
+ newline();
3178
+ header("Phase 1: Deploying Account Bootstrap Stacks");
3179
+ info(`Deploying ${plan.accountStacks.length} account stack(s) in parallel...`);
3180
+ newline();
3181
+ const accountProgress = getMultiStackProgress();
3182
+ for (const stack of plan.accountStacks) {
3183
+ accountProgress.addStack(stack.stackName, "account", stack.accountId, stack.region, 1);
3184
+ }
3185
+ accountProgress.start();
3186
+ const accountResults = await Promise.all(
3187
+ plan.accountStacks.map(async (stack) => {
3188
+ try {
3189
+ await deployAccountStack(stack, currentAccountId, options, oidcProviderUrl);
3190
+ return { stack: `${stack.stackName} (${stack.accountId})`, success: true };
3191
+ } catch (error2) {
3192
+ return {
3193
+ stack: `${stack.stackName} (${stack.accountId})`,
3194
+ success: false,
3195
+ error: error2 instanceof Error ? error2.message : String(error2)
3196
+ };
3197
+ }
3198
+ })
3199
+ );
3200
+ clearMultiStackProgress();
3201
+ newline();
3202
+ for (const result of accountResults) {
3203
+ if (result.success) {
3204
+ success(`${result.stack} deployed`);
3205
+ results.success++;
3206
+ } else {
3207
+ error(`${result.stack} failed: ${result.error}`);
3208
+ results.failed++;
3089
3209
  }
3090
- })
3091
- );
3092
- clearMultiStackProgress();
3093
- newline();
3094
- for (const result of accountResults) {
3095
- if (result.success) {
3096
- success(`${result.stack} deployed`);
3097
- results.success++;
3098
- } else {
3099
- error(`${result.stack} failed: ${result.error}`);
3100
- results.failed++;
3101
3210
  }
3102
- }
3103
- if (results.failed > 0) {
3104
- newline();
3105
- header("Deployment Summary");
3106
- error(`${results.failed} account stack(s) failed. Skipping remaining ${remainingStacks} stack(s).`);
3107
- process.exit(1);
3211
+ if (results.failed > 0) {
3212
+ newline();
3213
+ header("Deployment Summary");
3214
+ error(`${results.failed} account stack(s) failed. Skipping remaining ${remainingStacks} stack(s).`);
3215
+ process.exit(1);
3216
+ }
3108
3217
  }
3109
3218
  newline();
3110
3219
  header("Phase 2: Deploying Org, Pipeline, Stage, and Import Stacks");
@@ -3126,7 +3235,7 @@ async function executeDeployment(plan, pipelines, pipelineArtifacts, authData, c
3126
3235
  mainProgress.start();
3127
3236
  const orgPromise = (async () => {
3128
3237
  try {
3129
- await deployOrgStack(plan, pipelines, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts);
3238
+ await deployOrgStack(plan, pipelines, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
3130
3239
  return { stack: plan.orgStack.stackName, success: true };
3131
3240
  } catch (error2) {
3132
3241
  return {
@@ -3150,7 +3259,7 @@ async function executeDeployment(plan, pipelines, pipelineArtifacts, authData, c
3150
3259
  });
3151
3260
  const stagePromises = plan.stageStacks.map(async (stack) => {
3152
3261
  try {
3153
- await deployStageStack(stack, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts);
3262
+ await deployStageStack(stack, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
3154
3263
  return { stack: stack.stackName, success: true };
3155
3264
  } catch (error2) {
3156
3265
  return {
@@ -3162,7 +3271,7 @@ async function executeDeployment(plan, pipelines, pipelineArtifacts, authData, c
3162
3271
  });
3163
3272
  const importPromises = plan.importStacks.map(async (stack) => {
3164
3273
  try {
3165
- await deployImportStack(stack, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts);
3274
+ await deployImportStack(stack, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc);
3166
3275
  return { stack: `${stack.stackName} (${stack.accountId})`, success: true };
3167
3276
  } catch (error2) {
3168
3277
  return {
@@ -3199,7 +3308,7 @@ async function executeDeployment(plan, pipelines, pipelineArtifacts, authData, c
3199
3308
  process.exit(1);
3200
3309
  }
3201
3310
  }
3202
- async function deployOrgStack(plan, pipelines, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts) {
3311
+ async function deployOrgStack(plan, pipelines, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc) {
3203
3312
  const { orgSlug, cicdAccountId, cicdRegion } = authData;
3204
3313
  const credentials = cicdAccountId !== currentAccountId ? (await assumeRoleForAccount({
3205
3314
  targetAccountId: cicdAccountId,
@@ -3231,7 +3340,8 @@ async function deployOrgStack(plan, pipelines, authData, currentAccountId, optio
3231
3340
  cicdAccountId,
3232
3341
  targetAccountIds,
3233
3342
  oidcProviderUrl,
3234
- additionalTrustedAccounts
3343
+ additionalTrustedAccounts,
3344
+ skipOidc
3235
3345
  });
3236
3346
  const deployOptions = {
3237
3347
  stackName: plan.orgStack.stackName,
@@ -3254,7 +3364,8 @@ async function deployPipelineStack(stack, authData, currentAccountId, options) {
3254
3364
  pipelineSlug: stack.pipelineSlug,
3255
3365
  cicdAccountId,
3256
3366
  dockerArtifacts: stack.dockerArtifacts,
3257
- bundleArtifacts: stack.bundleArtifacts
3367
+ bundleArtifacts: stack.bundleArtifacts,
3368
+ stageAccountIds: stack.stageAccountIds
3258
3369
  });
3259
3370
  const deployOptions = {
3260
3371
  stackName: stack.stackName,
@@ -3283,7 +3394,7 @@ async function deployAccountStack(stack, currentAccountId, options, oidcProvider
3283
3394
  await previewStackChanges(deployOptions);
3284
3395
  await deployStack(deployOptions);
3285
3396
  }
3286
- async function deployStageStack(stack, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts) {
3397
+ async function deployStageStack(stack, authData, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc) {
3287
3398
  const credentials = stack.accountId !== currentAccountId ? (await assumeRoleForAccount({
3288
3399
  targetAccountId: stack.accountId,
3289
3400
  currentAccountId,
@@ -3299,7 +3410,8 @@ async function deployStageStack(stack, authData, currentAccountId, options, oidc
3299
3410
  dockerArtifacts: stack.dockerArtifacts,
3300
3411
  bundleArtifacts: stack.bundleArtifacts,
3301
3412
  oidcProviderUrl,
3302
- additionalTrustedAccounts
3413
+ additionalTrustedAccounts,
3414
+ skipOidc
3303
3415
  });
3304
3416
  const deployOptions = {
3305
3417
  stackName: stack.stackName,
@@ -3311,7 +3423,7 @@ async function deployStageStack(stack, authData, currentAccountId, options, oidc
3311
3423
  await previewStackChanges(deployOptions);
3312
3424
  await deployStack(deployOptions);
3313
3425
  }
3314
- async function deployImportStack(stack, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts) {
3426
+ async function deployImportStack(stack, currentAccountId, options, oidcProviderUrl, additionalTrustedAccounts, skipOidc) {
3315
3427
  const credentials = stack.accountId !== currentAccountId ? (await assumeRoleForAccount({
3316
3428
  targetAccountId: stack.accountId,
3317
3429
  currentAccountId,
@@ -3322,7 +3434,8 @@ async function deployImportStack(stack, currentAccountId, options, oidcProviderU
3322
3434
  orgSlug: stack.orgSlug,
3323
3435
  accountId: stack.accountId,
3324
3436
  oidcProviderUrl,
3325
- additionalTrustedAccounts
3437
+ additionalTrustedAccounts,
3438
+ skipOidc
3326
3439
  });
3327
3440
  const deployOptions = {
3328
3441
  stackName: stack.stackName,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@devramps/cli",
3
- "version": "0.1.23",
3
+ "version": "0.1.25",
4
4
  "description": "DevRamps CLI - Bootstrap AWS infrastructure for CI/CD pipelines",
5
5
  "main": "dist/index.js",
6
6
  "bin": {