@factiii/stack 0.1.92 → 0.1.96
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/generators/generate-stack-yml.d.ts.map +1 -1
- package/dist/generators/generate-stack-yml.js +37 -5
- package/dist/generators/generate-stack-yml.js.map +1 -1
- package/dist/plugins/addons/auth/index.d.ts +56 -0
- package/dist/plugins/addons/auth/index.d.ts.map +1 -0
- package/dist/plugins/addons/auth/index.js +178 -0
- package/dist/plugins/addons/auth/index.js.map +1 -0
- package/dist/plugins/addons/auth/scanfix/secrets.d.ts +10 -0
- package/dist/plugins/addons/auth/scanfix/secrets.d.ts.map +1 -0
- package/dist/plugins/addons/auth/scanfix/secrets.js +205 -0
- package/dist/plugins/addons/auth/scanfix/secrets.js.map +1 -0
- package/dist/plugins/addons/auth/scanfix/setup.d.ts +12 -0
- package/dist/plugins/addons/auth/scanfix/setup.d.ts.map +1 -0
- package/dist/plugins/addons/auth/scanfix/setup.js +235 -0
- package/dist/plugins/addons/auth/scanfix/setup.js.map +1 -0
- package/dist/plugins/addons/auth/scanfix/validate.d.ts +9 -0
- package/dist/plugins/addons/auth/scanfix/validate.d.ts.map +1 -0
- package/dist/plugins/addons/auth/scanfix/validate.js +153 -0
- package/dist/plugins/addons/auth/scanfix/validate.js.map +1 -0
- package/dist/plugins/index.d.ts.map +1 -1
- package/dist/plugins/index.js +9 -0
- package/dist/plugins/index.js.map +1 -1
- package/dist/plugins/pipelines/aws/scanfix/credentials.d.ts.map +1 -1
- package/dist/plugins/pipelines/aws/scanfix/credentials.js +15 -44
- package/dist/plugins/pipelines/aws/scanfix/credentials.js.map +1 -1
- package/dist/plugins/pipelines/aws/utils/aws-helpers.d.ts +9 -1
- package/dist/plugins/pipelines/aws/utils/aws-helpers.d.ts.map +1 -1
- package/dist/plugins/pipelines/aws/utils/aws-helpers.js +74 -0
- package/dist/plugins/pipelines/aws/utils/aws-helpers.js.map +1 -1
- package/dist/plugins/pipelines/factiii/index.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/index.js +22 -37
- package/dist/plugins/pipelines/factiii/index.js.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/bootstrap.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/bootstrap.js +5 -1
- package/dist/plugins/pipelines/factiii/scanfix/bootstrap.js.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/secrets.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/secrets.js +36 -20
- package/dist/plugins/pipelines/factiii/scanfix/secrets.js.map +1 -1
- package/dist/utils/ansible-vault-secrets.d.ts +6 -2
- package/dist/utils/ansible-vault-secrets.d.ts.map +1 -1
- package/dist/utils/ansible-vault-secrets.js +25 -69
- package/dist/utils/ansible-vault-secrets.js.map +1 -1
- package/dist/utils/ssh-helper.d.ts.map +1 -1
- package/dist/utils/ssh-helper.js +12 -7
- package/dist/utils/ssh-helper.js.map +1 -1
- package/package.json +2 -1
- package/dist/plugins/pipelines/factiii/scanfix/ansible.d.ts +0 -12
- package/dist/plugins/pipelines/factiii/scanfix/ansible.d.ts.map +0 -1
- package/dist/plugins/pipelines/factiii/scanfix/ansible.js +0 -109
- package/dist/plugins/pipelines/factiii/scanfix/ansible.js.map +0 -1
|
@@ -0,0 +1,235 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Auth Setup Scanfixes (Dev Stage)
|
|
4
|
+
*
|
|
5
|
+
* Detects @factiii/auth in dependencies and ensures:
|
|
6
|
+
* - Auth config exists in stack.yml
|
|
7
|
+
* - Auth Prisma schema is initialized (npx @factiii/auth init)
|
|
8
|
+
* - Auth doctor passes (validates setup)
|
|
9
|
+
* - Prisma migrations are applied for auth tables
|
|
10
|
+
*/
|
|
11
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
12
|
+
if (k2 === undefined) k2 = k;
|
|
13
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
14
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
15
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
16
|
+
}
|
|
17
|
+
Object.defineProperty(o, k2, desc);
|
|
18
|
+
}) : (function(o, m, k, k2) {
|
|
19
|
+
if (k2 === undefined) k2 = k;
|
|
20
|
+
o[k2] = m[k];
|
|
21
|
+
}));
|
|
22
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
23
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
24
|
+
}) : function(o, v) {
|
|
25
|
+
o["default"] = v;
|
|
26
|
+
});
|
|
27
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
28
|
+
var ownKeys = function(o) {
|
|
29
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
30
|
+
var ar = [];
|
|
31
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
32
|
+
return ar;
|
|
33
|
+
};
|
|
34
|
+
return ownKeys(o);
|
|
35
|
+
};
|
|
36
|
+
return function (mod) {
|
|
37
|
+
if (mod && mod.__esModule) return mod;
|
|
38
|
+
var result = {};
|
|
39
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
40
|
+
__setModuleDefault(result, mod);
|
|
41
|
+
return result;
|
|
42
|
+
};
|
|
43
|
+
})();
|
|
44
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
45
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
46
|
+
};
|
|
47
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
48
|
+
exports.setupFixes = void 0;
|
|
49
|
+
const fs = __importStar(require("fs"));
|
|
50
|
+
const path = __importStar(require("path"));
|
|
51
|
+
const child_process_1 = require("child_process");
|
|
52
|
+
const js_yaml_1 = __importDefault(require("js-yaml"));
|
|
53
|
+
const config_files_js_1 = require("../../../../constants/config-files.js");
|
|
54
|
+
/**
|
|
55
|
+
* Check if Prisma schema contains auth models (User, Session)
|
|
56
|
+
*/
|
|
57
|
+
function hasAuthModels(rootDir) {
|
|
58
|
+
const schemaPath = path.join(rootDir, 'prisma', 'schema.prisma');
|
|
59
|
+
if (!fs.existsSync(schemaPath))
|
|
60
|
+
return false;
|
|
61
|
+
const content = fs.readFileSync(schemaPath, 'utf8');
|
|
62
|
+
return content.includes('model User') && content.includes('model Session');
|
|
63
|
+
}
|
|
64
|
+
/**
|
|
65
|
+
* Run a command silently and return success/failure
|
|
66
|
+
*/
|
|
67
|
+
function runSilent(cmd, rootDir) {
|
|
68
|
+
try {
|
|
69
|
+
const output = (0, child_process_1.execSync)(cmd, {
|
|
70
|
+
cwd: rootDir,
|
|
71
|
+
encoding: 'utf8',
|
|
72
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
73
|
+
});
|
|
74
|
+
return { success: true, output };
|
|
75
|
+
}
|
|
76
|
+
catch (e) {
|
|
77
|
+
const output = e instanceof Error ? e.message : String(e);
|
|
78
|
+
return { success: false, output };
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
exports.setupFixes = [
|
|
82
|
+
{
|
|
83
|
+
id: 'auth-missing-stack-yml-config',
|
|
84
|
+
stage: 'dev',
|
|
85
|
+
severity: 'warning',
|
|
86
|
+
description: 'Auth config missing from stack.yml (@factiii/auth detected but no auth: section)',
|
|
87
|
+
scan: async (_config, rootDir) => {
|
|
88
|
+
const stackPath = path.join(rootDir, config_files_js_1.STACK_CONFIG_FILENAME);
|
|
89
|
+
if (!fs.existsSync(stackPath))
|
|
90
|
+
return false; // No stack.yml yet, bootstrap handles it
|
|
91
|
+
const content = fs.readFileSync(stackPath, 'utf8');
|
|
92
|
+
// Check if there's an uncommented auth: key at the top level
|
|
93
|
+
return !content.match(/^auth:/m);
|
|
94
|
+
},
|
|
95
|
+
fix: async (_config, rootDir) => {
|
|
96
|
+
try {
|
|
97
|
+
const stackPath = path.join(rootDir, config_files_js_1.STACK_CONFIG_FILENAME);
|
|
98
|
+
const content = fs.readFileSync(stackPath, 'utf8');
|
|
99
|
+
// Build auth section
|
|
100
|
+
const authSection = '\n# ============================================================\n' +
|
|
101
|
+
'# AUTH (@factiii/auth)\n' +
|
|
102
|
+
'# ============================================================\n' +
|
|
103
|
+
'# Detected @factiii/auth in dependencies.\n' +
|
|
104
|
+
'# JWT_SECRET is auto-generated and stored in Ansible Vault.\n' +
|
|
105
|
+
'# Customize features below as needed.\n' +
|
|
106
|
+
'auth:\n' +
|
|
107
|
+
' features:\n' +
|
|
108
|
+
' oauth: false\n' +
|
|
109
|
+
' twoFa: false\n' +
|
|
110
|
+
' emailVerification: false\n' +
|
|
111
|
+
' oauth_provider: EXAMPLE_google\n';
|
|
112
|
+
// Remove any commented-out auth section if present
|
|
113
|
+
let updated = content.replace(/\n?# =+\n# AUTH[^\n]*\n# =+\n(?:#[^\n]*\n)*/g, '');
|
|
114
|
+
// Append auth section before NEXT STEPS or at end
|
|
115
|
+
if (updated.includes('# NEXT STEPS')) {
|
|
116
|
+
updated = updated.replace(/(\n# =+\n# NEXT STEPS)/, authSection + '\n$1');
|
|
117
|
+
}
|
|
118
|
+
else {
|
|
119
|
+
updated = updated.trimEnd() + '\n' + authSection;
|
|
120
|
+
}
|
|
121
|
+
fs.writeFileSync(stackPath, updated, 'utf8');
|
|
122
|
+
console.log(' [OK] Added auth: section to ' + config_files_js_1.STACK_CONFIG_FILENAME);
|
|
123
|
+
// Verify by re-reading
|
|
124
|
+
const verify = fs.readFileSync(stackPath, 'utf8');
|
|
125
|
+
const parsed = js_yaml_1.default.load(verify);
|
|
126
|
+
return !!parsed.auth;
|
|
127
|
+
}
|
|
128
|
+
catch (e) {
|
|
129
|
+
console.log(' Failed: ' + (e instanceof Error ? e.message : String(e)));
|
|
130
|
+
return false;
|
|
131
|
+
}
|
|
132
|
+
},
|
|
133
|
+
manualFix: 'Add to ' + config_files_js_1.STACK_CONFIG_FILENAME + ':\n' +
|
|
134
|
+
' auth:\n' +
|
|
135
|
+
' features:\n' +
|
|
136
|
+
' oauth: false\n' +
|
|
137
|
+
' twoFa: false\n' +
|
|
138
|
+
' emailVerification: false\n' +
|
|
139
|
+
' oauth_provider: EXAMPLE_google',
|
|
140
|
+
},
|
|
141
|
+
{
|
|
142
|
+
id: 'auth-not-initialized',
|
|
143
|
+
stage: 'dev',
|
|
144
|
+
severity: 'critical',
|
|
145
|
+
description: 'Auth schema not initialized (missing User/Session models in Prisma)',
|
|
146
|
+
scan: async (_config, rootDir) => {
|
|
147
|
+
// Only flag if @factiii/auth is installed but schema not initialized
|
|
148
|
+
const schemaPath = path.join(rootDir, 'prisma', 'schema.prisma');
|
|
149
|
+
if (!fs.existsSync(schemaPath))
|
|
150
|
+
return true; // No schema at all
|
|
151
|
+
return !hasAuthModels(rootDir);
|
|
152
|
+
},
|
|
153
|
+
fix: async (_config, rootDir) => {
|
|
154
|
+
try {
|
|
155
|
+
console.log(' Running: npx @factiii/auth init');
|
|
156
|
+
(0, child_process_1.execSync)('npx @factiii/auth init', {
|
|
157
|
+
cwd: rootDir,
|
|
158
|
+
stdio: 'inherit',
|
|
159
|
+
});
|
|
160
|
+
// Regenerate Prisma client
|
|
161
|
+
console.log(' Running: npx prisma generate');
|
|
162
|
+
(0, child_process_1.execSync)('npx prisma generate', {
|
|
163
|
+
cwd: rootDir,
|
|
164
|
+
stdio: 'inherit',
|
|
165
|
+
});
|
|
166
|
+
return hasAuthModels(rootDir);
|
|
167
|
+
}
|
|
168
|
+
catch (e) {
|
|
169
|
+
console.log(' Failed: ' + (e instanceof Error ? e.message : String(e)));
|
|
170
|
+
return false;
|
|
171
|
+
}
|
|
172
|
+
},
|
|
173
|
+
manualFix: 'Run: npx @factiii/auth init && npx prisma generate',
|
|
174
|
+
},
|
|
175
|
+
{
|
|
176
|
+
id: 'auth-doctor-fail',
|
|
177
|
+
stage: 'dev',
|
|
178
|
+
severity: 'warning',
|
|
179
|
+
description: 'Auth doctor check failed (run npx @factiii/auth doctor for details)',
|
|
180
|
+
scan: async (_config, rootDir) => {
|
|
181
|
+
// Skip if auth models not yet initialized
|
|
182
|
+
if (!hasAuthModels(rootDir))
|
|
183
|
+
return false;
|
|
184
|
+
const result = runSilent('npx @factiii/auth doctor', rootDir);
|
|
185
|
+
return !result.success;
|
|
186
|
+
},
|
|
187
|
+
fix: async (_config, rootDir) => {
|
|
188
|
+
// Run doctor with output visible so user can see what's wrong
|
|
189
|
+
try {
|
|
190
|
+
(0, child_process_1.execSync)('npx @factiii/auth doctor', {
|
|
191
|
+
cwd: rootDir,
|
|
192
|
+
stdio: 'inherit',
|
|
193
|
+
});
|
|
194
|
+
return true;
|
|
195
|
+
}
|
|
196
|
+
catch {
|
|
197
|
+
console.log(' Doctor found issues — review output above');
|
|
198
|
+
return false;
|
|
199
|
+
}
|
|
200
|
+
},
|
|
201
|
+
manualFix: 'Run: npx @factiii/auth doctor',
|
|
202
|
+
},
|
|
203
|
+
{
|
|
204
|
+
id: 'auth-prisma-not-migrated',
|
|
205
|
+
stage: 'dev',
|
|
206
|
+
severity: 'warning',
|
|
207
|
+
description: 'Auth database tables not migrated (pending Prisma migrations)',
|
|
208
|
+
scan: async (_config, rootDir) => {
|
|
209
|
+
// Skip if auth models not initialized
|
|
210
|
+
if (!hasAuthModels(rootDir))
|
|
211
|
+
return false;
|
|
212
|
+
// Check for pending migrations
|
|
213
|
+
const result = runSilent('npx prisma migrate status', rootDir);
|
|
214
|
+
if (!result.success)
|
|
215
|
+
return true; // Can't check = assume pending
|
|
216
|
+
return result.output.includes('Following migration') || result.output.includes('not yet been applied');
|
|
217
|
+
},
|
|
218
|
+
fix: async (_config, rootDir) => {
|
|
219
|
+
try {
|
|
220
|
+
console.log(' Running: npx prisma migrate dev');
|
|
221
|
+
(0, child_process_1.execSync)('npx prisma migrate dev', {
|
|
222
|
+
cwd: rootDir,
|
|
223
|
+
stdio: 'inherit',
|
|
224
|
+
});
|
|
225
|
+
return true;
|
|
226
|
+
}
|
|
227
|
+
catch (e) {
|
|
228
|
+
console.log(' Migration failed: ' + (e instanceof Error ? e.message : String(e)));
|
|
229
|
+
return false;
|
|
230
|
+
}
|
|
231
|
+
},
|
|
232
|
+
manualFix: 'Run: npx prisma migrate dev',
|
|
233
|
+
},
|
|
234
|
+
];
|
|
235
|
+
//# sourceMappingURL=setup.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../../../../src/plugins/addons/auth/scanfix/setup.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,iDAAyC;AACzC,sDAA2B;AAE3B,2EAA8E;AAE9E;;GAEG;AACH,SAAS,aAAa,CAAC,OAAe;IACpC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;IACjE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IAE7C,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IACpD,OAAO,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;AAC7E,CAAC;AAED;;GAEG;AACH,SAAS,SAAS,CAAC,GAAW,EAAE,OAAe;IAC7C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,GAAG,EAAE;YAC3B,GAAG,EAAE,OAAO;YACZ,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IACnC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,MAAM,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IACpC,CAAC;AACH,CAAC;AAEY,QAAA,UAAU,GAAU;IAC/B;QACE,EAAE,EAAE,+BAA+B;QACnC,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,SAAS;QACnB,WAAW,EAAE,kFAAkF;QAC/F,IAAI,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,uCAAqB,CAAC,CAAC;YAC5D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;gBAAE,OAAO,KAAK,CAAC,CAAC,yCAAyC;YAEtF,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACnD,6DAA6D;YAC7D,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACnC,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACvE,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,uCAAqB,CAAC,CAAC;gBAC5D,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;gBAEnD,qBAAqB;gBACrB,MAAM,WAAW,GACf,oEAAoE;oBACpE,0BAA0B;oBAC1B,kEAAkE;oBAClE,6CAA6C;oBAC7C,+DAA+D;oBAC/D,yCAAyC;oBACzC,SAAS;oBACT,eAAe;oBACf,oBAAoB;oBACpB,oBAAoB;oBACpB,gCAAgC;oBAChC,oCAAoC,CAAC;gBAEvC,mDAAmD;gBACnD,IAAI,OAAO,GAAG,OAAO,CAAC,OAAO,CAC3B,8CAA8C,EAC9C,EAAE,CACH,CAAC;gBAEF,kDAAkD;gBAClD,IAAI,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBACrC,OAAO,GAAG,OAAO,CAAC,OAAO,CACvB,wBAAwB,EACxB,WAAW,GAAG,MAAM,CACrB,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,OAAO,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,IAAI,GAAG,WAAW,CAAC;gBACnD,CAAC;gBAED,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;gBAC7C,OAAO,CAAC,GAAG,CAAC,iCAAiC,GAAG,uCAAqB,CAAC,CAAC;gBAEvE,uBAAuB;gBACvB,MAAM,MAAM,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;gBAClD,MAAM,MAAM,GAAG,iBAAI,CAAC,IAAI,CAAC,MAAM,CAA4B,CAAC;gBAC5D,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;YACvB,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1E,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EAAE,SAAS,GAAG,uCAAqB,GAAG,KAAK;YAClD,eAAe;YACf,qBAAqB;YACrB,0BAA0B;YAC1B,0BAA0B;YAC1B,sCAAsC;YACtC,wCAAwC;KAC3C;IAED;QACE,EAAE,EAAE,sBAAsB;QAC1B,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,qEAAqE;QAClF,IAAI,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACxE,qEAAqE;YACrE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;YACjE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;gBAAE,OAAO,IAAI,CAAC,CAAC,mBAAmB;YAChE,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACvE,IAAI,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;gBAClD,IAAA,wBAAQ,EAAC,wBAAwB,EAAE;oBACjC,GAAG,EAAE,OAAO;oBACZ,KAAK,EAAE,SAAS;iBACjB,CAAC,CAAC;gBAEH,2BAA2B;gBAC3B,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;gBAC/C,IAAA,wBAAQ,EAAC,qBAAqB,EAAE;oBAC9B,GAAG,EAAE,OAAO;oBACZ,KAAK,EAAE,SAAS;iBACjB,CAAC,CAAC;gBAEH,OAAO,aAAa,CAAC,OAAO,CAAC,CAAC;YAChC,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1E,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EAAE,oDAAoD;KAChE;IAED;QACE,EAAE,EAAE,kBAAkB;QACtB,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,SAAS;QACnB,WAAW,EAAE,qEAAqE;QAClF,IAAI,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACxE,0CAA0C;YAC1C,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAE1C,MAAM,MAAM,GAAG,SAAS,CAAC,0BAA0B,EAAE,OAAO,CAAC,CAAC;YAC9D,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;QACzB,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACvE,8DAA8D;YAC9D,IAAI,CAAC;gBACH,IAAA,wBAAQ,EAAC,0BAA0B,EAAE;oBACnC,GAAG,EAAE,OAAO;oBACZ,KAAK,EAAE,SAAS;iBACjB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;gBAC5D,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EAAE,+BAA+B;KAC3C;IAED;QACE,EAAE,EAAE,0BAA0B;QAC9B,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,SAAS;QACnB,WAAW,EAAE,+DAA+D;QAC5E,IAAI,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACxE,sCAAsC;YACtC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAE1C,+BAA+B;YAC/B,MAAM,MAAM,GAAG,SAAS,CAAC,2BAA2B,EAAE,OAAO,CAAC,CAAC;YAC/D,IAAI,CAAC,MAAM,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC,CAAC,+BAA+B;YACjE,OAAO,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,qBAAqB,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;QACzG,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACvE,IAAI,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;gBAClD,IAAA,wBAAQ,EAAC,wBAAwB,EAAE;oBACjC,GAAG,EAAE,OAAO;oBACZ,KAAK,EAAE,SAAS;iBACjB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpF,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EAAE,6BAA6B;KACzC;CACF,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Validation Scanfixes (Staging/Prod)
|
|
3
|
+
*
|
|
4
|
+
* Validates that auth environment variables are properly
|
|
5
|
+
* configured on staging and production servers.
|
|
6
|
+
*/
|
|
7
|
+
import type { Fix } from '../../../../types/index.js';
|
|
8
|
+
export declare const validateFixes: Fix[];
|
|
9
|
+
//# sourceMappingURL=validate.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../../../src/plugins/addons/auth/scanfix/validate.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAiB,GAAG,EAAE,MAAM,4BAA4B,CAAC;AAkBrE,eAAO,MAAM,aAAa,EAAE,GAAG,EAiG9B,CAAC"}
|
|
@@ -0,0 +1,153 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Auth Validation Scanfixes (Staging/Prod)
|
|
4
|
+
*
|
|
5
|
+
* Validates that auth environment variables are properly
|
|
6
|
+
* configured on staging and production servers.
|
|
7
|
+
*/
|
|
8
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
9
|
+
if (k2 === undefined) k2 = k;
|
|
10
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
11
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
12
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
13
|
+
}
|
|
14
|
+
Object.defineProperty(o, k2, desc);
|
|
15
|
+
}) : (function(o, m, k, k2) {
|
|
16
|
+
if (k2 === undefined) k2 = k;
|
|
17
|
+
o[k2] = m[k];
|
|
18
|
+
}));
|
|
19
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
20
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
21
|
+
}) : function(o, v) {
|
|
22
|
+
o["default"] = v;
|
|
23
|
+
});
|
|
24
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
25
|
+
var ownKeys = function(o) {
|
|
26
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
27
|
+
var ar = [];
|
|
28
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
29
|
+
return ar;
|
|
30
|
+
};
|
|
31
|
+
return ownKeys(o);
|
|
32
|
+
};
|
|
33
|
+
return function (mod) {
|
|
34
|
+
if (mod && mod.__esModule) return mod;
|
|
35
|
+
var result = {};
|
|
36
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
37
|
+
__setModuleDefault(result, mod);
|
|
38
|
+
return result;
|
|
39
|
+
};
|
|
40
|
+
})();
|
|
41
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
+
exports.validateFixes = void 0;
|
|
43
|
+
const fs = __importStar(require("fs"));
|
|
44
|
+
const path = __importStar(require("path"));
|
|
45
|
+
const config_helpers_js_1 = require("../../../../utils/config-helpers.js");
|
|
46
|
+
/**
|
|
47
|
+
* Check if an env file has a variable set (non-empty, non-EXAMPLE)
|
|
48
|
+
*/
|
|
49
|
+
function envFileHasVar(envFilePath, varName) {
|
|
50
|
+
if (!fs.existsSync(envFilePath))
|
|
51
|
+
return false;
|
|
52
|
+
const content = fs.readFileSync(envFilePath, 'utf8');
|
|
53
|
+
const regex = new RegExp('^' + varName + '\\s*=\\s*(.+)$', 'm');
|
|
54
|
+
const match = content.match(regex);
|
|
55
|
+
if (!match || !match[1])
|
|
56
|
+
return false;
|
|
57
|
+
const value = match[1].trim();
|
|
58
|
+
return value.length > 0 && !value.toUpperCase().startsWith('EXAMPLE');
|
|
59
|
+
}
|
|
60
|
+
exports.validateFixes = [
|
|
61
|
+
{
|
|
62
|
+
id: 'auth-env-jwt-staging',
|
|
63
|
+
stage: 'staging',
|
|
64
|
+
severity: 'critical',
|
|
65
|
+
description: 'JWT_SECRET not set in .env.staging (auth will not work)',
|
|
66
|
+
scan: async (_config, rootDir) => {
|
|
67
|
+
const envPath = path.join(rootDir, '.env.staging');
|
|
68
|
+
return !envFileHasVar(envPath, 'JWT_SECRET');
|
|
69
|
+
},
|
|
70
|
+
fix: async (config, rootDir) => {
|
|
71
|
+
try {
|
|
72
|
+
const { AnsibleVaultSecrets } = await Promise.resolve().then(() => __importStar(require('../../../../utils/ansible-vault-secrets.js')));
|
|
73
|
+
const vault = new AnsibleVaultSecrets({
|
|
74
|
+
vault_path: config.ansible?.vault_path ?? (0, config_helpers_js_1.getDefaultVaultPath)(config),
|
|
75
|
+
vault_password_file: config.ansible?.vault_password_file,
|
|
76
|
+
rootDir,
|
|
77
|
+
});
|
|
78
|
+
const jwtSecret = await vault.getSecret('JWT_SECRET');
|
|
79
|
+
if (!jwtSecret) {
|
|
80
|
+
console.log(' JWT_SECRET not in vault — run: npx stack fix --secrets');
|
|
81
|
+
return false;
|
|
82
|
+
}
|
|
83
|
+
// Append to .env.staging
|
|
84
|
+
const envPath = path.join(rootDir, '.env.staging');
|
|
85
|
+
let content = '';
|
|
86
|
+
if (fs.existsSync(envPath)) {
|
|
87
|
+
content = fs.readFileSync(envPath, 'utf8');
|
|
88
|
+
}
|
|
89
|
+
if (content.includes('JWT_SECRET=')) {
|
|
90
|
+
// Replace existing (empty or EXAMPLE) value
|
|
91
|
+
content = content.replace(/^JWT_SECRET\s*=.*$/m, 'JWT_SECRET=' + jwtSecret);
|
|
92
|
+
}
|
|
93
|
+
else {
|
|
94
|
+
content = content.trimEnd() + '\nJWT_SECRET=' + jwtSecret + '\n';
|
|
95
|
+
}
|
|
96
|
+
fs.writeFileSync(envPath, content, 'utf8');
|
|
97
|
+
console.log(' [OK] Set JWT_SECRET in .env.staging from vault');
|
|
98
|
+
return true;
|
|
99
|
+
}
|
|
100
|
+
catch (e) {
|
|
101
|
+
console.log(' Error: ' + (e instanceof Error ? e.message : String(e)));
|
|
102
|
+
return false;
|
|
103
|
+
}
|
|
104
|
+
},
|
|
105
|
+
manualFix: 'Add JWT_SECRET to .env.staging or run: npx stack fix --secrets && npx stack fix --staging',
|
|
106
|
+
},
|
|
107
|
+
{
|
|
108
|
+
id: 'auth-env-jwt-prod',
|
|
109
|
+
stage: 'prod',
|
|
110
|
+
severity: 'critical',
|
|
111
|
+
description: 'JWT_SECRET not set in .env.prod (auth will not work)',
|
|
112
|
+
scan: async (_config, rootDir) => {
|
|
113
|
+
const envPath = path.join(rootDir, '.env.prod');
|
|
114
|
+
return !envFileHasVar(envPath, 'JWT_SECRET');
|
|
115
|
+
},
|
|
116
|
+
fix: async (config, rootDir) => {
|
|
117
|
+
try {
|
|
118
|
+
const { AnsibleVaultSecrets } = await Promise.resolve().then(() => __importStar(require('../../../../utils/ansible-vault-secrets.js')));
|
|
119
|
+
const vault = new AnsibleVaultSecrets({
|
|
120
|
+
vault_path: config.ansible?.vault_path ?? (0, config_helpers_js_1.getDefaultVaultPath)(config),
|
|
121
|
+
vault_password_file: config.ansible?.vault_password_file,
|
|
122
|
+
rootDir,
|
|
123
|
+
});
|
|
124
|
+
const jwtSecret = await vault.getSecret('JWT_SECRET');
|
|
125
|
+
if (!jwtSecret) {
|
|
126
|
+
console.log(' JWT_SECRET not in vault — run: npx stack fix --secrets');
|
|
127
|
+
return false;
|
|
128
|
+
}
|
|
129
|
+
// Append to .env.prod
|
|
130
|
+
const envPath = path.join(rootDir, '.env.prod');
|
|
131
|
+
let content = '';
|
|
132
|
+
if (fs.existsSync(envPath)) {
|
|
133
|
+
content = fs.readFileSync(envPath, 'utf8');
|
|
134
|
+
}
|
|
135
|
+
if (content.includes('JWT_SECRET=')) {
|
|
136
|
+
content = content.replace(/^JWT_SECRET\s*=.*$/m, 'JWT_SECRET=' + jwtSecret);
|
|
137
|
+
}
|
|
138
|
+
else {
|
|
139
|
+
content = content.trimEnd() + '\nJWT_SECRET=' + jwtSecret + '\n';
|
|
140
|
+
}
|
|
141
|
+
fs.writeFileSync(envPath, content, 'utf8');
|
|
142
|
+
console.log(' [OK] Set JWT_SECRET in .env.prod from vault');
|
|
143
|
+
return true;
|
|
144
|
+
}
|
|
145
|
+
catch (e) {
|
|
146
|
+
console.log(' Error: ' + (e instanceof Error ? e.message : String(e)));
|
|
147
|
+
return false;
|
|
148
|
+
}
|
|
149
|
+
},
|
|
150
|
+
manualFix: 'Add JWT_SECRET to .env.prod or run: npx stack fix --secrets && npx stack fix --prod',
|
|
151
|
+
},
|
|
152
|
+
];
|
|
153
|
+
//# sourceMappingURL=validate.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../../../src/plugins/addons/auth/scanfix/validate.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAE7B,2EAA+F;AAE/F;;GAEG;AACH,SAAS,aAAa,CAAC,WAAmB,EAAE,OAAe;IACzD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,KAAK,CAAC;IAE9C,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACrD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,GAAG,GAAG,OAAO,GAAG,gBAAgB,EAAE,GAAG,CAAC,CAAC;IAChE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACnC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IAEtC,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9B,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;AACxE,CAAC;AAEY,QAAA,aAAa,GAAU;IAClC;QACE,EAAE,EAAE,sBAAsB;QAC1B,KAAK,EAAE,SAAS;QAChB,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,yDAAyD;QACtE,IAAI,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACxE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;YACnD,OAAO,CAAC,aAAa,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACtE,IAAI,CAAC;gBACH,MAAM,EAAE,mBAAmB,EAAE,GAAG,wDAAa,4CAA4C,GAAC,CAAC;gBAC3F,MAAM,KAAK,GAAG,IAAI,mBAAmB,CAAC;oBACpC,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,UAAU,IAAI,IAAA,uCAAmB,EAAC,MAAM,CAAC;oBACrE,mBAAmB,EAAE,MAAM,CAAC,OAAO,EAAE,mBAAmB;oBACxD,OAAO;iBACR,CAAC,CAAC;gBAEH,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;gBACtD,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;oBACzE,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,yBAAyB;gBACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;gBACnD,IAAI,OAAO,GAAG,EAAE,CAAC;gBACjB,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3B,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBAC7C,CAAC;gBAED,IAAI,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACpC,4CAA4C;oBAC5C,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,qBAAqB,EAAE,aAAa,GAAG,SAAS,CAAC,CAAC;gBAC9E,CAAC;qBAAM,CAAC;oBACN,OAAO,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,eAAe,GAAG,SAAS,GAAG,IAAI,CAAC;gBACnE,CAAC;gBAED,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;gBAC3C,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;gBACjE,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzE,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EAAE,2FAA2F;KACvG;IAED;QACE,EAAE,EAAE,mBAAmB;QACvB,KAAK,EAAE,MAAM;QACb,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,sDAAsD;QACnE,IAAI,EAAE,KAAK,EAAE,OAAsB,EAAE,OAAe,EAAoB,EAAE;YACxE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YAChD,OAAO,CAAC,aAAa,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACtE,IAAI,CAAC;gBACH,MAAM,EAAE,mBAAmB,EAAE,GAAG,wDAAa,4CAA4C,GAAC,CAAC;gBAC3F,MAAM,KAAK,GAAG,IAAI,mBAAmB,CAAC;oBACpC,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,UAAU,IAAI,IAAA,uCAAmB,EAAC,MAAM,CAAC;oBACrE,mBAAmB,EAAE,MAAM,CAAC,OAAO,EAAE,mBAAmB;oBACxD,OAAO;iBACR,CAAC,CAAC;gBAEH,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;gBACtD,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;oBACzE,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,sBAAsB;gBACtB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;gBAChD,IAAI,OAAO,GAAG,EAAE,CAAC;gBACjB,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3B,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBAC7C,CAAC;gBAED,IAAI,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACpC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,qBAAqB,EAAE,aAAa,GAAG,SAAS,CAAC,CAAC;gBAC9E,CAAC;qBAAM,CAAC;oBACN,OAAO,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,eAAe,GAAG,SAAS,GAAG,IAAI,CAAC;gBACnE,CAAC;gBAED,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;gBAC3C,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;gBAC9D,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzE,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EAAE,qFAAqF;KACjG;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/plugins/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAyBvF,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IAC1E,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;IAE5E,KAAK,MAAM,EAAE,aAAa,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC;CACrE;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACvC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACrC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACpC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACrC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACpC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;CAClC;AAMD;;;GAGG;AACH,eAAO,MAAM,QAAQ,EAAE,cAStB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/plugins/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAyBvF,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IAC1E,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;IAE5E,KAAK,MAAM,EAAE,aAAa,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC;CACrE;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACvC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACrC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACpC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACrC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACpC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;CAClC;AAMD;;;GAGG;AACH,eAAO,MAAM,QAAQ,EAAE,cAStB,CAAC;AA2HF;;GAEG;AACH,wBAAgB,cAAc,CAAC,WAAW,EAAE,WAAW,GAAG,WAAW,CAgBpE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,WAAW,EAAE,GAAG,IAAI,CAI5D;AAMD;;GAEG;AACH,wBAAgB,SAAS,CACvB,QAAQ,EAAE,MAAM,EAChB,EAAE,EAAE,MAAM,GACT,WAAW,GAAG,IAAI,CAUpB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,MAAM,GACf,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAG7B;AAED;;GAEG;AACH,wBAAgB,cAAc,IAAI,WAAW,EAAE,CAU9C;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,cAAc,EAAE,CAe9C;AAMD;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,MAAM,EAChB,EAAE,EAAE,MAAM,EACV,MAAM,GAAE,aAAmC,EAC3C,OAAO,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAM,GACpC,OAAO,CAST;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,EAAE,EAAE,MAAM,EACV,MAAM,GAAE,aAAmC,GAC1C,OAAO,CAST;AAMD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAE7D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,GAAE,MAAM,EAAO,EAC3B,cAAc,GAAE,MAAM,EAAO,GAC5B,IAAI,CA4BN;AAMD;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,MAAM,EACf,MAAM,GAAE,aAAmC,GAC1C,OAAO,CAAC,WAAW,EAAE,CAAC,CAyBxB;AAMD;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAY9D;AAED;;GAEG;AACH,wBAAgB,wBAAwB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAYjE;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAoBlC;AAMD,eAAO,MAAM,OAAO;;;;;;CAMnB,CAAC"}
|
package/dist/plugins/index.js
CHANGED
|
@@ -189,6 +189,15 @@ try {
|
|
|
189
189
|
catch {
|
|
190
190
|
// Plugin not available
|
|
191
191
|
}
|
|
192
|
+
// Auth addon (@factiii/auth integration)
|
|
193
|
+
try {
|
|
194
|
+
// eslint-disable-next-line @typescript-eslint/no-require-imports
|
|
195
|
+
const AuthAddon = require('./addons/auth/index').default;
|
|
196
|
+
exports.registry.addons['auth'] = AuthAddon;
|
|
197
|
+
}
|
|
198
|
+
catch {
|
|
199
|
+
// Plugin not available
|
|
200
|
+
}
|
|
192
201
|
// ============================================================
|
|
193
202
|
// REGISTRATION FUNCTIONS
|
|
194
203
|
// ============================================================
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/plugins/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/plugins/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiMH,wCAgBC;AAKD,0CAIC;AASD,8BAaC;AAKD,oDAKC;AAKD,wCAUC;AAKD,kCAeC;AASD,oDAcC;AAKD,8CAYC;AASD,4CAEC;AAKD,kDA+BC;AAUD,kDA4BC;AASD,oDAYC;AAKD,4DAYC;AAKD,4CAsBC;AAvdD,uDAAuD;AACvD,uCAAyB;AACzB,2CAA6B;AAE7B,kEAAkE;AAClE,IAAI,gBAAgB,GAA2B,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;AAChE,IAAI,CAAC;IACH,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAC3D,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAChC,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAC3B,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CACZ,CAAC;IAC9B,CAAC;AACH,CAAC;AAAC,MAAM,CAAC;IACP,6CAA6C;IAC7C,gBAAgB,GAAG,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;AACtC,CAAC;AA8BD,+DAA+D;AAC/D,kBAAkB;AAClB,+DAA+D;AAE/D;;;GAGG;AACU,QAAA,QAAQ,GAAmB;IACtC,SAAS,EAAE,EAAE;IACb,OAAO,EAAE,EAAE;IACX,UAAU,EAAE,EAAE;IACd,MAAM,EAAE,EAAE;IACV,kDAAkD;IAClD,OAAO,EAAE,EAAE;IACX,MAAM,EAAE,EAAE;IACV,GAAG,EAAE,EAAE;CACR,CAAC;AAEF,+DAA+D;AAC/D,wBAAwB;AACxB,+DAA+D;AAE/D,2CAA2C;AAC3C,mBAAmB;AACnB,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,eAAe,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC,OAAsB,CAAC;IACpF,gBAAQ,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,eAAe,CAAC;AAClD,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,sCAAsC;AACtC,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,SAAS,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC,OAAsB,CAAC;IACxE,gBAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC;IACpC,gBAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC;AAC3C,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,YAAY,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC,OAAsB,CAAC;IAC9E,gBAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC;AAC5C,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,aAAa,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC,OAAsB,CAAC;IAChF,gBAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,aAAa,CAAC;AAC9C,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,iBAAiB,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAC,OAAsB,CAAC;IACzF,gBAAQ,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,iBAAiB,CAAC;AACvD,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,iDAAiD;AACjD,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,WAAW,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC,OAAsB,CAAC;IAC5E,gBAAQ,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC;AAC1C,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,eAAe;AACf,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,WAAW,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC,OAAsB,CAAC;IAC5E,gBAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,WAAW,CAAC;AAC1C,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,oBAAoB;AACpB,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,gBAAgB,GAAG,OAAO,CAAC,gCAAgC,CAAC,CAAC,OAAsB,CAAC;IAC1F,gBAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,GAAG,gBAAgB,CAAC;AACxD,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,UAAU,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC,OAAsB,CAAC;IAC7E,gBAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,UAAU,CAAC;AAC3C,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,gBAAgB;AAChB,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,eAAe,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC,OAAsB,CAAC;IACrF,gBAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,eAAe,CAAC;AACnD,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,aAAa,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC,OAAsB,CAAC;IAChF,gBAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,aAAa,CAAC;AAC9C,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,yCAAyC;AACzC,IAAI,CAAC;IACH,iEAAiE;IACjE,MAAM,SAAS,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC,OAAsB,CAAC;IACxE,gBAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC;AACtC,CAAC;AAAC,MAAM,CAAC;IACP,uBAAuB;AACzB,CAAC;AAED,+DAA+D;AAC/D,yBAAyB;AACzB,+DAA+D;AAE/D,MAAM,WAAW,GAAyC;IACxD,QAAQ,EAAE,WAAW;IACrB,MAAM,EAAE,SAAS;IACjB,SAAS,EAAE,YAAY;IACvB,KAAK,EAAE,QAAQ;IACf,OAAO,EAAE,SAAS;CACnB,CAAC;AAEF;;GAEG;AACH,SAAgB,cAAc,CAAC,WAAwB;IACrD,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC;IACtC,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC;IAE1B,IAAI,CAAC,QAAQ,IAAI,CAAC,EAAE,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,kBAAkB,GAAG,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;IAE7D,IAAI,CAAC,gBAAQ,CAAC,kBAA0C,CAAC,EAAE,CAAC;QACzD,gBAAmE,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC;IAChG,CAAC;IAED,gBAAQ,CAAC,kBAA0C,CAAC,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC;IACvE,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,OAAsB;IACpD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,cAAc,CAAC,MAAM,CAAC,CAAC;IACzB,CAAC;AACH,CAAC;AAED,+DAA+D;AAC/D,sBAAsB;AACtB,+DAA+D;AAE/D;;GAEG;AACH,SAAgB,SAAS,CACvB,QAAgB,EAChB,EAAU;IAEV,MAAM,kBAAkB,GAAG,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;IAE7D,MAAM,gBAAgB,GAAG,gBAAQ,CAAC,kBAA0C,CAAC,CAAC;IAC9E,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,CAAC,IAAI,CAAC,4BAA4B,QAAQ,EAAE,CAAC,CAAC;QACrD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,gBAAgB,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAClC,QAAgB;IAEhB,MAAM,kBAAkB,GAAG,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;IAC7D,OAAO,gBAAQ,CAAC,kBAA0C,CAAC,IAAI,EAAE,CAAC;AACpE,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc;IAC5B,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,KAAK,MAAM,QAAQ,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,CAAU,EAAE,CAAC;QACjF,KAAK,MAAM,WAAW,IAAI,MAAM,CAAC,MAAM,CAAC,gBAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC5D,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW;IACzB,MAAM,OAAO,GAAqB,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,QAAQ,EAAE,eAAe,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,gBAAQ,CAAC,EAAE,CAAC;QACnE,KAAK,MAAM,CAAC,EAAE,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,eAA8C,CAAC,EAAE,CAAC;YAC/F,OAAO,CAAC,IAAI,CAAC;gBACX,EAAE;gBACF,QAAQ;gBACR,IAAI,EAAE,WAAW,CAAC,IAAI;gBACtB,OAAO,EAAE,WAAW,CAAC,OAAO,IAAI,OAAO;aACxC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,+DAA+D;AAC/D,oBAAoB;AACpB,+DAA+D;AAE/D;;GAEG;AACH,SAAgB,oBAAoB,CAClC,QAAgB,EAChB,EAAU,EACV,SAAwB,EAAmB,EAC3C,UAAmC,EAAE;IAErC,MAAM,WAAW,GAAG,SAAS,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IAE5C,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,qBAAqB,QAAQ,IAAI,EAAE,EAAE,CAAC,CAAC;QACpD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAAI,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAC/B,EAAU,EACV,SAAwB,EAAmB;IAE3C,MAAM,WAAW,GAAG,gBAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAEzC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAC;QAC9C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC;AACjC,CAAC;AAED,+DAA+D;AAC/D,0BAA0B;AAC1B,+DAA+D;AAE/D;;GAEG;AACH,SAAgB,gBAAgB,CAAC,WAAmB;IAClD,OAAO,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CACjC,eAAyB,EAAE,EAC3B,iBAA2B,EAAE;IAE7B,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;QACvC,MAAM,UAAU,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;QACjD,MAAM,SAAS,GAAG,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAEvD,IAAI,CAAC,UAAU,IAAI,CAAC,SAAS,EAAE,CAAC;YAC9B,OAAO,CAAC,IAAI,CAAC,kCAAkC,WAAW,EAAE,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,CAAC;YACH,iEAAiE;YACjE,MAAM,YAAY,GAAG,OAAO,CAAC,WAAW,CAEV,CAAC;YAE/B,IAAI,UAAU,IAAI,YAAY,IAAI,IAAI,IAAI,YAAY,EAAE,CAAC;gBACvD,cAAc,CAAC,YAA2B,CAAC,CAAC;YAC9C,CAAC;iBAAM,IAAI,SAAS,IAAI,YAAY,EAAE,CAAC;gBACrC,eAAe,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YACxC,CAAC;YAED,MAAM,cAAc,GAAG,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAClE,OAAO,CAAC,GAAG,CAAC,GAAG,cAAc,4BAA4B,WAAW,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5E,OAAO,CAAC,IAAI,CAAC,oCAAoC,WAAW,KAAK,YAAY,EAAE,CAAC,CAAC;QACnF,CAAC;IACH,CAAC;AACH,CAAC;AAED,+DAA+D;AAC/D,uBAAuB;AACvB,+DAA+D;AAE/D;;;GAGG;AACI,KAAK,UAAU,mBAAmB,CACvC,OAAe,EACf,SAAwB,EAAmB;IAE3C,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,KAAK,MAAM,QAAQ,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,CAAU,EAAE,CAAC;QACjF,KAAK,MAAM,CAAC,EAAE,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,gBAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACnE,8BAA8B;YAC9B,IAAI,WAAW,CAAC,UAAU,EAAE,CAAC;gBAC3B,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;oBACjE,IAAI,UAAU,EAAE,CAAC;wBACf,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;oBAC5B,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,YAAY,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;oBAChE,OAAO,CAAC,IAAI,CAAC,0CAA0C,EAAE,KAAK,YAAY,EAAE,CAAC,CAAC;oBAC9E,kCAAkC;gBACpC,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,+DAA+D;gBAC/D,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,+DAA+D;AAC/D,4BAA4B;AAC5B,+DAA+D;AAE/D;;GAEG;AACH,SAAgB,oBAAoB;IAClC,MAAM,MAAM,GAA4B,EAAE,CAAC;IAE3C,KAAK,MAAM,QAAQ,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,CAAU,EAAE,CAAC;QACjF,KAAK,MAAM,WAAW,IAAI,MAAM,CAAC,MAAM,CAAC,gBAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC5D,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;gBAC7B,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAgB,wBAAwB;IACtC,MAAM,MAAM,GAA2B,EAAE,CAAC;IAE1C,KAAK,MAAM,QAAQ,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,CAAU,EAAE,CAAC;QACjF,KAAK,MAAM,WAAW,IAAI,MAAM,CAAC,MAAM,CAAC,gBAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC5D,IAAI,WAAW,CAAC,gBAAgB,EAAE,CAAC;gBACjC,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,gBAAgB,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAe;IAEf,MAAM,MAAM,GAA4B,EAAE,CAAC;IAE3C,KAAK,MAAM,QAAQ,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,CAAU,EAAE,CAAC;QACjF,KAAK,MAAM,CAAC,EAAE,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,gBAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACnE,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;gBAC7B,IAAI,CAAC;oBACH,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;oBACzD,IAAI,QAAQ,EAAE,CAAC;wBACb,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;oBAClC,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,YAAY,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;oBAChE,OAAO,CAAC,IAAI,CAAC,wCAAwC,EAAE,KAAK,YAAY,EAAE,CAAC,CAAC;gBAC9E,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+DAA+D;AAC/D,iBAAiB;AACjB,+DAA+D;AAElD,QAAA,OAAO,GAAG;IACrB,SAAS,EAAE,gBAAQ,CAAC,SAAS;IAC7B,OAAO,EAAE,gBAAQ,CAAC,OAAO;IACzB,UAAU,EAAE,gBAAQ,CAAC,UAAU;IAC/B,MAAM,EAAE,gBAAQ,CAAC,MAAM;IACvB,OAAO,EAAE,gBAAQ,CAAC,OAAO;CAC1B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../../../../../src/plugins/pipelines/aws/scanfix/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,OAAO,KAAK,EAAiB,GAAG,EAAE,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../../../../../src/plugins/pipelines/aws/scanfix/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,OAAO,KAAK,EAAiB,GAAG,EAAE,MAAM,4BAA4B,CAAC;AA+KrE,eAAO,MAAM,gBAAgB,EAAE,GAAG,EA+RjC,CAAC"}
|
|
@@ -47,9 +47,9 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
47
47
|
})();
|
|
48
48
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
49
49
|
exports.credentialsFixes = void 0;
|
|
50
|
-
const child_process_1 = require("child_process");
|
|
51
50
|
const fs = __importStar(require("fs"));
|
|
52
51
|
const path = __importStar(require("path"));
|
|
52
|
+
const os = __importStar(require("os"));
|
|
53
53
|
const aws_helpers_js_1 = require("../utils/aws-helpers.js");
|
|
54
54
|
/**
|
|
55
55
|
* Read the bootstrap policy JSON from the policies directory
|
|
@@ -77,23 +77,23 @@ async function bootstrapAwsAccount(config) {
|
|
|
77
77
|
console.log(' AWS credentials already configured (account: ' + accountId + ')');
|
|
78
78
|
return true;
|
|
79
79
|
}
|
|
80
|
-
// Phase B: Prompt user
|
|
80
|
+
// Phase B: Prompt user for AWS credentials directly (no CLI needed)
|
|
81
81
|
console.log('');
|
|
82
82
|
console.log(' ============================================================');
|
|
83
83
|
console.log(' AWS credentials not configured.');
|
|
84
84
|
console.log(' Login with your AWS root account or an IAM admin user.');
|
|
85
85
|
console.log(' ============================================================');
|
|
86
86
|
console.log('');
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
console.log(' aws configure failed: ' + (e instanceof Error ? e.message : String(e)));
|
|
87
|
+
const { promptSingleLine } = await Promise.resolve().then(() => __importStar(require('../../../../utils/secret-prompts.js')));
|
|
88
|
+
const inputAccessKeyId = await promptSingleLine(' AWS Access Key ID: ');
|
|
89
|
+
const inputSecretKey = await promptSingleLine(' AWS Secret Access Key: ', { hidden: true });
|
|
90
|
+
const inputRegion = await promptSingleLine(' Default region [' + region + ']: ');
|
|
91
|
+
const finalRegion = inputRegion || region;
|
|
92
|
+
if (!inputAccessKeyId || !inputSecretKey) {
|
|
93
|
+
console.log(' Access Key ID and Secret Access Key are required.');
|
|
95
94
|
return false;
|
|
96
95
|
}
|
|
96
|
+
(0, aws_helpers_js_1.writeAwsCredentials)(inputAccessKeyId, inputSecretKey, finalRegion);
|
|
97
97
|
accountId = await (0, aws_helpers_js_1.getAwsAccountId)(region);
|
|
98
98
|
if (!accountId) {
|
|
99
99
|
console.log(' AWS credentials still invalid after configuration.');
|
|
@@ -146,10 +146,8 @@ async function bootstrapAwsAccount(config) {
|
|
|
146
146
|
return false;
|
|
147
147
|
}
|
|
148
148
|
console.log(' [OK] Created access key for ' + userName);
|
|
149
|
-
// Phase D:
|
|
150
|
-
(0,
|
|
151
|
-
(0, child_process_1.execSync)('aws configure set aws_secret_access_key ' + newSecretKey, { stdio: 'pipe' });
|
|
152
|
-
(0, child_process_1.execSync)('aws configure set region ' + region, { stdio: 'pipe' });
|
|
149
|
+
// Phase D: Write new IAM credentials to ~/.aws/
|
|
150
|
+
(0, aws_helpers_js_1.writeAwsCredentials)(newAccessKeyId, newSecretKey, region);
|
|
153
151
|
// Verify new credentials work
|
|
154
152
|
const verifyId = await (0, aws_helpers_js_1.getAwsAccountId)(region);
|
|
155
153
|
if (!verifyId) {
|
|
@@ -246,12 +244,8 @@ exports.credentialsFixes = [
|
|
|
246
244
|
},
|
|
247
245
|
fix: async (config, rootDir) => {
|
|
248
246
|
try {
|
|
249
|
-
// Try to read region from
|
|
250
|
-
let region = '';
|
|
251
|
-
try {
|
|
252
|
-
region = (0, child_process_1.execSync)('aws configure get region', { encoding: 'utf8', stdio: 'pipe' }).trim();
|
|
253
|
-
}
|
|
254
|
-
catch { /* no AWS CLI or not configured */ }
|
|
247
|
+
// Try to read region from ~/.aws/config
|
|
248
|
+
let region = (0, aws_helpers_js_1.readAwsRegionFromConfig)() ?? '';
|
|
255
249
|
if (!region)
|
|
256
250
|
region = 'us-east-1'; // Safe default
|
|
257
251
|
// Read stack.yml and add aws.region
|
|
@@ -316,7 +310,6 @@ exports.credentialsFixes = [
|
|
|
316
310
|
}
|
|
317
311
|
try {
|
|
318
312
|
// Read from ~/.aws/credentials (set by aws configure)
|
|
319
|
-
const os = await Promise.resolve().then(() => __importStar(require('os')));
|
|
320
313
|
const awsCredsPath = path.join(os.homedir(), '.aws', 'credentials');
|
|
321
314
|
if (!fs.existsSync(awsCredsPath)) {
|
|
322
315
|
console.log(' ~/.aws/credentials not found — run "aws configure" first');
|
|
@@ -422,28 +415,7 @@ exports.credentialsFixes = [
|
|
|
422
415
|
return false;
|
|
423
416
|
}
|
|
424
417
|
const region = config.aws?.region ?? 'us-east-1';
|
|
425
|
-
|
|
426
|
-
const os = await Promise.resolve().then(() => __importStar(require('os')));
|
|
427
|
-
const awsDir = path.join(os.homedir(), '.aws');
|
|
428
|
-
if (!fs.existsSync(awsDir)) {
|
|
429
|
-
fs.mkdirSync(awsDir, { mode: 0o755 });
|
|
430
|
-
}
|
|
431
|
-
// Write credentials file
|
|
432
|
-
const credentialsPath = path.join(awsDir, 'credentials');
|
|
433
|
-
const credentialsContent = [
|
|
434
|
-
'[default]',
|
|
435
|
-
'aws_access_key_id = ' + accessKeyId,
|
|
436
|
-
'aws_secret_access_key = ' + secretKey,
|
|
437
|
-
].join('\n') + '\n';
|
|
438
|
-
fs.writeFileSync(credentialsPath, credentialsContent, { mode: 0o600 });
|
|
439
|
-
// Write config file
|
|
440
|
-
const configPath = path.join(awsDir, 'config');
|
|
441
|
-
const configContent = [
|
|
442
|
-
'[default]',
|
|
443
|
-
'region = ' + region,
|
|
444
|
-
'output = json',
|
|
445
|
-
].join('\n') + '\n';
|
|
446
|
-
fs.writeFileSync(configPath, configContent, { mode: 0o644 });
|
|
418
|
+
(0, aws_helpers_js_1.writeAwsCredentials)(accessKeyId, secretKey, region);
|
|
447
419
|
console.log(' ✅ Configured ~/.aws/credentials from Ansible Vault');
|
|
448
420
|
console.log(' ✅ Configured ~/.aws/config (region: ' + region + ')');
|
|
449
421
|
return true;
|
|
@@ -470,7 +442,6 @@ exports.credentialsFixes = [
|
|
|
470
442
|
return true;
|
|
471
443
|
try {
|
|
472
444
|
// Check ~/.aws/credentials directly (no AWS CLI needed)
|
|
473
|
-
const os = await Promise.resolve().then(() => __importStar(require('os')));
|
|
474
445
|
const credPath = path.join(os.homedir(), '.aws', 'credentials');
|
|
475
446
|
if (fs.existsSync(credPath)) {
|
|
476
447
|
const content = fs.readFileSync(credPath, 'utf8');
|