@fishawack/lab-env 2.1.0 → 3.1.0

package/commands/create/services/aws/iam.js

@@ -0,0 +1,170 @@
+const { IAMClient, CreateUserCommand, GetUserCommand, DeleteUserCommand, AttachUserPolicyCommand, ListAttachedUserPoliciesCommand, DetachUserPolicyCommand, CreateAccessKeyCommand, DeleteAccessKeyCommand, ListAccessKeysCommand } = require("@aws-sdk/client-iam");
+const { Spinner } = require('../../libs/utilities');
+const { createClient } = require('./misc.js');
+
+module.exports.createIAMUser = async (UserName, account) => {
+    const client = createClient(IAMClient, account);
+
+    let res;
+
+    try{
+        res = await Spinner.prototype.simple(`Creating IAM user ${UserName}`, () => {
+            return client.send(
+                new CreateUserCommand({ UserName })
+            );
+        });
+    } catch(e){
+        res = await Spinner.prototype.simple(`Retrieving the already existing IAM user ${UserName}`, () => {
+            return client.send(
+                new GetUserCommand({ UserName })
+            );
+        });
+    }
+
+    return res;
+};
+
+module.exports.createFWIAMUser = async (UserName, account) => {
+    await module.exports.createIAMUser(UserName, account);
+
+    await module.exports.syncFWIAMPolicies(UserName, account);
+
+    let res = await module.exports.createAccessKeySafe(UserName, account);
+
+    return res;
+};
+
+module.exports.removeIAMUser = async (UserName, account) => {
+    const client = createClient(IAMClient, account);
+
+    let res;
+
+    try{
+        await Spinner.prototype.simple(`Checking if IAM user ${UserName} exists`, () => {
+            return client.send(
+                new GetUserCommand({ UserName })
+            );
+        });
+
+        await module.exports.removeAllIAMPolicies(UserName, account);
+
+        await module.exports.removeAllAccessKeys(UserName, account);
+
+        res = await Spinner.prototype.simple(`Removing IAM user ${UserName}`, () => {
+            return client.send(
+                new DeleteUserCommand({ UserName })
+            );
+        });
+    } catch(e){
+    }
+
+    return res;
+};
+
+module.exports.attachIAMPolicy = async (UserName, account, policy) => {
+    const client = createClient(IAMClient, account);
+
+    let res = await Spinner.prototype.simple(`Attaching IAM policy ${policy}`, () => {
+        return client.send(
+            new AttachUserPolicyCommand({ UserName, PolicyArn: policy })
+        );
+    });
+
+    return res;
+};
+
+module.exports.syncFWIAMPolicies = async (UserName, account) => {
+    await module.exports.removeAllIAMPolicies(UserName, account);
+    await module.exports.attachIAMPolicy(UserName, account, 'arn:aws:iam::aws:policy/AmazonS3FullAccess');
+    await module.exports.attachIAMPolicy(UserName, account, 'arn:aws:iam::aws:policy/CloudFrontFullAccess');
+};
+
+module.exports.removeIAMPolicy = async (UserName, account, policy) => {
+    const client = createClient(IAMClient, account);
+
+    let res = await Spinner.prototype.simple(`Detaching IAM policy ${policy}`, () => {
+        return client.send(
+            new DetachUserPolicyCommand({ UserName, PolicyArn: policy })
+        );
+    });
+
+    return res;
+};
+
+module.exports.listIAMPolicies = async (UserName, account) => {
+    const client = createClient(IAMClient, account);
+
+    let res = await Spinner.prototype.simple(`Listing IAM policies`, () => {
+        return client.send(
+            new ListAttachedUserPoliciesCommand({ UserName })
+        );
+    });
+
+    return res;
+};
+
+module.exports.removeAllIAMPolicies = async (UserName, account) => {
+    let res = await module.exports.listIAMPolicies(UserName, account);
+
+    for(let i = 0; i < res.AttachedPolicies.length; i++){
+        await module.exports.removeIAMPolicy(UserName, account, res.AttachedPolicies[i].PolicyArn);
+    }
+
+    return res;
+};
+
+module.exports.createAccessKey = async (UserName, account) => {
+    const client = createClient(IAMClient, account);
+
+    let res = await Spinner.prototype.simple(`Creating access key`, () => {
+        return client.send(
+            new CreateAccessKeyCommand({ UserName })
+        );
+    });
+
+    return res;
+};
+
+module.exports.removeAccessKey = async (UserName, account, AccessKeyId) => {
+    const client = createClient(IAMClient, account);
+
+    let res = await Spinner.prototype.simple(`Removing access key ${AccessKeyId}`, () => {
+        return client.send(
+            new DeleteAccessKeyCommand({ AccessKeyId, UserName })
+        );
+    });
+
+    return res;
+};
+
+module.exports.listAccessKeys = async (UserName, account) => {
+    const client = createClient(IAMClient, account);
+
+    let res = await Spinner.prototype.simple(`Listing access keys`, () => {
+        return client.send(
+            new ListAccessKeysCommand({ UserName })
+        );
+    });
+
+    return res;
+};
+
+module.exports.removeAllAccessKeys = async (UserName, account) => {
+    let res = await module.exports.listAccessKeys(UserName, account);
+
+    for(let i = 0; i < res.AccessKeyMetadata.length; i++){
+        await module.exports.removeAccessKey(UserName, account, res.AccessKeyMetadata[i].AccessKeyId);
+    }
+
+    return res;
+};
+
+module.exports.createAccessKeySafe = async (UserName, account) => {
+    let res = await module.exports.listAccessKeys(UserName, account);
+
+    if(!res.AccessKeyMetadata.length){
+        res = await module.exports.createAccessKey(UserName, account);
+    }
+
+    return res;
+};

package/commands/create/services/aws/index.js

@@ -0,0 +1,25 @@
+module.exports.s3 = require("./s3.js");
+module.exports.cloudfront = require("./cloudfront.js");
+module.exports.iam = require("./iam.js");
+
+module.exports.slug = (repo, client, branch) => `fw-auto-${client}-${repo}-${branch}`;
+
+module.exports.clients = ['fishawack', 'abbvie', 'sanofigenzyme', 'gsk', 'janssen', 'astrazeneca', 'ptc', 'jazz', 'pfizer', 'heron', 'novartis', 'training'];
+
+module.exports.static = async (name, account, tags = [], credentials = []) => {
+    let s3 = await module.exports.s3.createS3Bucket(name, account, tags);
+
+    let cloudfrontFunction = await module.exports.cloudfront.createCloudFrontFunction(name, account, credentials.length ? 'aws-cloudfront-auth' : 'aws-cloudfront-simple', {credentials: credentials.map(d => `Basic ${Buffer.from(`${d.username}:${d.password}`).toString('base64')}`)});
+
+    let cloudfront = await module.exports.cloudfront.createCloudFrontDistribution(name, account, tags, cloudfrontFunction.FunctionSummary.FunctionMetadata.FunctionARN);
+
+    await module.exports.s3.setS3BucketPolicy(name, account, cloudfront.Distribution.DistributionConfig.Origins.Items[0].S3OriginConfig.OriginAccessIdentity.split('origin-access-identity/cloudfront/')[1]);
+
+    let config = {
+        "bucket": s3.Location,
+        "url": `https://${cloudfront.Distribution.DomainName}`,
+        "cloudfront": cloudfront.Distribution.Id,
+    };
+
+    return config;
+}

package/commands/create/services/aws/misc.js

@@ -0,0 +1,9 @@
+module.exports.createClient = (client, account, region = 'us-east-1') => {
+    delete process.env.AWS_PROFILE;
+
+    if(account){
+        process.env.AWS_PROFILE = account;
+    }
+
+    return new client({ region });
+}

package/commands/create/services/aws/s3.js

@@ -0,0 +1,109 @@
+const { S3Client, CreateBucketCommand, DeleteBucketCommand, ListBucketsCommand, PutPublicAccessBlockCommand, PutBucketTaggingCommand, PutBucketPolicyCommand, PutObjectCommand, DeleteObjectCommand } = require("@aws-sdk/client-s3");
+const { Spinner } = require('../../libs/utilities');
+const { createClient } = require('./misc.js');
+
+module.exports.createS3Bucket = async (bucket, account, tags = []) => {
+    const client = createClient(S3Client, account);
+
+    let res = await Spinner.prototype.simple(`Creating s3 bucket ${bucket}`, () => {
+        return client.send(
+            new CreateBucketCommand({ Bucket: bucket })
+        );
+    });
+
+    await Spinner.prototype.simple(`Blocking all public access to s3 bucket`, () => {
+        return client.send(
+            new PutPublicAccessBlockCommand({ Bucket: bucket, PublicAccessBlockConfiguration: { BlockPublicAcls: true, BlockPublicPolicy: true, IgnorePublicAcls: true, RestrictPublicBuckets: true } })
+        );
+    });
+
+    await Spinner.prototype.simple(`Adding tags to s3 bucket`, () => {
+        return client.send(
+            new PutBucketTaggingCommand({ Bucket: bucket, Tagging: {TagSet: [{Key: 'client', Value: account}].concat(tags)} })
+        );
+    });
+    
+    return res;
+}
+
+module.exports.listS3Buckets = async (account) => {
+    const client = createClient(S3Client, account);
+
+    let res = await Spinner.prototype.simple(`Listing s3 buckets`, () => {
+        return client.send(
+            new ListBucketsCommand({})
+        );
+    });
+
+    return res;
+}
+
+module.exports.removeS3Bucket = async (bucket, account) => {
+    const client = createClient(S3Client, account);
+
+    await Spinner.prototype.simple(`Removing s3 bucket ${bucket}`, () => {
+        return client.send(
+            new DeleteBucketCommand({ Bucket: bucket })
+        );
+    });
+}
+
+module.exports.setS3BucketPolicy = async (bucket, account, OAI) => {
+    const client = createClient(S3Client, account);
+
+    let res = await Spinner.prototype.simple(`Updating s3 bucket policy`, () => {
+        return client.send(
+            new PutBucketPolicyCommand({
+                Bucket: bucket,
+                Policy: JSON.stringify({
+                    "Version": "2008-10-17",
+                    "Id": "PolicyForCloudFrontPrivateContent",
+                    "Statement": [
+                        {
+                            "Sid": "1",
+                            "Effect": "Allow",
+                            "Principal": {
+                                "AWS": `arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ${OAI}`
+                            },
+                            "Action": "s3:GetObject",
+                            "Resource": `arn:aws:s3:::${bucket}/*`
+                        }
+                    ]
+                })
+            })
+        );
+    });
+
+    return res;
+}
+
+module.exports.addFileToS3Bucket = async (bucket, account, filepath, file) => {
+    const client = createClient(S3Client, account);
+
+    let res = await Spinner.prototype.simple(`Adding file to s3 bucket`, () => {
+        return client.send(
+            new PutObjectCommand({
+                Bucket: bucket,
+                Body: file,
+                Key: filepath
+            })
+        );
+    });
+    
+    return res;
+};
+
+module.exports.removeFileToS3Bucket = async (bucket, account, filepath) => {
+    const client = createClient(S3Client, account);
+
+    let res = await Spinner.prototype.simple(`Removing file from s3 bucket`, () => {
+        return client.send(
+            new DeleteObjectCommand({
+                Bucket: bucket,
+                Key: filepath
+            })
+        );
+    });
+    
+    return res;
+}

package/commands/create/services/guide.js

@@ -194,6 +194,19 @@ module.exports.preset = async () => {
     return inputs.preset;
 }
 
+module.exports.gitlabSkip = async () => {
+    let inputs = await inquirer.prompt([
+        {
+            type: 'confirm',
+            name: 'confirm',
+            message: 'Do you want to test gitlab setup? (VPN required)',
+            default: true
+        }
+    ]);
+
+    return !inputs.confirm;
+}
+
 module.exports.config = async () => {
     let inputs = await inquirer.prompt([
         {

package/commands/docker/rebuild.js

@@ -11,5 +11,5 @@ module.exports = [
                 default: ''
             });
     },
-    argv => execSync(`${_.docker} build ${argv.image} --no-cache`, _.opts)
+    argv => execSync(`${_.docker} build --no-cache ${argv.image}`, _.opts)
 ];

package/commands/execute.js

@@ -16,6 +16,15 @@ module.exports = [
                 describe: 'Run with a virtual display',
                 type: 'boolean'
             });
+
+        yargs.option('grunt', {
+                alias: 'g',
+                describe: 'Execute a grunt command',
+                type: 'boolean'
+            });
     },
-    argv => execSync(`${_.docker} ${_.run}c "${argv.d ? 'xvfb-run ' : ''}${argv.command.join(' ')}"`, _.opts)
+    argv => {
+        const prep = argv.g ? '$grunt ' : ' ';
+        execSync(`${_.docker} ${_.run}c "${argv.d ? 'xvfb-run ' : ''}${prep}${argv.command.join(prep)}"`, _.opts)
+    }
 ];

package/core/{0.1.0 → 0.2.0}/Dockerfile

@@ -37,6 +37,9 @@ RUN npm install grunt-cli -g
 # Install package.json checker
 RUN npm install check-dependencies -g
 
+# Install node_modules checker
+RUN npm install are-you-es5 -g
+
 # Install imagemagick
 RUN apt-get update && apt-get install -y imagemagick
 
@@ -105,7 +108,7 @@ RUN apt-get update
 
 # Specific chrome version
 # Check available versions here: https://www.ubuntuupdates.org/package/google_chrome/stable/main/base/google-chrome-stable
-ARG CHROME_VERSION="87.0.4280.141-1"
+ARG CHROME_VERSION="105.0.5195.102-1"
 RUN wget --no-verbose -O /tmp/chrome.deb http://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${CHROME_VERSION}_amd64.deb
 RUN apt install -y /tmp/chrome.deb
 
@@ -185,10 +188,11 @@ npm(){(\n\
         sed -i \'s/watchTask: true,/watchTask: true,watchOptions: { usePolling: true },port: process.env.PORT || 3000, ui: {port: +process.env.PORT_OPT || 3001},/g\' $PWD/node_modules/@fishawack/core/_Tasks/options/browserSync.js 2>/dev/null || true\n\
         sed -i \'s/watchTask: true,/watchTask: true,watchOptions: { usePolling: true },port: process.env.PORT || 3000, ui: {port: +process.env.PORT_OPT || 3001},/g\' $PWD/node_modules/@fishawack/config-grunt/_Tasks/options/browserSync.js 2>/dev/null || true\n\
         echo "Overwrite webdriver browsers to fix them to specific browser versions"\n\
-        sed -i \'s/exports.config = {.*/exports.config = { seleniumArgs: { drivers: {chrome: { version: "87.0.4280.88" },firefox: { version: "0.28.0" }} },/\' $PWD/node_modules/@fishawack/core/wdio.conf.js 2>/dev/null || true\n\
-        sed -i \'s/exports.config = {.*/exports.config = { seleniumArgs: { drivers: {chrome: { version: "87.0.4280.88" },firefox: { version: "0.28.0" }} },/\' $PWD/node_modules/@fishawack/config-grunt/wdio.conf.js 2>/dev/null || true\n\
+        sed -i \'s/exports.config = {.*/exports.config = { seleniumArgs: { drivers: {chrome: { version: "105.0.5195.52" },firefox: { version: "0.28.0" }} },/\' $PWD/node_modules/@fishawack/core/wdio.conf.js 2>/dev/null || true\n\
+        sed -i \'s/exports.config = {.*/exports.config = { seleniumArgs: { drivers: {chrome: { version: "105.0.5195.52" },firefox: { version: "0.28.0" }} },/\' $PWD/node_modules/@fishawack/config-grunt/wdio.conf.js 2>/dev/null || true\n\
+        sed -i \'s/87.0.4280.88/105.0.5195.52/\' $PWD/node_modules/@fishawack/core/wdio.conf.js 2>/dev/null || true\n\
         sed -i \'s/puppeteer.launch({headless: true}).*/puppeteer.launch({headless: true, args: [ "--no-sandbox", "--disable-setuid-sandbox", "--disable-dev-shm-usage" ]}).then(async browser => {/\' $PWD/node_modules/sprinkle/bin/commands/screenshots.js 2>/dev/null || true\n\
-        npx --no-install selenium-standalone --singleDriverInstall=chrome install --drivers.chrome.version=87.0.4280.88 2>/dev/null || true\n\
+        npx --no-install selenium-standalone --singleDriverInstall=chrome install --drivers.chrome.version=105.0.5195.52 2>/dev/null || true\n\
         npx --no-install selenium-standalone --singleDriverInstall=firefox install --drivers.firefox.version=0.28.0 2>/dev/null || true\n\
         export OVERRIDE=true\n\
     else\n\

package/core/CHANGELOG.md

@@ -1,4 +1,8 @@
 ## Changelog
 
+### 0.2.0 (2022-09-08)
+* [Feature] are-you-es5 dependency now globally installed with npm
+* [Fix] core now points to google-chrome 105 now that 87 is no longer available to download through the image
+
 ### 0.1.0 (2022-05-27)
 * [Feature] Added aws-cli@2 to core container

package/core/package.json

@@ -1,9 +1,10 @@
 {
   "name": "core",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "lab-env docker config for the @fishawack/core npm module",
   "scripts": {
-    "postversion": "mv ./*/ ./$npm_package_version && docker build ./*/ -t fishawack/core:$npm_package_version -t fishawack/core:latest && docker push fishawack/core:$npm_package_version && docker push fishawack/core:latest && git add . && git commit -m 'Bumped core to $npm_package_version'"
+    "preversion": "docker login",
+    "postversion": "mv ./*/ ./$npm_package_version && docker build ./*/ -t fishawack/core:$npm_package_version --platform linux/amd64 -t fishawack/core:latest && docker push fishawack/core:$npm_package_version && docker push fishawack/core:latest && git add . && git commit -m 'Bumped core to $npm_package_version'"
   },
   "author": "Mike Mellor",
   "license": "ISC"

package/drupal/9/apache/apache.conf

@@ -1,3 +1,4 @@
+Mutex posixsem
 LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
 
 <VirtualHost *:8080>

package/drupal/9/docker-compose.yml

@@ -36,7 +36,7 @@ services:
     build: 
       context: ./php/
       dockerfile: Dockerfile
-    image: lab-env/drupal/9/php:0.0.3
+    image: lab-env/drupal/9/php:0.0.4
     init: true
     working_dir: /app
     networks:

package/drupal/9/php/Dockerfile

@@ -1,4 +1,4 @@
-FROM chialab/php:7.4-fpm
+FROM chialab/php:8.1-fpm
 
 MAINTAINER Mike Mellor
 

package/globals.js

@@ -1,15 +1,19 @@
 const execSync = require('child_process').execSync;
 const path = require('path');
-const { lstatSync, readdirSync, copyFileSync, existsSync } = require('fs');
+const { lstatSync, readdirSync, copyFileSync, existsSync, readFileSync } = require('fs');
 const semver = require('semver');
 const getPort = require('get-port');
 const utilities = require('./commands/create/libs/utilities');
+const os = require('os');
+const { hideBin } = require('yargs/helpers');
+const args = hideBin(process.argv);
 
 process.env.DIRNAME = __dirname;
 
 const isDirectory = source => lstatSync(source).isDirectory();
 const getDirectories = source => readdirSync(source).map(name => path.join(source, name)).filter(isDirectory);
 
+var config;
 var repo;
 var platform;
 var pkg;
@@ -20,8 +24,31 @@ var run;
 var exec;
 var running;
 var services;
+var branch;
+var diagnosis = '1.0.0';
 var opts = {encoding: 'utf8', stdio: 'inherit', shell: '/bin/bash'};
 
+try{
+    config = JSON.parse(readFileSync(`${os.homedir()}/.lab-env`, {encoding: 'utf8'}));
+} catch(e){
+    config = {};
+}
+
+if(args[0] !== 'diag' && args[0] !== 'diagnose'){
+    if(!config.diagnosis || semver.diff(config.diagnosis, diagnosis) === 'major'){
+        console.log(`${utilities.colorize(`@fishawack/lab-env`, 'title')} diagnosis is ${utilities.colorize(`outdated`, 'error')}.\n\nRun ${utilities.colorize(`fw diagnose`, 'success')} to reconfigure.`);
+        process.exit(1);
+    } else if(semver.diff(config.diagnosis, diagnosis) !== null){
+        console.log(`${utilities.colorize(`@fishawack/lab-env`, 'title')} diagnosis is ${utilities.colorize(`outdated`, 'warning')}.\n\nRun ${utilities.colorize(`fw diagnose`, 'success')} to reconfigure.`);
+    }
+}
+
+try{
+    branch = process.env.BRANCH || process.env.CI_COMMIT_REF_NAME || require('git-branch').sync();
+} catch(e){
+    branch = 'unknown';
+}
+
 try{
     repo = execSync('basename "$(git rev-parse --show-toplevel)"', {encoding: 'utf8', stdio: 'pipe'}).trim() || path.basename(process.cwd());
 } catch(e){
@@ -110,9 +137,12 @@ try{
 }
 
 module.exports = {
+    config,
+    diagnosis,
     services,
     platform,
     repo,
+    branch,
     repo_safe: repo.replace(/\./g, ''),
     pkg,
     docker,

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@fishawack/lab-env",
-  "version": "2.1.0",
+  "version": "3.1.0",
   "description": "Docker manager for FW",
   "main": "cli.js",
   "scripts": {
-    "test": "rm -rf _Test/_fixtures && mkdir _Test/_fixtures && mocha _Test/*.js --timeout 120s --bail",
+    "test": "rm -rf _Test/_fixtures/boilerplate*; mocha _Test/*.js --timeout 1200s --bail",
     "preversion": "npm test",
     "postversion": "git push && git push --tags && npm publish",
     "postpublish": "git checkout development && git merge master && git push"
@@ -16,23 +16,34 @@
   "author": "",
   "license": "ISC",
   "homepage": "https://bitbucket.org/fishawackdigital/lab-env#readme",
+  "type": "commonjs",
   "bin": {
     "lab-env": "./cli.js",
     "fw": "./cli.js"
   },
   "dependencies": {
-    "axios": "0.21.1",
+    "@aws-sdk/client-cloudfront": "^3.141.0",
+    "@aws-sdk/client-iam": "^3.150.0",
+    "@aws-sdk/client-s3": "^3.141.0",
+    "axios": "^0.21.4",
     "chalk": "4.1.0",
+    "generate-password": "^1.7.0",
     "get-port": "5.1.1",
+    "git-branch": "^2.0.1",
     "glob": "7.1.7",
     "inquirer": "8.1.2",
     "ora": "5.4.1",
     "semver": "7.3.4",
-    "update-notifier": "5.1.0",
+    "update-notifier": "^6.0.2",
     "yargs": "16.2.0"
   },
   "devDependencies": {
     "chai": "4.3.4",
-    "mocha": "9.1.2"
+    "mocha": "^9.2.2",
+    "node-fetch": "^3.2.10"
+  },
+  "engines": {
+    "npm": ">=8",
+    "node": ">=18"
   }
 }