@fishawack/lab-env 3.2.0 → 4.0.0

package/CHANGELOG.md

@@ -1,5 +1,11 @@
 ## Changelog
 
+### 4.0.0 (2022-09-12)
+* [Feature] Added new s3Safe repo to enforce safe s3 service names
+* [Feature] Added newly setup AWS accounts to the client prompts on `fw provision`
+* [Feature] key command can now send credentials via email
+* [Bug] deprov command now uses repo safe
+
 ### 3.2.0 (2022-09-12)
 * [Feature] Added newly setup AWS accounts to the client prompts on `fw provision`
 * [Change] Clients now listed in alphabetical order

package/_Test/email.js

@@ -0,0 +1,12 @@
+'use strict';
+
+const expect = require('chai').expect;
+const email = require("../commands/create/services/email.js");
+
+describe('email', async () => {
+    it('Should send email', async () => {
+        let info = await email.send('mike.mellor@fishawack.com', 'New AWS Keys', 'hello', null, true);
+
+        expect(info.response).to.contain('250');
+    });
+});

package/_Test/utilities.js

@@ -0,0 +1,40 @@
+'use strict';
+
+const expect = require('chai').expect;
+const { s3Safe } = require("../commands/create/libs/utilities.js");
+
+describe('utilities', async () => {
+    describe('s3Safe', () => {
+        it('Should enforce service name to be at least 3 chars', async () => {
+            expect(s3Safe('a').length).to.be.greaterThanOrEqual(3);
+        });
+
+        it('Should limit service name to 63 chars', async () => {
+            expect(s3Safe('a'.repeat(100)).length).to.be.lessThanOrEqual(63);
+        });
+    
+        it('Should remove any uppercase chars', async () => {
+            expect(/^[A-Z]*$/.test(s3Safe('TEST'))).to.be.false;
+        });
+
+        it('Should convert . to -', async () => {
+            expect(s3Safe('...').match(/\./g)).to.be.null;
+        });
+
+        it('Should convert _ to -', async () => {
+            expect(s3Safe('___').match(/\_/g)).to.be.null;
+        });
+
+        it('Should start with a number or char', async () => {
+            expect(/[a-z0-9]/i.test(s3Safe('___').charAt(0))).to.be.true;
+        });
+
+        it('Should end with a number or char', async () => {
+            expect(/[a-z0-9]/i.test(s3Safe('___').charAt(s3Safe('___').length - 1))).to.be.true;
+        });
+
+        it('Should remove any special chars', async () => {
+            expect(s3Safe('!@#$%^&*()=_+;,./<>?~`|').match(/[\!\@\#\$\%\^\&\*\(\)\=\_\+\;\,\.\/\<\>\?\~\`\|]/g)).to.be.null;
+        });
+    })
+});

package/cli.js

@@ -11,9 +11,6 @@ const { hideBin } = require('yargs/helpers');
 
 const args = hideBin(process.argv);
 
-// Stop here if docker process not running and command isn't version or origin which don't require docker
-if(!_.services && !(args[0] === 'origin' || args[0] === '--version')) process.exit();
-
 (async () => {
     const updateNotifier = (await import('update-notifier')).default;
     const pkg = require('./package.json');

package/commands/create/cmds/deprovision.js

@@ -36,7 +36,7 @@ module.exports = [
             {
                 type: 'confirm',
                 name: 'check',
-                message: `Deprovisioning ${utilities.colorize(aws.slug(_.repo, answers.client, branch), 'error')} from ${utilities.colorize(answers.client, 'error')} AWS account, are you sure you want to continue?`,
+                message: `Deprovisioning ${utilities.colorize(aws.slug(_.repo_safe, answers.client, branch), 'error')} from ${utilities.colorize(answers.client, 'error')} AWS account, are you sure you want to continue?`,
                 default: false
             }
         ]);
@@ -45,10 +45,10 @@ module.exports = [
             process.exit(1);
         }
 
-        try { await aws.s3.removeS3Bucket(aws.slug(_.repo, answers.client, branch), answers.client); } catch(e) {}
+        try { await aws.s3.removeS3Bucket(aws.slug(_.repo_safe, answers.client, branch), answers.client); } catch(e) {}
         
         try { await aws.cloudfront.removeCloudFrontDistribution(answers.id, answers.client); } catch(e) {}
 
-        try { await aws.cloudfront.removeCloudFrontFunction(aws.slug(_.repo, answers.client, branch), answers.client); } catch(e) {}
+        try { await aws.cloudfront.removeCloudFrontFunction(aws.slug(_.repo_safe, answers.client, branch), answers.client); } catch(e) {}
     }
 ];

package/commands/create/cmds/key.js

@@ -2,6 +2,7 @@ const _ = require('../../../globals.js');
 const utilities = require('../libs/utilities');
 const inquirer = require('inquirer');
 const aws = require('../services/aws/index.js');
+const email = require('../services/email.js');
 
 module.exports = [
     'key',
@@ -10,6 +11,7 @@ module.exports = [
     async argv => {
         let users = [];
         let clients =  [];
+        let sendEmail = false;
 
         let answer = await inquirer.prompt([
             {
@@ -59,6 +61,17 @@ module.exports = [
             clients = answer.clients;
         }
 
+        answer = await inquirer.prompt([
+            {
+                type: 'confirm',
+                name: 'check',
+                message: `Would you like to email out the credentials after creation (requires office365 credentials in ~/targets/misc.json)?`,
+                default: 'Y'
+            }
+        ]);
+
+        sendEmail = answer.check
+
         let credentials = {};
 
         for(let i = 0; i < clients.length; i++){
@@ -84,10 +97,17 @@ module.exports = [
 
         for(var user in credentials){
             output += utilities.colorize(`\n${user}\n`, 'title');
+
+            let outputUser = '';
             for(var client in credentials[user]){
-                output += `\n[${client}]\n`;
-                output += `aws_access_key_id = ${credentials[user][client].key}\n`;
-                output += `aws_secret_access_key = ${credentials[user][client].secret}\n`;
+                outputUser += `\n[${client}]\n`;
+                outputUser += `aws_access_key_id = ${credentials[user][client].key}\n`;
+                outputUser += `aws_secret_access_key = ${credentials[user][client].secret}\n`;
+            }
+            output += outputUser;
+
+            if(sendEmail){
+                await email.send(_.config.users.find(d => d.username === user).email, 'New AWS Keys', null, outputUser);
             }
         }
 

package/commands/create/cmds/provision.js

@@ -94,7 +94,7 @@ module.exports = [
         let infastructure;
         
         try{
-            infastructure = await aws.static(aws.slug(_.repo, answers.client, branch), answers.client, [{Key: 'repository', Value: _.repo}, {Key: 'environment', Value: branch}], credentials);
+            infastructure = await aws.static(aws.slug(_.repo_safe, answers.client, branch), answers.client, [{Key: 'repository', Value: _.repo}, {Key: 'environment', Value: branch}], credentials);
         } catch(e){
             console.log(e.message);
             process.exit(1);

package/commands/create/libs/utilities.js

@@ -1,5 +1,6 @@
 const chalk = require('chalk');
 const ora = require('ora');
+const crypto = require('crypto');
 
 // Text
 module.exports.capitalize = str => str.charAt(0).toUpperCase() + str.slice(1);
@@ -96,4 +97,21 @@ module.exports.encode = (username, password) => {
         "Content-Type": "application/json",
         "Authorization": `Basic ${base64data}`
     };
+}
+
+module.exports.s3Safe = (name) => {
+    let safe = name;
+    let hash = crypto.createHash('md5').update(name).digest('hex');
+    let suffix = `-${hash.substring(0, 8)}`;
+    let prefix = 'fw-auto-';
+    
+    safe = safe.substring(0, (63 - suffix.length - prefix.length));
+    safe = safe.replace(/[^a-zA-Z0-9-_. ]/g, ""); // Remove special chars except . _ - as these are all transformed into -
+    safe = safe.toLowerCase();
+    safe = `${prefix}${safe}`;
+    safe = `${safe}${suffix}`;
+    safe = safe.replace(/\./g, '-');
+    safe = safe.replace(/\_/g, '-');
+
+    return safe;
 }

package/commands/create/services/aws/index.js

@@ -1,10 +1,12 @@
+const { s3Safe } = require("../../libs/utilities.js");
+
 module.exports.s3 = require("./s3.js");
 module.exports.cloudfront = require("./cloudfront.js");
 module.exports.iam = require("./iam.js");
 
-module.exports.slug = (repo, client, branch) => `fw-auto-${client}-${repo}-${branch}`;
+module.exports.slug = (repo, client, branch) => s3Safe(`${branch}-${repo}-${client}`);
 
-module.exports.clients = ['fishawack', 'abbvie', 'sanofigenzyme', 'gsk', 'janssen', 'astrazeneca', 'ptc', 'jazz', 'pfizer', 'heron', 'novartis', 'training', 'merck', 'acadia', 'travere'];
+module.exports.clients = ['fishawack', 'abbvie', 'sanofigenzyme', 'gsk', 'janssen', 'astrazeneca', 'ptc', 'jazz', 'pfizer', 'heron', 'novartis', 'training', 'merck', 'acadia', 'travere', 'roche', 'utc', 'bayer', 'alcon'];
 
 module.exports.static = async (name, account, tags = [], credentials = []) => {
     let s3 = await module.exports.s3.createS3Bucket(name, account, tags);

package/commands/create/services/email.js

@@ -0,0 +1,44 @@
+const nodemailer = require("nodemailer");
+const { misc } = require('../libs/vars');
+
+module.exports.send = async (to, subject, html, text, test = false, from = `digitalautomation@fishawack.com`) => {
+    let transporter = await module.exports.transport(test);
+
+    let info = await transporter.sendMail({
+        from,
+        to,
+        subject,
+        html,
+        text
+    });
+
+    if(test){
+        console.log("Preview URL: %s", nodemailer.getTestMessageUrl(info));
+    }
+
+    return info;
+};
+
+module.exports.transport = async (test = false) => {
+    let username = misc?.nodemailer?.office365.username;
+    let password = misc?.nodemailer?.office365.password;
+    
+    if(test){
+        let testAccount = await nodemailer.createTestAccount();
+
+        username = testAccount.user;
+        password = testAccount.pass;
+    }
+    
+    let transporter = nodemailer.createTransport({
+        host: test ? 'smtp.ethereal.email' : 'smtp.office365.com',
+        port: 587,
+        secure: false,
+        auth: {
+            user: username,
+            pass: password,
+        },
+    });
+
+    return transporter;
+};

package/globals.js

@@ -34,15 +34,6 @@ try{
     config = {};
 }
 
-if(args[0] !== 'diag' && args[0] !== 'diagnose'){
-    if(!config.diagnosis || semver.diff(config.diagnosis, diagnosis) === 'major'){
-        console.log(`${utilities.colorize(`@fishawack/lab-env`, 'title')} diagnosis is ${utilities.colorize(`outdated`, 'error')}.\n\nRun ${utilities.colorize(`fw diagnose`, 'success')} to reconfigure.`);
-        process.exit(1);
-    } else if(semver.diff(config.diagnosis, diagnosis) !== null){
-        console.log(`${utilities.colorize(`@fishawack/lab-env`, 'title')} diagnosis is ${utilities.colorize(`outdated`, 'warning')}.\n\nRun ${utilities.colorize(`fw diagnose`, 'success')} to reconfigure.`);
-    }
-}
-
 try{
     branch = process.env.BRANCH || process.env.CI_COMMIT_REF_NAME || require('git-branch').sync();
 } catch(e){
@@ -132,8 +123,22 @@ try{
     exec = `exec ${process.env.CI_BUILD_ID ? '-T' : ''}`;
     method = running ? exec : 'run --rm --service-ports';
     run = `${method} core bash -l`;
-} catch(e){
-    console.log("Docker does not appear to be running...");
+} catch(e){}
+
+// Always allow diagnose, diag, version, help and origin through
+if(args[0] !== 'diag' && args[0] !== 'diagnose' && args[0] !== 'origin' && args[0] !== '--version' && args[0] !== '--help'){
+    // Stop here if diagnosis either unset or outdated
+    if(!config.diagnosis || semver.diff(config.diagnosis, diagnosis) === 'major'){
+        console.log(`${utilities.colorize(`@fishawack/lab-env`, 'title')} diagnosis is ${utilities.colorize(`outdated`, 'error')}.\n\nRun ${utilities.colorize(`fw diagnose`, 'success')} to reconfigure.`);
+        process.exit(1);
+    // Warn if diagnosis only minor/patch outdated
+    } else if(semver.diff(config.diagnosis, diagnosis) !== null){
+        console.log(`${utilities.colorize(`@fishawack/lab-env`, 'title')} diagnosis is ${utilities.colorize(`outdated`, 'warning')}.\n\nRun ${utilities.colorize(`fw diagnose`, 'success')} to reconfigure.`);
+    // Stop here if docker process not running
+    } else if(!services) {
+        console.log(`${utilities.colorize(`Docker`, 'info')} does not appear to be running...`);
+        process.exit();
+    }
 }
 
 module.exports = {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fishawack/lab-env",
-  "version": "3.2.0",
+  "version": "4.0.0",
   "description": "Docker manager for FW",
   "main": "cli.js",
   "scripts": {
@@ -32,6 +32,7 @@
     "git-branch": "^2.0.1",
     "glob": "7.1.7",
     "inquirer": "8.1.2",
+    "nodemailer": "^6.7.8",
     "ora": "5.4.1",
     "semver": "7.3.4",
     "update-notifier": "^6.0.2",