npm - @fishawack/lab-env - Versions diffs - 4.26.0 → 4.27.0 - Mend

@fishawack/lab-env 4.26.0 → 4.27.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/commands/create/services/aws/index.js CHANGED Viewed

@@ -1,12 +1,18 @@
-const { s3Safe } = require("../../libs/utilities.js");
+const md5 = require("apache-md5")
+const fs = require("fs-extra");
+const { nameSafe } = require("../../libs/utilities.js");
+const { eb } = require("../../libs/vars.js");
 module.exports.s3 = require("./s3.js");
 module.exports.cloudfront = require("./cloudfront.js");
 module.exports.iam = require("./iam.js");
+module.exports.elasticbeanstalk = require("./elasticbeanstalk.js");
+module.exports.ec2 = require("./ec2.js");
-module.exports.slug = (repo, client, branch) => s3Safe(`${branch}-${repo}-${client}`);
+module.exports.slug = (repo, client, branch, service = "s3") => nameSafe(`${branch}-${repo}-${client}`, service);
-module.exports.clients = ['fishawack', 'abbvie', 'sanofigenzyme', 'gsk', 'janssen', 'astrazeneca', 'ptc', 'jazz', 'pfizer', 'heron', 'novartis', 'training', 'merck', 'acadia', 'travere', 'roche', 'utc', 'bayer', 'alcon', 'uhc', 'chiesi', '3m', 'sarepta', 'ipsen', 'novocure', 'anthem', 'kyowakirin', 'optum', 'rally', 'menarini', 'childrensminnesota', 'gore', 'axogen', 'gedeonrichter'];
+module.exports.clients = ['fishawack', 'abbvie', 'sanofigenzyme', 'gsk', 'janssen', 'astrazeneca', 'ptc', 'jazz', 'pfizer', 'heron', 'novartis', 'training', 'merck', 'acadia', 'travere', 'roche', 'utc', 'bayer', 'alcon', 'uhc', 'chiesi', '3m', 'sarepta', 'ipsen', 'novocure', 'anthem', 'kyowakirin', 'optum', 'rally', 'menarini', 'childrensminnesota', 'gore', 'axogen', 'gedeonrichter', 'relievantmedsystems', 'gilead'];
 module.exports.static = async (name, account, tags = [], credentials = []) => {
     let s3 = await module.exports.s3.createS3Bucket(name, account, tags);
@@ -24,4 +30,93 @@ module.exports.static = async (name, account, tags = [], credentials = []) => {
     };
     return config;
+}
+module.exports.staticTerminate = async (name, account, repo, branch, id) => {
+    try { await module.exports.s3.emptyS3Bucket(name, account); } catch(e) {}
+    try { await module.exports.s3.removeS3Bucket(name, account); } catch(e) {}
+    try { await module.exports.cloudfront.removeCloudFrontDistribution(id, account); } catch(e) {}
+    try { await module.exports.cloudfront.removeCloudFrontFunction(name, account); } catch(e) {}
+}
+module.exports.fullstack = async (name, account, tags = [], credentials = [], repo, branch, framework, availability) => {
+    const { platform, language } = eb.configurations[framework];
+    const s3Slug = module.exports.slug(repo, account, branch, "s3");
+    await module.exports.iam.createIAMUser(s3Slug, account, tags);
+    await module.exports.iam.attachIAMPolicy(s3Slug, account, 'arn:aws:iam::aws:policy/AmazonS3FullAccess');
+    const { AccessKey: { AccessKeyId }, AccessKey: { SecretAccessKey } } = await module.exports.iam.createAccessKey(s3Slug, account);
+    await module.exports.s3.createS3Bucket(s3Slug, account, tags, false, "BucketOwnerPreferred");
+    await module.exports.iam.ensureEBInstanceProfileExists(account);
+    try { await module.exports.elasticbeanstalk.createElasticBeanstalkApplication(repo, account); } catch (e) {}
+    let hasKeyPair = false;
+    try { await module.exports.ec2.getKeyPair("id_rsa_prev", account); hasKeyPair = true; } catch(e) {};
+    // LetsEncrypt CN records are limited to 64 chars so use only the hash from the generated name
+    const CNAMEPrefix = `fw-auto-${name.split('-')[name.split('-').length - 1]}`;
+    process.env.DOMAIN_LINK = `${CNAMEPrefix}.${process.env.AWS_REGION}.elasticbeanstalk.com`;
+    const OptionSettings = eb.merge("environments", {framework, availability, platform, language}, {s3Slug, AccessKeyId, SecretAccessKey});
+    if(hasKeyPair){
+        OptionSettings.push({
+            OptionName: 'EC2KeyName',
+            Value: 'id_rsa_prev',
+            Namespace: 'aws:autoscaling:launchconfiguration'
+        });
+    }
+    const environment = await module.exports.elasticbeanstalk.createElasticBeanstalkEnvironment(name, account, repo, OptionSettings, CNAMEPrefix, tags);
+    const configurations = eb.merge("configurations", {framework, availability, platform, language});
+    if(credentials.length){
+        configurations.push(`.platform/${platform}/conf.d/elasticbeanstalk/${platform === "httpd" ? `z-${framework}-` : ''}htpasswd.conf`);
+        fs.outputFileSync(`.platform/${platform}/conf.d/elasticbeanstalk/.htpasswd-${branch}`, credentials.map(d => `${d.username}:${md5(d.password)}`).join('\n'));
+    }
+    await module.exports.elasticbeanstalk.copyElasticBeanstalkConfigs(configurations);
+    if(credentials.length){
+        configurations.push(`.platform/${platform}/conf.d/elasticbeanstalk/.htpasswd-${branch}`);
+    }
+    let config = {
+        "url": `https://${environment.CNAME}`,
+        "environment": environment.EnvironmentName,
+        "paths": configurations.map(d => {
+            const obj = { "src": d, "dest": d };
+            // Fix for core mistakenly mapping .htpasswd to directory
+            if(d.includes(`.htpasswd-${branch}`)){
+                obj.file = true;
+                obj.dest = d.split(`-${branch}`)[0];
+            }
+            return obj;
+        })
+    };
+    return config;
+}
+module.exports.fullstackTerminate = async (name, account, repo, branch) => {
+    const s3Slug = module.exports.slug(repo, account, branch, "s3");
+    try { await module.exports.iam.removeIAMUser(s3Slug, account); } catch(e) {}
+    try { await module.exports.s3.emptyS3Bucket(s3Slug, account); } catch(e) {}
+    try { await module.exports.s3.removeS3Bucket(s3Slug, account); } catch(e) {}
+    try { await module.exports.elasticbeanstalk.removeElasticBeanstalkEnvironment(name, account); } catch(e) {}
+    try { await module.exports.elasticbeanstalk.removeElasticBeanstalkApplication(repo, account); } catch(e) {}
 }

package/commands/create/services/aws/misc.js CHANGED Viewed

@@ -1,8 +1,10 @@
 module.exports.createClient = (client, account, region = 'us-east-1') => {
     delete process.env.AWS_PROFILE;
+    delete process.env.AWS_REGION;
     if(account){
         process.env.AWS_PROFILE = account;
+        process.env.AWS_REGION = region;
     }
     return new client({ region });

package/commands/create/services/aws/s3.js CHANGED Viewed

@@ -1,19 +1,19 @@
-const { S3Client, CreateBucketCommand, DeleteBucketCommand, ListBucketsCommand, PutPublicAccessBlockCommand, PutBucketTaggingCommand, PutBucketPolicyCommand, PutObjectCommand, DeleteObjectCommand } = require("@aws-sdk/client-s3");
+const { S3Client, CreateBucketCommand, DeleteBucketCommand, ListBucketsCommand, ListObjectsV2Command, PutPublicAccessBlockCommand, PutBucketTaggingCommand, PutBucketPolicyCommand, PutObjectCommand, DeleteObjectCommand, DeleteObjectsCommand } = require("@aws-sdk/client-s3");
 const { Spinner } = require('../../libs/utilities');
 const { createClient } = require('./misc.js');
-module.exports.createS3Bucket = async (bucket, account, tags = []) => {
+module.exports.createS3Bucket = async (bucket, account, tags = [], blockAccess = true, ObjectOwnership = "BucketOwnerEnforced") => {
     const client = createClient(S3Client, account);
     let res = await Spinner.prototype.simple(`Creating s3 bucket ${bucket}`, () => {
         return client.send(
-            new CreateBucketCommand({ Bucket: bucket })
+            new CreateBucketCommand({ Bucket: bucket, ObjectOwnership })
         );
     });
-    await Spinner.prototype.simple(`Blocking all public access to s3 bucket`, () => {
+    await Spinner.prototype.simple(`${blockAccess ? 'Blocking' : 'Allowing'} all public access to s3 bucket`, () => {
         return client.send(
-            new PutPublicAccessBlockCommand({ Bucket: bucket, PublicAccessBlockConfiguration: { BlockPublicAcls: true, BlockPublicPolicy: true, IgnorePublicAcls: true, RestrictPublicBuckets: true } })
+            new PutPublicAccessBlockCommand({ Bucket: bucket, PublicAccessBlockConfiguration: { BlockPublicAcls: blockAccess, BlockPublicPolicy: blockAccess, IgnorePublicAcls: blockAccess, RestrictPublicBuckets: blockAccess } })
         );
     });
@@ -106,4 +106,47 @@ module.exports.removeFileToS3Bucket = async (bucket, account, filepath) => {
     });
     return res;
+}
+module.exports.emptyS3Bucket = async (bucket, account) => {
+    const client = createClient(S3Client, account);
+    await Spinner.prototype.simple(`Emptying s3 bucket`, () => {
+        return new Promise(async (resolve, reject) => {
+            try {
+                let ContinuationToken = null;
+                do {
+                    let list = await client.send(
+                        new ListObjectsV2Command({
+                            Bucket: bucket,
+                            ContinuationToken
+                        })
+                    );
+                    if (list.KeyCount) {
+                        let deleted = await client.send(
+                            new DeleteObjectsCommand({
+                                Bucket: bucket,
+                                Delete: {
+                                    Objects: list.Contents.map((item) => ({ Key: item.Key })),
+                                    Quiet: false,
+                                },
+                            })
+                        );
+                        if (deleted.Errors) {
+                            deleted.Errors.map((error) => console.log(`${error.Key} could not be deleted - ${error.Code}`));
+                        }
+                    }
+                    ContinuationToken = list.NextContinuationToken;
+                } while (ContinuationToken)
+                resolve();
+            } catch (e){
+                reject(e);
+            }
+        });
+    });
 }

package/commands/create/services/email.js CHANGED Viewed

@@ -1,37 +1,22 @@
 const nodemailer = require("nodemailer");
 const { misc } = require('../libs/vars');
-module.exports.send = async (to, subject, html, text, test = false, from = `digitalautomation@fishawack.com`) => {
-    let transporter = await module.exports.transport(test);
-    let info = await transporter.sendMail({
-        from,
-        to,
-        subject,
-        html,
-        text
-    });
-    if(test){
-        console.log("Preview URL: %s", nodemailer.getTestMessageUrl(info));
-    }
-    return info;
-};
-module.exports.transport = async (test = false) => {
-    let username = misc?.nodemailer?.office365.username;
-    let password = misc?.nodemailer?.office365.password;
+module.exports.send = async (to, subject, html, text, test = false) => {
+    const { nodemailer: _nodemailer } = misc || {};
+    const { driver, from } = _nodemailer;
+    const mailer = _nodemailer[driver] || _nodemailer;
+    let { username, password, host } = mailer;
     if(test){
         let testAccount = await nodemailer.createTestAccount();
         username = testAccount.user;
         password = testAccount.pass;
+        host = 'smtp.ethereal.email';
     }
     let transporter = nodemailer.createTransport({
-        host: test ? 'smtp.ethereal.email' : 'smtp.office365.com',
+        host,
         port: 587,
         secure: false,
         auth: {
@@ -40,5 +25,17 @@ module.exports.transport = async (test = false) => {
         },
     });
-    return transporter;
+    let info = await transporter.sendMail({
+        from,
+        to,
+        subject,
+        html,
+        text
+    });
+    if(test){
+        console.log("Preview URL: %s", nodemailer.getTestMessageUrl(info));
+    }
+    return info;
 };

package/commands/create/templates/elasticbeanstalk/.ebextensions/{apache → httpd}/auto-ssl.config RENAMED Viewed

@@ -1,9 +1,23 @@
 files:
-  /etc/cron.d/certbot_renew:
-    content: "@weekly root certbot renew\n"
+  "/usr/local/bin/certbot_renew_cron.sh":
+    mode: "000755"
+    owner: root
     group: root
+    content: |
+      #!/bin/bash
+      certbot renew
+  "/etc/cron.d/certbot_renew_cron":
     mode: "000644"
     owner: root
+    group: root
+    content: |
+      0 0 * * * root bash -l /usr/local/bin/certbot_renew_cron.sh >> /var/log/certbot_renew_cron.log 2>&1
+commands:
+  rm_old_cron:
+    command: "rm -f /etc/cron.d/certbot_renew_cron.bak"
+    ignoreErrors: true
 container_commands:
   10_downloadepel:
@@ -15,10 +29,8 @@ container_commands:
   40_installcertbot:
     command: "yum install -y certbot"
   50_getcert:
-    command: "certbot certonly --debug --non-interactive --email ${EMAIL_LINK} --agree-tos --standalone --expand --domains ${DOMAIN_LINK} --keep-until-expiring --pre-hook \"service httpd stop\""
+    command: "certbot certonly --debug --non-interactive --email ${EMAIL_LINK} --agree-tos --standalone --expand --domains ${DOMAIN_LINK} --keep-until-expiring --pre-hook \"service httpd stop\" --post-hook \"service httpd restart\""
   60_link:
     command: "ln -sf /etc/letsencrypt/live/$(echo ${DOMAIN_LINK} | cut -d, -f1) /etc/letsencrypt/live/ebcert"
-  70_startserver:
-    command: "service httpd start"
-  80_cleanup:
+  70_cleanup:
     command: "rm -rf dl.fedoraproject.org"

package/commands/create/templates/elasticbeanstalk/.ebextensions/laravel/software.config CHANGED Viewed

@@ -2,15 +2,4 @@ option_settings:
   aws:elasticbeanstalk:container:php:phpini:
     document_root: /public
   aws:elasticbeanstalk:environment:proxy:
-    ProxyServer: nginx
-files:
-  "/etc/php.d/custom.ini":
-    mode: "000755"
-    owner: root
-    group: root
-    content: |
-      memory_limit = 500M
-      upload_max_filesize = 500M
-      post_max_size = 500M
-      max_execution_time = 600
+    ProxyServer: nginx

package/commands/create/templates/elasticbeanstalk/.ebextensions/misc/enable-https-lb.config ADDED Viewed

@@ -0,0 +1,9 @@
+Resources:
+  sslSecurityGroupIngress:
+    Type: AWS::EC2::SecurityGroupIngress
+    Properties:
+      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
+      IpProtocol: tcp
+      ToPort: 443
+      FromPort: 443
+      SourceSecurityGroupId: {"Fn::GetAtt" : ["AWSEBLoadBalancerSecurityGroup" , "GroupId"]}

package/commands/create/templates/elasticbeanstalk/.ebextensions/misc/s3-env.config ADDED Viewed

@@ -0,0 +1,41 @@
+Resources:
+  AWSEBAutoScalingGroup:
+    Metadata:
+      AWS::ElasticBeanstalk::Ext:
+        _ContainerConfigFileContent:
+          plugins:
+            s3env:
+              description: Environment variables loaded from s3
+              env: {}
+      AWS::CloudFormation::Authentication:
+        S3Auth:
+          type: "s3"
+          buckets: ["elasticbeanstalk-us-east-1-549109292206"]
+          roleName:
+            "Fn::GetOptionSetting":
+              Namespace: "aws:autoscaling:launchconfiguration"
+              OptionName: "IamInstanceProfile"
+              DefaultValue: "aws-elasticbeanstalk-ec2-role"
+files:
+  "/home/ec2-user/.env":
+    mode: "000400"
+    owner: root
+    group: root
+    authentication: "S3Auth"
+    source: https://elasticbeanstalk-us-east-1-549109292206.s3.amazonaws.com/.env
+commands:
+  s3env_commands:
+    command: |
+      wget https://github.com/ko1nksm/shdotenv/releases/latest/download/shdotenv -O /home/ec2-user/shdotenv
+      chmod +x /home/ec2-user/shdotenv
+      jq --argjson S3ENV "$(sudo /home/ec2-user/shdotenv --env /home/ec2-user/.env --format json)" '.AsgResource."AWS::ElasticBeanstalk::Ext"._ContainerConfigFileContent.plugins.s3env.env += $S3ENV' /opt/elasticbeanstalk/deployment/cfn-metadata-cache.json > /home/ec2-user/cfn-metadata-cache.json
+      cp /home/ec2-user/cfn-metadata-cache.json /opt/elasticbeanstalk/deployment/cfn-metadata-cache.json
+container_commands:
+  s3env_container_commands:
+    command: cp /home/ec2-user/cfn-metadata-cache.json /opt/elasticbeanstalk/deployment/cfn-metadata-cache.json
+packages:
+  yum:
+    jq: []

package/commands/create/templates/elasticbeanstalk/.ebextensions/misc/setvars.config CHANGED Viewed

@@ -1,6 +1,12 @@
+option_settings:
+  - option_name: BASH_ENV
+    value: /etc/profile.d/sh.local
 commands:
   setvars:
-    command: /opt/elasticbeanstalk/bin/get-config environment | jq -r 'to_entries | .[] | "export \(.key)=\"\(.value)\""' > /etc/profile.d/sh.local
+    command: |
+      /opt/elasticbeanstalk/bin/get-config environment | jq -r "to_entries | .[] | \"export \(.key)='\(.value)'\"" > /etc/profile.d/sh.local
 packages:
   yum:
-    jq: []
+    jq: []

package/commands/create/templates/elasticbeanstalk/.ebextensions/nginx/alb-health.config ADDED Viewed

@@ -0,0 +1,28 @@
+###################################################################################################
+#### Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+####
+#### Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file
+#### except in compliance with the License. A copy of the License is located at
+####
+####     http://aws.amazon.com/apache2.0/
+####
+#### or in the "license" file accompanying this file. This file is distributed on an "AS IS"
+#### BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#### License for the specific language governing permissions and limitations under the License.
+###################################################################################################
+###################################################################################################
+#### This configuration file modifies the default port 80 listener attached to an Application Load Balancer
+#### to automatically redirect incoming connections on HTTP to HTTPS.
+#### This will not work with an environment using the load balancer type Classic or Network.
+#### A prerequisite is that the 443 listener has already been created.
+#### Please use the below link for more information about creating an Application Load Balancer on
+#### the Elastic Beanstalk console.
+#### https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-cfg-alb.html#environments-cfg-alb-console
+###################################################################################################
+Resources:
+ AWSEBV2LoadBalancerTargetGroup:
+  Type: AWS::ElasticLoadBalancingV2::TargetGroup
+  Properties:
+    HealthCheckPath: /health

package/commands/create/templates/elasticbeanstalk/.ebextensions/nginx/auto-ssl.config CHANGED Viewed

@@ -1,10 +1,24 @@
 files:
-  /etc/cron.d/certbot_renew:
-    content: "@weekly root certbot renew\n"
+  "/usr/local/bin/certbot_renew_cron.sh":
+    mode: "000755"
+    owner: root
     group: root
+    content: |
+      #!/bin/bash
+      certbot renew
+  "/etc/cron.d/certbot_renew_cron":
     mode: "000644"
     owner: root
+    group: root
+    content: |
+      0 0 * * * root bash -l /usr/local/bin/certbot_renew_cron.sh >> /var/log/certbot_renew_cron.log 2>&1
+commands:
+  rm_old_cron:
+    command: "rm -f /etc/cron.d/certbot_renew_cron.bak"
+    ignoreErrors: true
 container_commands:
   10_downloadepel:
     command: "wget -r --no-parent -A 'epel-release-*.rpm' https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/"
@@ -15,10 +29,8 @@ container_commands:
   40_installcertbot:
     command: "yum install -y certbot"
   50_getcert:
-    command: "certbot certonly --debug --non-interactive --email ${EMAIL_LINK} --agree-tos --standalone --expand --domains ${DOMAIN_LINK} --keep-until-expiring --pre-hook \"service nginx stop\""
+    command: "certbot certonly --debug --non-interactive --email ${EMAIL_LINK} --agree-tos --standalone --expand --domains ${DOMAIN_LINK} --keep-until-expiring --pre-hook \"service nginx stop\" --post-hook \"service nginx restart\""
   60_link:
     command: "ln -sf /etc/letsencrypt/live/$(echo ${DOMAIN_LINK} | cut -d, -f1) /etc/letsencrypt/live/ebcert"
-  70_startserver:
-    command: "service nginx start"
-  80_cleanup:
+  70_cleanup:
     command: "rm -rf dl.fedoraproject.org"

package/commands/create/templates/elasticbeanstalk/.ebextensions/wordpress/alb-health.config ADDED Viewed

@@ -0,0 +1,28 @@
+###################################################################################################
+#### Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+####
+#### Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file
+#### except in compliance with the License. A copy of the License is located at
+####
+####     http://aws.amazon.com/apache2.0/
+####
+#### or in the "license" file accompanying this file. This file is distributed on an "AS IS"
+#### BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#### License for the specific language governing permissions and limitations under the License.
+###################################################################################################
+###################################################################################################
+#### This configuration file modifies the default port 80 listener attached to an Application Load Balancer
+#### to automatically redirect incoming connections on HTTP to HTTPS.
+#### This will not work with an environment using the load balancer type Classic or Network.
+#### A prerequisite is that the 443 listener has already been created.
+#### Please use the below link for more information about creating an Application Load Balancer on
+#### the Elastic Beanstalk console.
+#### https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-cfg-alb.html#environments-cfg-alb-console
+###################################################################################################
+Resources:
+ AWSEBV2LoadBalancerTargetGroup:
+  Type: AWS::ElasticLoadBalancingV2::TargetGroup
+  Properties:
+    HealthCheckPath: /wp-content/themes/fishawack/health.html

package/commands/create/templates/elasticbeanstalk/.ebextensions/wordpress/cron.config ADDED Viewed

@@ -0,0 +1,42 @@
+files:
+  "/usr/local/bin/is_first_instance.sh":
+    mode: "000755"
+    owner: root
+    group: root
+    content: |
+      #!/bin/bash
+      INSTANCE_ID=`curl http://169.254.169.254/latest/meta-data/instance-id 2>/dev/null`
+      REGION=`curl -s http://169.254.169.254/latest/dynamic/instance-identity/document 2>/dev/null | jq -r .region`
+      # Find the Auto Scaling Group name from the Elastic Beanstalk environment
+      ASG=`aws ec2 describe-tags --filters "Name=resource-id,Values=$INSTANCE_ID" \
+          --region $REGION --output json | jq -r '.[][] | select(.Key=="aws:autoscaling:groupName") | .Value'`
+      # Find the first instance in the Auto Scaling Group
+      FIRST=`aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names $ASG \
+          --region $REGION --output json | \
+          jq -r '.AutoScalingGroups[].Instances[] | select(.LifecycleState=="InService") | .InstanceId' | sort | head -1`
+      # If the instance ids are the same exit 0
+      [ "$FIRST" = "$INSTANCE_ID" ]
+  "/usr/local/bin/wordpress_cron.sh":
+    mode: "000755"
+    owner: root
+    group: root
+    content: |
+      #!/bin/bash
+      /usr/local/bin/is_first_instance.sh || exit
+      cd /var/www/html && echo $(date -u) $(wp cron event run --due-now)
+  "/etc/cron.d/wordpress_cron":
+    mode: "000644"
+    owner: root
+    group: root
+    content: |
+      * * * * * root bash -l /usr/local/bin/wordpress_cron.sh >> /var/log/wordpress_cron.log 2>&1
+commands:
+  rm_old_cron:
+    command: "rm -f /etc/cron.d/wordpress_cron.bak"
+    ignoreErrors: true

package/commands/create/templates/elasticbeanstalk/.ebextensions/wordpress/environment.config CHANGED Viewed

@@ -1,3 +1,5 @@
 option_settings:
   - option_name: WP_CLI_ALLOW_ROOT
-    value: true
+    value: true
+  - option_name: PATH
+    value: "/var/app/staging/vendor/bin:/var/app/current/vendor/bin:$PATH"

package/commands/create/templates/elasticbeanstalk/.ebextensions/wordpress/post-deploy.config CHANGED Viewed

@@ -1,14 +1,17 @@
 container_commands:
   10-db-import:
-    command: if [ -f auto-ci-db.sql ]; then vendor/bin/wp db reset --yes; vendor/bin/wp db import auto-ci-db.sql; fi
+    command: if [ -f auto-ci-db.sql ]; then wp db reset --yes; wp db import auto-ci-db.sql; fi
     leader_only: true
   20-db-remove:
     command: "rm -rf auto-ci-db.sql"
-  30-cleanup-plugins:
-    command: "wp option update active_plugins {} --format=json"
-  40-activate-plugins:
+  30-activate-plugins:
     command: "wp plugin activate --all"
-  50-rewrite-flush:
-    command: "vendor/bin/wp rewrite flush --hard"
-  60-rewrite-flush:
-    command: "vendor/bin/wp cli cache clear"
+    leader_only: true
+    ignoreErrors: true
+  40-import-cpt:
+    command: "bash _Scripts/import-cpt.sh"
+    leader_only: true
+    ignoreErrors: true
+  50-clear-cache:
+    command: "wp cli cache clear"
+    ignoreErrors: true

package/commands/create/templates/elasticbeanstalk/.ebextensions/wordpress/software.config CHANGED Viewed

@@ -1,5 +1,3 @@
 option_settings:
   aws:elasticbeanstalk:container:php:phpini:
-    document_root: /wordpress
-  aws:elasticbeanstalk:environment:proxy:
-    ProxyServer: apache
+    document_root: /wordpress

package/commands/create/templates/elasticbeanstalk/.elasticbeanstalk/config.yml ADDED Viewed

@@ -0,0 +1,7 @@
+deploy:
+    artifact: _Zips/Deploy.zip
+global:
+    application_name: <%= REPO %>
+    default_region: <%= AWS_REGION %>
+    profile: <%= AWS_PROFILE %>
+    workspace_type: Application

package/commands/create/templates/elasticbeanstalk/.platform/confighooks/postdeploy/rewrite-flush.sh ADDED Viewed

@@ -0,0 +1,4 @@
+#!/bin/bash
+# Flush rewrites to recreate .htaccess files for existing permalink structure
+wp rewrite flush --hard || true

package/commands/create/templates/elasticbeanstalk/.platform/hooks/postdeploy/rewrite-flush.sh ADDED Viewed

@@ -0,0 +1,4 @@
+#!/bin/bash
+# Flush rewrites to recreate .htaccess files for existing permalink structure
+wp rewrite flush --hard || true

package/commands/create/templates/elasticbeanstalk/.platform/hooks/postdeploy/s3-env.sh ADDED Viewed

@@ -0,0 +1,7 @@
+#!/bin/bash
+echo "EnvironmentFile=/home/ec2-user/.env" >> /etc/systemd/system/php-fpm.service.d/php-fpm.conf
+systemctl daemon-reload
+service php-fpm restart

package/commands/create/templates/elasticbeanstalk/.platform/hooks/predeploy/deactivate-plugins-single.sh ADDED Viewed

@@ -0,0 +1,30 @@
+#!/bin/bash
+set -e
+# Exit out if no current folder exists as that means this is a brand new instance
+if [ ! -d "/var/app/current/" ]; then
+  echo "New instance - skipping as no existing web dir exists"
+  exit 0;
+fi
+# Get a list of plugins from the current dir and staging dir for comparison
+PREVPLUGINS=$(cd /var/app/current/; wp plugin list --fields=name --format=json) || echo "{}"
+CURRENTPLUGINS=$(cd /var/app/staging/; wp plugin list --fields=name --format=json) || echo "{}"
+# Loop through current plugins and check if they still exist in the staging dir - otherwise add them to the missing list
+MISSING=''
+for i in `echo $PREVPLUGINS | jq -rc '.[].name'`; do
+  if [ $(echo $CURRENTPLUGINS | jq -rc "any(.[]; .name == \"$i\")") == "false" ]; then
+      MISSING="${MISSING} $i"
+  fi
+done
+# Exit out if no missing plugins
+if [ -z "$MISSING" ]; then
+  echo "No missing plugins - skipping deactivation"
+  exit 0;
+fi
+# Deactivate missing plugins
+(cd /var/app/current/; wp plugin deactivate $MISSING)