@fishawack/lab-env 4.34.0 → 4.35.1

package/.gitmodules

@@ -0,0 +1,3 @@
+[submodule "core/1"]
+	path = core/1
+	url = git@bitbucket.org:fishawackdigital/lab-env-core-1

package/CHANGELOG.md

@@ -1,5 +1,40 @@
 ## Changelog
 
+### 4.35.1 (2024-10-02)
+
+#### Build Updates
+
+* added setup script that inits submodules ([cdb1415](https://bitbucket.org/fishawackdigital/lab-env/commits/cdb14156ae73ef188d804ce84a5900f74d964e55))
+* Bumped lab-env-core-1 ([9fbdae6](https://bitbucket.org/fishawackdigital/lab-env/commits/9fbdae666f9c70ca82ca891c1027413415b8caac))
+* commit and open pull request against aws-runner on publish" ([174cb20](https://bitbucket.org/fishawackdigital/lab-env/commits/174cb2031dac53121e11c237cd3ddf54d93b6744))
+* escape quote in include check ([658f4ba](https://bitbucket.org/fishawackdigital/lab-env/commits/658f4ba6dadd217ce07486f1165a2a312892f7df))
+* exit early if semantic release doesnt publish anything ([99c7b9f](https://bitbucket.org/fishawackdigital/lab-env/commits/99c7b9fb13b55713fb4f522e08d98c778376fc9b))
+* installed core/1 as a submodule ([f40ad71](https://bitbucket.org/fishawackdigital/lab-env/commits/f40ad711acab83c29b30c3817c0731a956f44abb))
+* publish on more commit types ([4b8ac27](https://bitbucket.org/fishawackdigital/lab-env/commits/4b8ac2725d1a218c516682ec727ce869ddde1237))
+* remove core/1 from repo ([35e96ce](https://bitbucket.org/fishawackdigital/lab-env/commits/35e96ce7ea4723cdf5b144ce28f219b0ce4ca040))
+* use setup script instead of ci directly ([4e2464c](https://bitbucket.org/fishawackdigital/lab-env/commits/4e2464c6d0fd545a2fe4d91821ff56715a6816d6))
+
+### 4.35.0 (2024-09-26)
+
+#### Features
+
+* added new mtpa client ([dce9679](https://bitbucket.org/fishawackdigital/lab-env/commits/dce96797ebdfd722b8094bca01d38866fd762a54))
+* re-provisioned static sites now ensure all cloudfront functions are set ([5ac017b](https://bitbucket.org/fishawackdigital/lab-env/commits/5ac017bb727bb80cffe545973fd6ffb61d17217b))
+* support provisioning adonis envs ([4d73174](https://bitbucket.org/fishawackdigital/lab-env/commits/4d731746ea6227c0241eb32d1c9002734800d31e))
+
+#### Bug Fixes
+
+* **adonis:** added port and log level to adonis provision command ([b5940b8](https://bitbucket.org/fishawackdigital/lab-env/commits/b5940b844b801cb9c7f2684b61bb6ba684237860))
+* dont create FW_DIR directories as they already exist in the image ([aa3c646](https://bitbucket.org/fishawackdigital/lab-env/commits/aa3c646014ca31f14c99138963e8922a47b19ac7))
+* egnyte check now correctly returns fail or pass result ([8e232ed](https://bitbucket.org/fishawackdigital/lab-env/commits/8e232edd658080ed83e5bb4699518fe741fd91be))
+* enforce lowercase repo names and start and end with digit or letter ([03c473e](https://bitbucket.org/fishawackdigital/lab-env/commits/03c473e1d569bce1792ef98ab23d68e84ba18c5f))
+* remove response cloudfront function on deprov ([8343740](https://bitbucket.org/fishawackdigital/lab-env/commits/83437405b7d7cb98f78ecbad8ea52becf0128cab))
+* set custom error response on re-provision command ([c162e4a](https://bitbucket.org/fishawackdigital/lab-env/commits/c162e4a016ced36586eb828cea6be1d5ede925fa))
+* set FW_DIR to aws runner home and test mail ([b085d9e](https://bitbucket.org/fishawackdigital/lab-env/commits/b085d9ee2a474095131b182134358b3180e03818))
+* static sites now attach response function with security headers ([28e192d](https://bitbucket.org/fishawackdigital/lab-env/commits/28e192d6fbc5ccf64560b1be15aa5e2b527ba345))
+* use consistent bitbucket pipeline as standard projects ([8b19b1c](https://bitbucket.org/fishawackdigital/lab-env/commits/8b19b1cf224b1ae7606f1d43b1ca4a17f9c88ebf))
+* use slug and nameSafe to response cloudfront response ([28e30eb](https://bitbucket.org/fishawackdigital/lab-env/commits/28e30ebb35df8bbd96300f090f4deeffce5d13a0))
+
 ### 4.34.0 (2024-08-21)
 * [Feature] enable pipelines by default when running new command
 * [Bug] limit elasticsearch memory size so it doesnt attempt to take up all the space
@@ -644,4 +679,4 @@
 * [Docs] Added readme and changelog to repo
 
 ### 0.0.1 (2021-01-11)
-* [Misc] Initial release
+* [Misc] Initial release

package/bitbucket-pipelines.yml

@@ -0,0 +1,97 @@
+definitions:
+  services:
+    docker:
+      image: docker:dind
+      memory: 12288
+
+pipelines:
+  default:
+    - step:
+        image: fishawack/aws-runner
+        runs-on:
+          - self.hosted
+          - linux
+          - production
+        size: 4x
+        script:
+          # Set global repository CI flags
+          - export BRANCH=$BITBUCKET_BRANCH REPO=$BITBUCKET_REPO_SLUG
+          # Set FW DIR to project repo as that's the only location that's mountable
+          - export FW_DIR=/home/aws-runner
+          # Fetch secure AWS credentials from workspace variables
+          - echo $AWS_CREDENTIALS | base64 -d > $FW_DIR/.aws/credentials
+          # Fetch secure Egnyte credentials from workspace variables
+          - echo $EGNYTE_CREDENTIALS | base64 -d > $FW_DIR/targets/ftp-fishawack.egnyte.com.json
+          # Fetch secure Mail credentials from workspace variables
+          - jq --argjson JSON "$(echo $MAIL_CREDENTIALS | base64 -d)" '. += $JSON' $FW_DIR/targets/misc.json > $FW_DIR/targets/_misc.json
+          # Copy new merged misc to final location
+          - cp $FW_DIR/targets/_misc.json $FW_DIR/targets/misc.json
+          # Enable FULL docker images
+          - export FW_FULL=1
+          # Own the git dir as aws-runner so that a non-root user id can be mapped to each container
+          - chown -R aws-runner:aws-runner . /build
+          # Write ssh config to aws-runner so any bitbucket pipeline keys can be used by the user
+          - cat ~/.ssh/config >> $FW_DIR/.ssh/config
+          # Copy ssh dir to project dir so lab-env has access to keys
+          - su aws-runner -c 'cp /build/*/ssh/* $FW_DIR/.ssh/'
+          # Start ssh agent and add all (if any) keys
+          - eval `ssh-agent` && ssh-add || true
+          # Own the .tmp folder as aws-runner so that a non-root user id can be mapped to each container
+          - chown -R aws-runner:aws-runner /tmp
+          # Install
+          - su aws-runner -c 'npm run setup'
+          # Test
+          - su aws-runner -c 'npm test'
+        services:
+          - docker
+  branches:
+    master:
+      - step:
+          image: fishawack/aws-runner
+          runs-on:
+            - self.hosted
+            - linux
+            - production
+          size: 4x
+          script:
+            # Install release deps
+            - npm install -g semantic-release@24 @semantic-release/changelog@6 @semantic-release/git@10 conventional-changelog-conventionalcommits@8
+            # Release version via node so can exit out when no release made
+            - |
+              node -e "const spawn = require('child_process').spawn('semantic-release', ['--repositoryUrl', 'https://$GIT_CREDENTIALS@bitbucket.org/$BITBUCKET_REPO_FULL_NAME'], { env: { ...process.env, FORCE_COLOR: true } }); spawn.stderr.on('data', d => process.stderr.write(d.toString())); spawn.stdout.on('data', d => {process.stdout.write(d.toString()); if(d.toString().includes('There are no relevant changes, so no new version is released.') || d.toString().includes('therefore a new version won\'t be published.')){process.exit(1);}})" || exit 0
+            # Sync development after publish
+            - git fetch origin "+refs/heads/*:refs/remotes/origin/*" && git checkout -b development origin/development && git merge master && git push origin development
+            # Commit and create pull request for new version on aws-runner repo
+            - git config --global user.email "digital@fishawack.com"
+            - git config --global user.name "Digital Fishawack"
+            - git clone https://$GIT_CREDENTIALS@bitbucket.org/fishawackdigital/aws-runner
+            - cd aws-runner
+            - git checkout -b "$BITBUCKET_REPO_SLUG-$BITBUCKET_COMMIT" origin/development
+            - sed -i -e "s/\(@fishawack\/lab-env@\).*/\1$(git ls-remote --tags --refs --sort="v:refname" https://$GIT_CREDENTIALS@bitbucket.org/$BITBUCKET_REPO_FULL_NAME | tail -n1 | sed 's/.*\///')/g" Dockerfile
+            - git add .
+            - |
+              git commit --allow-empty -m "build: Bumped $BITBUCKET_REPO_SLUG"
+            - git push origin "$BITBUCKET_REPO_SLUG-$BITBUCKET_COMMIT"
+            - |
+              curl https://api.bitbucket.org/2.0/repositories/fishawackdigital/aws-runner/pullrequests \
+                -u $GIT_CREDENTIALS \
+                --header 'Content-Type: application/json' \
+                --data "{
+                  \"title\": \"Bumped $BITBUCKET_REPO_SLUG\",
+                  \"destination\": {
+                    \"branch\": {
+                      \"name\": \"development\"
+                    }
+                  },
+                  \"source\": {
+                    \"branch\": {
+                      \"name\": \"$BITBUCKET_REPO_SLUG-$BITBUCKET_COMMIT\"
+                    }
+                  },
+                  \"reviewers\": [
+                      {
+                          \"uuid\": \"{2518e4c3-fc1d-4653-b355-c00be099ce6c}\"
+                      }
+                  ],
+                  \"close_source_branch\": true
+                }"

package/commands/create/cmds/new.js

@@ -35,7 +35,7 @@ module.exports = [
             name = `${template.prefix}-${name}`;
         }
         
-        if(/^[a-zA-Z0-9-_.]+$/.test(name)){
+        if(/^[a-z0-9][a-z0-9-_.]+[a-z0-9]$/.test(name)){
             // Create Remote Repositories
             if(!await bitbucket.exists(name)){
                 if(await bitbucket.exists(template.name)){
@@ -49,7 +49,7 @@ module.exports = [
                 }
             }
         } else {
-            console.log(utilities.colorize(`Repo name can contain only letters, digits, '_', '-' and '.'`, 'helper'));
+            console.log(utilities.colorize(`Repo names must contain only lowercase letters, decimal digits, dashes, and underscores, and must begin & end with a lowercase letter or decimal digit.`, 'helper'));
         }
     }
 ];

package/commands/create/libs/vars.js

@@ -263,6 +263,36 @@ module.exports.eb = {
                 { OptionName: 'SESSION_SECURE_COOKIE', Value: "true", Namespace: 'aws:elasticbeanstalk:application:environment' },
             ]
         },
+        adonis: {
+            shared: [
+                {
+                    OptionName: 'NODE_ENV',
+                    Value: 'production',
+                    Namespace: 'aws:elasticbeanstalk:application:environment'
+                },
+                {
+                    OptionName: 'APP_KEY',
+                    Value: `base64:${Buffer.from(generator.generate({ length: 32, numbers: true, symbols: true })).toString('base64')}`,
+                    Namespace: 'aws:elasticbeanstalk:application:environment'
+                },
+                {
+                    OptionName: 'APP_URL',
+                    Value: 'https://<%= DOMAIN_LINK %>',
+                    Namespace: 'aws:elasticbeanstalk:application:environment'
+                },
+                { OptionName: 'SESSION_DRIVER', Value: "cookie", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'AWS_BUCKET', Value: "<%= s3Slug %>", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'AWS_DEFAULT_REGION', Value: "<%= AWS_REGION %>", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'AWS_ACCESS_KEY_ID', Value: "<%= AccessKeyId %>", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'AWS_SECRET_ACCESS_KEY', Value: "<%= SecretAccessKey %>", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'FILESYSTEM_DISK', Value: "s3", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'FILESYSTEM_DISK_PUBLIC', Value: "s3-public", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'PORT', Value: "3333", Namespace: 'aws:elasticbeanstalk:application:environment' },
+                { OptionName: 'LOG_LEVEL', Value: "info", Namespace: 'aws:elasticbeanstalk:application:environment' },
+            ],
+            low: [],
+            high: []
+        },
         drupal: {
             shared: [],
             low: [],
@@ -428,6 +458,13 @@ module.exports.eb = {
             low: [],
             high: [],
         },
+        adonis: {
+            platform: "nginx",
+            language: "node",
+            shared: [],
+            low: [],
+            high: [],
+        },
         drupal: {
             platform: "httpd",
             language: "php",
@@ -461,4 +498,54 @@ module.exports.eb = {
     config(){
         return template(fs.readFileSync(`${__dirname}/../templates/elasticbeanstalk/.elasticbeanstalk/config.yml`, {encoding: 'utf8'}))(process.env);
     }
-};
+};
+
+// Cloudfront distribution config
+module.exports.cloudfront = (name, region, FunctionARNResponse, FunctionARNRequest, OAI) => ({
+    DistributionConfig: { 
+        Enabled: true,
+        CallerReference: name,
+        Comment: `lab-env provisioned CloudFront distribution for project ${name}`,
+        CustomErrorResponses: {
+            Items: [
+                {
+                    ErrorCachingMinTTL: 0,
+                    ErrorCode: 404,
+                    ResponseCode: 200,
+                    ResponsePagePath: '/index.html'
+                }
+            ],
+            Quantity: 1
+        },
+        DefaultCacheBehavior: { 
+            Compress: true,
+            TargetOriginId: `${name}.s3.${region}.amazonaws.com`,
+            ViewerProtocolPolicy: 'redirect-to-https',
+            CachePolicyId: '658327ea-f89d-4fab-a63d-7e88639e58f6', // Built in, Managed AWS Policy - Cache Optimized
+            FunctionAssociations: {
+                Items: [
+                    {
+                        EventType: 'viewer-response',
+                        FunctionARN: FunctionARNResponse
+                    }
+                ].concat(FunctionARNRequest ? {
+                    EventType: 'viewer-request',
+                    FunctionARN: FunctionARNRequest
+                } : []),
+                Quantity: 2
+            }
+        },
+        Origins: {
+            Items: [
+                {
+                    DomainName: `${name}.s3.${region}.amazonaws.com`,
+                    Id: `${name}.s3.${region}.amazonaws.com`,
+                    S3OriginConfig: {
+                        OriginAccessIdentity: `origin-access-identity/cloudfront/${OAI.CloudFrontOriginAccessIdentity.Id}`
+                    }
+                }
+            ],
+            Quantity: 1
+        }
+    },
+});

package/commands/create/services/aws/cloudfront.js

@@ -1,9 +1,11 @@
 const { CloudFrontClient, CreateDistributionWithTagsCommand, CreateCloudFrontOriginAccessIdentityCommand, DeleteDistributionCommand , DeleteCloudFrontOriginAccessIdentityCommand, GetDistributionCommand, UpdateDistributionCommand, GetCloudFrontOriginAccessIdentityCommand, CreateFunctionCommand, GetFunctionCommand, UpdateFunctionCommand, PublishFunctionCommand, DeleteFunctionCommand, DescribeFunctionCommand } = require("@aws-sdk/client-cloudfront");
 const fs = require('fs');
+const { merge } = require('lodash');
 const { Spinner, poll } = require('../../libs/utilities');
+const { cloudfront } = require('../../libs/vars');
 const { createClient } = require('./misc.js');
 
-module.exports.createCloudFrontDistribution = async (name, account, tags = [], FunctionARN = null, region = 'us-east-1') => {
+module.exports.createCloudFrontDistribution = async (name, account, tags = [], FunctionARNRequest = null, FunctionARNResponse = null, region = 'us-east-1') => {
     const client = createClient(CloudFrontClient, account, region);
 
     let OAI = await Spinner.prototype.simple(`Creating CloudFront OAI`, () => {
@@ -24,49 +26,7 @@ module.exports.createCloudFrontDistribution = async (name, account, tags = [], F
             return client.send(
                 new CreateDistributionWithTagsCommand({
                     DistributionConfigWithTags: {
-                        DistributionConfig: { 
-                            Enabled: true,
-                            CallerReference: name,
-                            Comment: `lab-env provisioned CloudFront distribution for project ${name}`,
-                            CustomErrorResponses: {
-                                Items: [
-                                    {
-                                        ErrorCachingMinTTL: 0,
-                                        ErrorCode: 404,
-                                        ResponseCode: 200,
-                                        ResponsePagePath: '/index.html'
-                                    }
-                                ],
-                                Quantity: 1
-                            },
-                            DefaultCacheBehavior: { 
-                                Compress: true,
-                                TargetOriginId: `${name}.s3.${region}.amazonaws.com`,
-                                ViewerProtocolPolicy: 'redirect-to-https',
-                                CachePolicyId: '658327ea-f89d-4fab-a63d-7e88639e58f6', // Built in, Managed AWS Policy - Cache Optimized
-                                FunctionAssociations: FunctionARN && {
-                                    Items: [
-                                        {
-                                            EventType: 'viewer-request',
-                                            FunctionARN
-                                        }
-                                    ],
-                                    Quantity: 1
-                                }
-                            },
-                            Origins: {
-                                Items: [
-                                    {
-                                        DomainName: `${name}.s3.${region}.amazonaws.com`,
-                                        Id: `${name}.s3.${region}.amazonaws.com`,
-                                        S3OriginConfig: {
-                                            OriginAccessIdentity: `origin-access-identity/cloudfront/${OAI.CloudFrontOriginAccessIdentity.Id}`
-                                        }
-                                    }
-                                ],
-                                Quantity: 1
-                            }
-                        },
+                        ...cloudfront(name, region, FunctionARNResponse, FunctionARNRequest, OAI),
                         Tags: {
                             Items: [{Key: 'client', Value: account}].concat(tags)
                         }
@@ -86,6 +46,18 @@ module.exports.createCloudFrontDistribution = async (name, account, tags = [], F
                 new GetDistributionCommand({ Id })
             );
         });
+
+        res = await Spinner.prototype.simple(`Ensuring CloudFront functions are applied to CloudFront distribution`, () => {
+            return client.send(
+                new UpdateDistributionCommand({ 
+                    ...merge(
+                        res.Distribution,
+                        cloudfront(name, region, FunctionARNResponse, FunctionARNRequest, OAI)
+                    ),
+                    IfMatch: res.ETag
+                })
+            );
+        });
     }
     
     return res;

package/commands/create/services/aws/elasticbeanstalk.js

@@ -17,7 +17,7 @@ module.exports.createElasticBeanstalkApplication = async (name, account) => {
     return res;
 }
 
-module.exports.createElasticBeanstalkEnvironment = async (name, account, ApplicationName, OptionSettings, CNAMEPrefix, tags = []) => {
+module.exports.createElasticBeanstalkEnvironment = async (name, account, {language}, ApplicationName, OptionSettings, CNAMEPrefix, tags = []) => {
     const client = createClient(ElasticBeanstalkClient, account);
 
     const solutions = await Spinner.prototype.simple(`Retrieving available solution stacks`, () => {
@@ -31,7 +31,9 @@ module.exports.createElasticBeanstalkEnvironment = async (name, account, Applica
             new CreateEnvironmentCommand({
                 ApplicationName,
                 EnvironmentName: name,
-                SolutionStackName: solutions.SolutionStacks.filter(d => d.includes('PHP 8.1') && d.includes('Amazon Linux 2 '))[0],
+                SolutionStackName: solutions.SolutionStacks.filter(d => {
+                    return language === "node" ? d.includes('Node.js 20') : d.includes('PHP 8.1') && d.includes('Amazon Linux 2 ') 
+                })[0],
                 OptionSettings,
                 CNAMEPrefix,
                 Tags: [{Key: 'client', Value: account}].concat(tags)

package/commands/create/services/aws/index.js

@@ -12,14 +12,30 @@ module.exports.ec2 = require("./ec2.js");
 
 module.exports.slug = (repo, client, branch, service = "s3") => nameSafe(`${branch}-${repo}-${client}`, service);
 
-module.exports.clients = ['fishawack', 'abbvie', 'sanofigenzyme', 'gsk', 'janssen', 'astrazeneca', 'ptc', 'jazz', 'pfizer', 'heron', 'novartis', 'training', 'merck', 'acadia', 'travere', 'roche', 'utc', 'bayer', 'alcon', 'uhc', 'chiesi', '3m', 'sarepta', 'ipsen', 'novocure', 'anthem', 'kyowakirin', 'optum', 'rally', 'menarini', 'childrensminnesota', 'gore', 'axogen', 'gedeonrichter', 'relievantmedsystems', 'gilead', 'alexion', 'insulet', 'danone'];
+module.exports.clients = ['fishawack', 'abbvie', 'sanofigenzyme', 'gsk', 'janssen', 'astrazeneca', 'ptc', 'jazz', 'pfizer', 'heron', 'novartis', 'training', 'merck', 'acadia', 'travere', 'roche', 'utc', 'bayer', 'alcon', 'uhc', 'chiesi', '3m', 'sarepta', 'ipsen', 'novocure', 'anthem', 'kyowakirin', 'optum', 'rally', 'menarini', 'childrensminnesota', 'gore', 'axogen', 'gedeonrichter', 'relievantmedsystems', 'gilead', 'alexion', 'insulet', 'danone', 'mtpa'];
 
-module.exports.static = async (name, account, tags = [], credentials = []) => {
+module.exports.static = async (name, account, tags = [], credentials = [], repo, branch) => {
     let s3 = await module.exports.s3.createS3Bucket(name, account, tags);
 
-    let cloudfrontFunction = await module.exports.cloudfront.createCloudFrontFunction(name, account, credentials.length ? 'aws-cloudfront-auth' : 'aws-cloudfront-simple', {credentials: credentials.map(d => `Basic ${Buffer.from(`${d.username}:${d.password}`).toString('base64')}`)});
-
-    let cloudfront = await module.exports.cloudfront.createCloudFrontDistribution(name, account, tags, cloudfrontFunction.FunctionSummary.FunctionMetadata.FunctionARN);
+    let cloudfront = await module.exports.cloudfront.createCloudFrontDistribution(
+        name,
+        account,
+        tags,
+        (await module.exports.cloudfront.createCloudFrontFunction(
+            name,
+            account,
+            credentials.length ? 'aws-cloudfront-auth' : 'aws-cloudfront-simple',
+            {
+                credentials: credentials.map(d => `Basic ${Buffer.from(`${d.username}:${d.password}`).toString('base64')}`)
+            }
+        )).FunctionSummary.FunctionMetadata.FunctionARN,
+        (await module.exports.cloudfront.createCloudFrontFunction(
+            module.exports.slug(`${repo}-response`, account, branch),
+            account,
+            'aws-cloudfront-response',
+            {}
+        )).FunctionSummary.FunctionMetadata.FunctionARN
+    );
 
     await module.exports.s3.setS3BucketPolicy(name, account, cloudfront.Distribution.DistributionConfig.Origins.Items[0].S3OriginConfig.OriginAccessIdentity.split('origin-access-identity/cloudfront/')[1]);
 
@@ -40,6 +56,8 @@ module.exports.staticTerminate = async (name, account, repo, branch, id) => {
     try { await module.exports.cloudfront.removeCloudFrontDistribution(id, account); } catch(e) {}
 
     try { await module.exports.cloudfront.removeCloudFrontFunction(name, account); } catch(e) {}
+    
+    try { await module.exports.cloudfront.removeCloudFrontFunction(module.exports.slug(`${repo}-response`, account, branch), account); } catch(e) {}
 }
 
 module.exports.fullstack = async (name, account, tags = [], credentials = [], repo, branch, framework, availability) => {
@@ -75,7 +93,7 @@ module.exports.fullstack = async (name, account, tags = [], credentials = [], re
         });
     }
 
-    const environment = await module.exports.elasticbeanstalk.createElasticBeanstalkEnvironment(name, account, repo, OptionSettings, CNAMEPrefix, tags);
+    const environment = await module.exports.elasticbeanstalk.createElasticBeanstalkEnvironment(name, account, {framework, availability, platform, language}, repo, OptionSettings, CNAMEPrefix, tags);
 
     const configurations = eb.merge("configurations", {framework, availability, platform, language});
 

package/commands/create/services/egnyte.js

@@ -3,14 +3,8 @@ const { ftppass, creds } = require('../libs/vars');
 const { exec } = require("child_process");
 
 module.exports.check = async () => {
-    try {
-        await module.exports.request(creds.egnyte.username, creds.egnyte.password, creds.egnyte.host);
+    return await module.exports.request(creds.egnyte.username, creds.egnyte.password, creds.egnyte.host) &&
         await module.exports.request(ftppass['ftp-fishawack.egnyte.com'].username, ftppass['ftp-fishawack.egnyte.com'].password, 'ftp-fishawack.egnyte.com');
-        
-        return true;
-    } catch(error) {
-        return false;
-    }
 };
 
 module.exports.request = async (username, password, host) => {

package/commands/create/templates/elasticbeanstalk/.ebextensions/adonis/post-deploy.config

@@ -0,0 +1,6 @@
+container_commands:
+  10-db-import:
+    command: echo 'leader only'
+    leader_only: true
+  20-clear-cache:
+    command: ls

package/commands/create/templates/elasticbeanstalk/.ebextensions/adonis/software.config

@@ -0,0 +1,5 @@
+option_settings:
+  aws:elasticbeanstalk:application:environment
+    PORT: 5000
+  aws:elasticbeanstalk:environment:proxy:
+    ProxyServer: nginx

package/package.json

@@ -1,13 +1,11 @@
 {
   "name": "@fishawack/lab-env",
-  "version": "4.34.0",
+  "version": "4.35.1",
   "description": "Docker manager for FW",
   "main": "cli.js",
   "scripts": {
-    "test": "rm -rf _Test/_fixtures/boilerplate*; CI_BUILD_ID=true mocha _Test/*.js --timeout 12000s --bail",
-    "preversion": "npm test",
-    "postversion": "git push && git push --tags && npm publish",
-    "postpublish": "git checkout development && git merge master && git push"
+    "setup": "npm ci && git submodule init && git submodule update",
+    "test": "rm -rf _Test/_fixtures/boilerplate*; CI_BUILD_ID=true mocha _Test/*.js --timeout 12000s --bail"
   },
   "repository": {
     "type": "git",
@@ -51,5 +49,88 @@
   "engines": {
     "npm": ">=8",
     "node": ">=18"
+  },
+  "release": {
+    "plugins": [
+      [
+        "@semantic-release/commit-analyzer",
+        {
+          "preset": "conventionalcommits",
+          "releaseRules": [
+            {
+              "type": "build",
+              "release": "patch"
+            },
+            {
+              "type": "perf",
+              "release": "patch"
+            },
+            {
+              "type": "ci",
+              "release": "patch"
+            },
+            {
+              "type": "refactor",
+              "release": "patch"
+            },
+            {
+              "type": "style",
+              "release": "patch"
+            }
+          ]
+        }
+      ],
+      [
+        "@semantic-release/release-notes-generator",
+        {
+          "preset": "conventionalcommits",
+          "writerOpts": {
+            "headerPartial": "### {{version}} ({{date}})\n",
+            "mainTemplate": "{{> header}}\n{{#each commitGroups}}\n\n{{#if title}}\n#### {{title}}\n\n{{/if}}\n{{#each commits}}\n{{> commit root=@root}}\n{{/each}}\n{{/each}}"
+          },
+          "presetConfig": {
+            "commitUrlFormat": "{{host}}/{{owner}}/{{repository}}/commits/{{hash}}",
+            "types": [
+              {
+                "type": "feat",
+                "section": "Features"
+              },
+              {
+                "type": "fix",
+                "section": "Bug Fixes"
+              },
+              {
+                "type": "build",
+                "section": "Build Updates"
+              },
+              {
+                "type": "perf",
+                "section": "Performance Improvements"
+              },
+              {
+                "type": "ci",
+                "section": "CI/CD updates"
+              },
+              {
+                "type": "refactor",
+                "section": "Code Refactors"
+              },
+              {
+                "type": "style",
+                "section": "Style Updates"
+              }
+            ]
+          }
+        }
+      ],
+      [
+        "@semantic-release/changelog",
+        {
+          "changelogTitle": "## Changelog"
+        }
+      ],
+      "@semantic-release/npm",
+      "@semantic-release/git"
+    ]
   }
 }

package/.gitlab-ci.yml

@@ -1,26 +0,0 @@
-stages:
-  - test
-
-test:
-  stage: test
-  resource_group: test
-  coverage: '/Code coverage: \d+\.\d+/'
-  variables:
-    FW_FULL: 1
-  before_script:
-    # Remove all projects currently on runner
-    - find "/home/gitlab-runner/builds/" ! \( -type d \) -not -path "/*/0/${CI_PROJECT_PATH}/*" -not -path "/*/0/${CI_PROJECT_PATH}.tmp/*" -exec rm -rf {} + 
-    # Remove all empty files now the folders are cleaned out
-    - find "/home/gitlab-runner/builds/" -type d -empty -delete
-  script: 
-    # Install
-    - npm ci
-    # # Test
-    - npm test
-  after_script:
-    # Clean docker
-    - docker volume rm $(docker volume ls -q) || true
-  artifacts:
-    expire_in: 2 hrs
-    paths:
-      - coverage/

package/core/1/CHANGELOG.md

@@ -1,52 +0,0 @@
-## Changelog
-
-### 1.4.1 (2024-07-17)
-* [fix] set global var for git across file system so git avail in mounted volumes i.e node_modules
-
-### 1.4.0 (2024-06-04)
-* [feat] bumped node from 18 to 20
-
-### 1.3.3 (2024-02-09)
-* [fix] symlink wine64 now htat wine is the default global command but electron expects wine64
-
-### 1.3.2 (2024-01-24)
-* [fix] install latest eb cli and use node images python rather than pyenv
-
-### 1.3.1 (2024-01-22)
-* [fix] rebuild of image to get the latest chromium version to fix new puppeteer headless mode
-
-### 1.3.0 (2023-03-17)
-* [feat] node user is now added to www-data group for easier file permission management
-* [fix] disable npm message about update being available
-
-### 1.2.2 (2023-02-25)
-* [fix] set BRANCH and CI_COMMIT_REF_NAME env variables in container
-* [fix] installed git-branch to fetch the current branch for deployment targets
-* [refactor] moved global node module symlinking to alpine image for future use
-
-### 1.2.1 (2023-02-25)
-* [fix] install eb cli into root of image rather than root user directory
-* [perf] dont recurse and dont change group of node_modules to speed up command
-* [refactor] set node git flag without switching user directly in dockerfile
-
-### 1.1.4 (2023-02-23)
-* [Fix] Installed missing are-you-es5 global npm module
-* [Fix] Installed missing check-dependencies global npm module
-
-### 1.1.3 (2023-02-23)
-* [Fix] Switch to ENV for $PATH updates to avoid shell profile loading issues
-* [Fix] Moved chromium to alpine image as its needed for svg tasks and testing
-
-### 1.1.2 (2023-02-22)
-* [Fix] cd into $PWD after su command or we'll start in users home directory
-
-### 1.1.1 (2023-02-22)
-* [Fix] Use -l login flag for su command for both non interactive and interactive shells
-* [Fix] Switch $PATH writes to .profile so they are executed on non interactive shells
-
-### 1.1.0 (2023-02-22)
-* [Feature] Watertight now baked into image so not needed in package.json of projects
-* [Fix] lftp installed in alpine image as it's needed for content tasks
-
-### 1.0.0 (2023-02-21)
-* [Misc] initial commit

package/core/1/Dockerfile

@@ -1,110 +0,0 @@
-#####
-# Alpine image
-#####
-
-FROM node:20.6 AS alpine
-
-LABEL org.opencontainers.image.authors="Mike Mellor <mike.mellor@avalerehealth.com>"
-
-ARG TARGETARCH
-
-WORKDIR /app
-
-EXPOSE 3000
-EXPOSE 3001
-
-# Get latest apt-get
-RUN apt-get update
-
-# Update npm to latest
-RUN npm install -g npm@latest
-
-# Install dart sass vm (arch switch)
-RUN curl -L -o /sass.tar.gz https://github.com/sass/dart-sass/releases/download/1.57.1/dart-sass-1.57.1-linux-$(if [ "$TARGETARCH" = "arm64" ]; then echo 'arm64'; else echo 'x64'; fi).tar.gz
-RUN tar -xf /sass.tar.gz -C /
-ENV PATH="${PATH}:/dart-sass/"
-RUN rm -rf /sass.tar.gz
-
-# Set safe directory to remove intel errors when running git rev-parse
-RUN su node -c "git config --global --add safe.directory /app"
-
-# Also set global git flag for allowing access across filesystems for mounted node_modules dir
-ENV GIT_DISCOVERY_ACROSS_FILESYSTEM=1
-
-# Disable npm message about updates being available
-RUN su node -c "npm config set update-notifier false"
-
-# Add node user to www-data group
-RUN usermod -a -G www-data node
-
-# Install lftp
-RUN apt-get install -y lftp
-
-# Install chromium
-RUN apt-get install -y chromium fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 --no-install-recommends
-# Stop Puppeteer downloading browsers during npm install
-ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
-ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium
-
-# Install package.json checker
-RUN npm install check-dependencies -g
-
-# Install node_modules checker
-RUN npm install are-you-es5 -g
-
-# Install git branch fetcher
-RUN npm install git-branch -g
-
-# Link root global node_modules to ~/.node_modules
-RUN ln -s /usr/local/lib/node_modules/ /home/node/.node_modules
-
-# Cleanup apt-get install folders
-RUN apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-COPY entrypoint.sh /bin/entrypoint.sh
-RUN chmod +x /bin/entrypoint.sh
-ENTRYPOINT ["/bin/entrypoint.sh"]
-
-#####
-# Full image
-#####
-
-FROM alpine AS full
-
-# Get latest apt-get
-RUN apt-get update
-
-# Install ghostscript
-RUN apt-get install -y ghostscript
-
-# Install zip
-RUN apt-get install zip
-
-# Install AWS Elastic Beanstalk cli
-ENV PATH="${PATH}:/.ebcli-virtual-env/executables"
-RUN apt-get -y install python-is-python3 python3-pip && \
-    pip install virtualenv --break-system-packages && \
-    git clone https://github.com/aws/aws-elastic-beanstalk-cli-setup.git ~/aws-eb && \
-    python ~/aws-eb/scripts/ebcli_installer.py --location / && \
-    rm -rf ~/aws-eb
-
-# Install AWS-CLI@2 (arch switch)
-RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-$(if [ "$TARGETARCH" = "arm64" ]; then echo 'aarch64'; else echo 'x86_64'; fi).zip" -o "awscliv2.zip"
-RUN unzip awscliv2.zip
-RUN ./aws/install
-RUN rm -rf ./aws && rm -rf awscliv2.zip
-
-# Update electron globally
-RUN npm install -g electron-packager@latest
-
-# Install wine64
-RUN apt-get install -y wine64 && \
-    ln -s /usr/bin/wine /usr/bin/wine64
-
-# Install watertight
-RUN --mount=type=ssh npm install -g git+ssh://git@bitbucket.org/fishawackdigital/watertight-node-auto.git#v6.0.0
-
-# Cleanup apt-get install folders
-RUN apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

package/core/1/docker-compose.yml

@@ -1,36 +0,0 @@
-services:
-  core:
-    build: 
-      context: $FW_CORE_1_CONTEXT
-      target: $FW_CORE_1_TARGET
-      ssh:
-        - default
-      args:
-        target: $FW_CORE_1_TARGET
-        target_image: $FW_CORE_1_TARGET_IMAGE
-    image: $FW_CORE_1_IMAGE:${FW_CORE_1_VERSION:-latest}
-    init: true
-    tty: true
-    volumes:
-      - $CWD/:/app
-      - $FW_DIR/targets:/home/node/targets
-      - $FW_DIR/.ssh:/home/node/.ssh
-      - $FW_DIR/.aws:/home/node/.aws
-      - node_modules:/app/node_modules
-    ports:
-      - ${PORT:-3000}:${PORT:-3000}
-      - ${PORT_OPT:-3001}:${PORT_OPT:-3001}
-    environment:
-      - REPO=${REPO:-}
-      - PORT=${PORT:-3000}
-      - PORT_OPT=${PORT_OPT:-3001}
-      - PORT_WEB=${PORT_WEB:-8000}
-      - PORT_DB=${PORT_DB:-3306}
-      - USER_UID=${USER_UID:-0}
-      - USER_GID=${USER_GID:-0}
-      - FW_ROOT=${FW_ROOT:-}
-      - BRANCH=${BRANCH:-}
-      - CI_COMMIT_REF_NAME=${CI_COMMIT_REF_NAME:-}
-volumes:
-  node_modules:
-    driver: "local"

package/core/1/entrypoint.sh

@@ -1,21 +0,0 @@
-#!/bin/bash
-
-# Setting $FW_ROOT will bypass the user switch to node
-if [ -z "$FW_ROOT" ]; then
-    # Set node user id to match host users id so no permission issues outside of docker
-    usermod -u $USER_UID node &>/dev/null
-
-    # Own the node_modules folder otherwise it'll be owned by root/previous node id which will prevent writing
-    chown node /app/node_modules
-
-    # Default arguments will always be bash -l, if nothing follows this just start an non login interactive shell
-    if [ -z "${@:3}" ]; then
-        exec su node
-    # Otherwise pipe the command after the bash -lc into the non login non interactive shell as a command to exec
-    else
-        exec su node -c "${@:3}"
-    fi
-else
-    echo "Accessing as root"
-    exec "$@"
-fi

package/core/1/package.json

@@ -1,11 +0,0 @@
-{
-  "name": "core",
-  "version": "1.4.1",
-  "description": "lab-env docker config for the @fishawack/core/1 npm module",
-  "scripts": {
-    "preversion": "docker login",
-    "postversion": "docker buildx build --ssh default --platform linux/amd64,linux/arm64 -t fishawack/lab-env-core-1:$npm_package_version -t fishawack/lab-env-core-1:latest --push . && docker buildx build --ssh default --target alpine --platform linux/amd64,linux/arm64 -t fishawack/lab-env-core-1-alpine:$npm_package_version -t fishawack/lab-env-core-1-alpine:latest --push . && git add . && git commit -m \"build: Bumped fishawack/lab-env-core-1 to $npm_package_version\""
-  },
-  "author": "Mike Mellor",
-  "license": "ISC"
-}