@fishawack/lab-env 4.35.2 → 4.37.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/CHANGELOG.md +25 -0
  2. package/bitbucket-pipelines.yml +1 -1
  3. package/commands/content.js +23 -2
  4. package/commands/create/cmds/key.js +1 -1
  5. package/commands/create/services/aws/iam.js +15 -5
  6. package/core/1/CHANGELOG.md +18 -0
  7. package/core/1/Dockerfile +3 -0
  8. package/core/1/bitbucket-pipelines.yml +11 -5
  9. package/core/1/entrypoint.sh +3 -0
  10. package/core/1/package.json +1 -1
  11. package/package.json +2 -34
package/CHANGELOG.md CHANGED
@@ -1,5 +1,30 @@
1
1
  ## Changelog
2
2
 
3
+ ### 4.37.0 (2024-10-22)
4
+
5
+ #### Features
6
+
7
+ * added fullstack permission type that attaches eb permissions ([f98ccaa](https://bitbucket.org/fishawackdigital/lab-env/commits/f98ccaa600f6417e1bf0764ea45f2c512c438ecd))
8
+ * permissions now accepted for IAM users to narrow down access ([507eceb](https://bitbucket.org/fishawackdigital/lab-env/commits/507ecebbabd2feb2d9ced604975a5f86ca9c1aaa))
9
+
10
+ #### Build Updates
11
+
12
+ * bumped nodemailer to fix punycode deprecation warning ([db4fd29](https://bitbucket.org/fishawackdigital/lab-env/commits/db4fd294fc39e0455e30319f796f3813f65c2bdc))
13
+ * **core/1:** Bumped lab-env-core-1 ([6d706a9](https://bitbucket.org/fishawackdigital/lab-env/commits/6d706a95e09d75de8758a5b8703056ace009191e))
14
+
15
+ ### 4.36.0 (2024-10-08)
16
+
17
+ #### Features
18
+
19
+ * content command now has init flag which returns s3 auto content config ([342c433](https://bitbucket.org/fishawackdigital/lab-env/commits/342c43301c92a2840125e28608450faa9540a226))
20
+
21
+ #### Build Updates
22
+
23
+ * add scope to pull request against aws-runner ([325e84a](https://bitbucket.org/fishawackdigital/lab-env/commits/325e84a10974c56700c51eaebf2b2b3c4d3e635d))
24
+ * **core/1:** Bumped lab-env-core-1 ([2c7c446](https://bitbucket.org/fishawackdigital/lab-env/commits/2c7c446164ba9f52f509590c21a60ce7619cfd0e))
25
+ * **core/1:** Bumped lab-env-core-1 ([de4a471](https://bitbucket.org/fishawackdigital/lab-env/commits/de4a471e23a088740ffc9eceef7473483fafae44))
26
+ * only release on fix, feat and build updates ([9e8feb5](https://bitbucket.org/fishawackdigital/lab-env/commits/9e8feb5c9594fee29f21b721491d26b396534b44))
27
+
3
28
  ### 4.35.2 (2024-10-02)
4
29
 
5
30
  #### Build Updates
package/bitbucket-pipelines.yml CHANGED
@@ -72,7 +72,7 @@ pipelines:
72
72
  - sed -i -e "s/\(@fishawack\/lab-env@\).*/\1$(git ls-remote --tags --refs --sort="v:refname" https://$GIT_CREDENTIALS@bitbucket.org/$BITBUCKET_REPO_FULL_NAME | tail -n1 | sed 's/.*\///')/g" Dockerfile
73
73
  - git add .
74
74
  - |
75
- git commit --allow-empty -m "build: Bumped $BITBUCKET_REPO_SLUG"
75
+ git commit --allow-empty -m "build($BITBUCKET_REPO_SLUG): Bumped $BITBUCKET_REPO_SLUG"
76
76
  - git push origin "$BITBUCKET_REPO_SLUG-$BITBUCKET_COMMIT"
77
77
  - |
78
78
  curl https://api.bitbucket.org/2.0/repositories/fishawackdigital/aws-runner/pullrequests \
package/commands/content.js CHANGED
@@ -1,8 +1,29 @@
1
+ const execSync = require('child_process').execSync;
2
+ const utilities = require('./create/libs/utilities');
1
3
  const _ = require('../globals.js');
2
4
 
3
5
  module.exports = [
4
6
  'content',
5
7
  'pulls any external content and assets into the repo',
6
- yargs => {},
7
- argv => _.command("core", `npm run content`)
8
+ yargs => {
9
+ yargs.option('init', {
10
+ alias: 'i',
11
+ describe: 'Returns config for s3 content folder',
12
+ type: 'boolean'
13
+ });
14
+ },
15
+ argv => {
16
+ if(argv.init){
17
+ const stringify = JSON.stringify({
18
+ "aws-s3": "fishawack",
19
+ "location": `fw-auto-content/${_.repo_safe}`,
20
+ "key": `fw-s3-${_.repo_safe}`,
21
+ "sync": true
22
+ }, null, 4);
23
+ execSync(`printf '${stringify}' | pbcopy`);
24
+ console.log(utilities.colorize(`\n${stringify}\n\n(copied to clipboard)`, 'title'));
25
+ } else {
26
+ _.command("core", `npm run content`)
27
+ }
28
+ }
8
29
  ];
package/commands/create/cmds/key.js CHANGED
@@ -85,7 +85,7 @@ module.exports = [
85
85
  credentials[user] = {};
86
86
  }
87
87
 
88
- let res = await aws.iam.createFWIAMUser(`fw-automation-${user}`, client);
88
+ let res = await aws.iam.createFWIAMUser(`fw-automation-${user}`, client, _.config.users.find(d => d.username === user).permissions);
89
89
 
90
90
  credentials[user][client] = {
91
91
  key: res.AccessKey && res.AccessKey.AccessKeyId || res.AccessKeyMetadata[0].AccessKeyId,
package/commands/create/services/aws/iam.js CHANGED
@@ -24,10 +24,10 @@ module.exports.createIAMUser = async (UserName, account, tags = []) => {
24
24
  return res;
25
25
  };
26
26
 
27
- module.exports.createFWIAMUser = async (UserName, account) => {
27
+ module.exports.createFWIAMUser = async (UserName, account, permissions) => {
28
28
  await module.exports.createIAMUser(UserName, account);
29
29
 
30
- await module.exports.syncFWIAMPolicies(UserName, account);
30
+ await module.exports.syncFWIAMPolicies(UserName, account, permissions);
31
31
 
32
32
  let res = await module.exports.createAccessKeySafe(UserName, account);
33
33
 
@@ -73,10 +73,20 @@ module.exports.attachIAMPolicy = async (UserName, account, policy) => {
73
73
  return res;
74
74
  };
75
75
 
76
- module.exports.syncFWIAMPolicies = async (UserName, account) => {
76
+ module.exports.syncFWIAMPolicies = async (UserName, account, permissions = ["auto-content", "deploy-static"]) => {
77
77
  await module.exports.removeAllIAMPolicies(UserName, account);
78
- await module.exports.attachIAMPolicy(UserName, account, 'arn:aws:iam::aws:policy/AmazonS3FullAccess');
79
- await module.exports.attachIAMPolicy(UserName, account, 'arn:aws:iam::aws:policy/CloudFrontFullAccess');
78
+
79
+ if(permissions.includes("auto-content") || permissions.includes("deploy-static")){
80
+ await module.exports.attachIAMPolicy(UserName, account, 'arn:aws:iam::aws:policy/AmazonS3FullAccess');
81
+ }
82
+
83
+ if(permissions.includes("deploy-static")){
84
+ await module.exports.attachIAMPolicy(UserName, account, 'arn:aws:iam::aws:policy/CloudFrontFullAccess');
85
+ }
86
+
87
+ if(permissions.includes("deploy-fullstack")){
88
+ await module.exports.attachIAMPolicy(UserName, account, 'arn:aws:iam::aws:policy/AdministratorAccess-AWSElasticBeanstalk');
89
+ }
80
90
  };
81
91
 
82
92
  module.exports.removeIAMPolicy = async (UserName, account, policy) => {
package/core/1/CHANGELOG.md CHANGED
@@ -1,5 +1,23 @@
1
1
  ## Changelog
2
2
 
3
+ ### 1.6.0 (2024-10-22)
4
+
5
+ #### Features
6
+
7
+ * own global node_modules folder so local modules can be linked ([82f84fa](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/82f84faa5dfa7c009458bec4fe3a9f2b437c34bf))
8
+
9
+ ### 1.5.2 (2024-10-08)
10
+
11
+ #### Bug Fixes
12
+
13
+ * rclone in alpine image and aws sdk back in full image as rclone used for s3 content ([9e68463](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/9e684631bb83c105aa9e5407e8fee30a788309cd))
14
+
15
+ ### 1.5.1 (2024-10-07)
16
+
17
+ #### Bug Fixes
18
+
19
+ * move aws from full image to alpine now that s3 content requests are supported ([a947817](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/a94781756ea482545b63018e72ab30ce25727af9))
20
+
3
21
  ### 1.5.0 (2024-10-01)
4
22
 
5
23
  #### Features
package/core/1/Dockerfile CHANGED
@@ -58,6 +58,9 @@ RUN npm install git-branch -g
58
58
  # Link root global node_modules to ~/.node_modules
59
59
  RUN ln -s /usr/local/lib/node_modules/ /home/node/.node_modules
60
60
 
61
+ # Install rclone
62
+ RUN curl https://rclone.org/install.sh | bash
63
+
61
64
  # Cleanup apt-get install folders
62
65
  RUN apt-get clean && \
63
66
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
package/core/1/bitbucket-pipelines.yml CHANGED
@@ -15,14 +15,15 @@ pipelines:
15
15
  - production
16
16
  size: 4x
17
17
  script:
18
+ # Install release deps
19
+ - npm install -g semantic-release@24 @semantic-release/changelog@6 @semantic-release/git@10 conventional-changelog-conventionalcommits@8
20
+ # Release version via node so can exit out when no release made
21
+ - |
22
+ node -e "const spawn = require('child_process').spawn('semantic-release', ['--repositoryUrl', 'https://$GIT_CREDENTIALS@bitbucket.org/$BITBUCKET_REPO_FULL_NAME'], { env: { ...process.env, FORCE_COLOR: true } }); spawn.stderr.on('data', d => process.stderr.write(d.toString())); spawn.stdout.on('data', d => {process.stdout.write(d.toString()); if(d.toString().includes('There are no relevant changes, so no new version is released.') || d.toString().includes('therefore a new version won\'t be published.')){process.exit(1);}})" || exit 0
18
23
  # Copy ssh keys so physical files exist for agent to use
19
24
  - cp /build/*/ssh/* ~/.ssh/
20
25
  # Start ssh agent and add all (if any) keys
21
26
  - eval `ssh-agent` && ssh-add || true
22
- # Install release deps
23
- - npm install -g semantic-release@24 @semantic-release/changelog@6 @semantic-release/git@10 conventional-changelog-conventionalcommits@8
24
- # Release version
25
- - semantic-release --repositoryUrl=https://$GIT_CREDENTIALS@bitbucket.org/$BITBUCKET_REPO_FULL_NAME
26
27
  # Publish docker image
27
28
  - docker login $DOCKER_CREDENTIALS && docker buildx create --use && npm run image
28
29
  # Sync development after publish
@@ -38,7 +39,7 @@ pipelines:
38
39
  - git submodule update --remote --merge core/1
39
40
  - git add .
40
41
  - |
41
- git commit --allow-empty -m "build: Bumped $BITBUCKET_REPO_SLUG"
42
+ git commit --allow-empty -m "build(core/1): Bumped $BITBUCKET_REPO_SLUG"
42
43
  - git push origin "$BITBUCKET_REPO_SLUG-$BITBUCKET_COMMIT"
43
44
  - |
44
45
  curl https://api.bitbucket.org/2.0/repositories/fishawackdigital/lab-env/pullrequests \
@@ -56,6 +57,11 @@ pipelines:
56
57
  \"name\": \"$BITBUCKET_REPO_SLUG-$BITBUCKET_COMMIT\"
57
58
  }
58
59
  },
60
+ \"reviewers\": [
61
+ {
62
+ \"uuid\": \"{2518e4c3-fc1d-4653-b355-c00be099ce6c}\"
63
+ }
64
+ ],
59
65
  \"close_source_branch\": true
60
66
  }"
61
67
  services:
package/core/1/entrypoint.sh CHANGED
@@ -8,6 +8,9 @@ if [ -z "$FW_ROOT" ]; then
8
8
  # Own the node_modules folder otherwise it'll be owned by root/previous node id which will prevent writing
9
9
  chown node /app/node_modules
10
10
 
11
+ # Own the global node_modules folder otherwise it'll be owned by root/previous node id which will prevent writing
12
+ chown node /usr/local/lib/node_modules
13
+
11
14
  # Default arguments will always be bash -l, if nothing follows this just start an non login interactive shell
12
15
  if [ -z "${@:3}" ]; then
13
16
  exec su node
package/core/1/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "core",
3
- "version": "1.5.0",
3
+ "version": "1.6.0",
4
4
  "description": "lab-env docker config for the @fishawack/core/1 npm module",
5
5
  "scripts": {
6
6
  "image": "docker buildx build --ssh default --platform linux/amd64,linux/arm64 -t fishawack/lab-env-core-1:$npm_package_version -t fishawack/lab-env-core-1:latest --push . && docker buildx build --ssh default --target alpine --platform linux/amd64,linux/arm64 -t fishawack/lab-env-core-1-alpine:$npm_package_version -t fishawack/lab-env-core-1-alpine:latest --push ."
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fishawack/lab-env",
3
- "version": "4.35.2",
3
+ "version": "4.37.0",
4
4
  "description": "Docker manager for FW",
5
5
  "main": "cli.js",
6
6
  "scripts": {
@@ -35,7 +35,7 @@
35
35
  "glob": "7.1.7",
36
36
  "inquirer": "8.1.2",
37
37
  "lodash": "^4.17.21",
38
- "nodemailer": "^6.7.8",
38
+ "nodemailer": "^6.9.15",
39
39
  "ora": "5.4.1",
40
40
  "semver": "7.3.4",
41
41
  "update-notifier": "^6.0.2",
@@ -60,22 +60,6 @@
60
60
  {
61
61
  "type": "build",
62
62
  "release": "patch"
63
- },
64
- {
65
- "type": "perf",
66
- "release": "patch"
67
- },
68
- {
69
- "type": "ci",
70
- "release": "patch"
71
- },
72
- {
73
- "type": "refactor",
74
- "release": "patch"
75
- },
76
- {
77
- "type": "style",
78
- "release": "patch"
79
63
  }
80
64
  ]
81
65
  }
@@ -102,22 +86,6 @@
102
86
  {
103
87
  "type": "build",
104
88
  "section": "Build Updates"
105
- },
106
- {
107
- "type": "perf",
108
- "section": "Performance Improvements"
109
- },
110
- {
111
- "type": "ci",
112
- "section": "CI/CD updates"
113
- },
114
- {
115
- "type": "refactor",
116
- "section": "Code Refactors"
117
- },
118
- {
119
- "type": "style",
120
- "section": "Style Updates"
121
89
  }
122
90
  ]
123
91
  }