@fishawack/lab-env 5.7.0-beta.1 → 5.7.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/CHANGELOG.md +58 -0
  2. package/_Test/provision.js +4 -9
  3. package/_Test/prune.js +8 -5
  4. package/bitbucket-pipelines.yml +2 -2
  5. package/cli.js +1 -0
  6. package/commands/create/cmds/dekey.js +13 -9
  7. package/commands/create/cmds/deprovision.js +36 -0
  8. package/commands/create/cmds/key.js +60 -41
  9. package/commands/create/cmds/provision.js +573 -69
  10. package/commands/create/cmds/rekey.js +218 -0
  11. package/commands/create/cmds/sync-secrets.js +2 -1
  12. package/commands/create/libs/output-credentials.js +59 -0
  13. package/commands/create/libs/parallel-runner.js +204 -0
  14. package/commands/create/libs/resolve-operator.js +59 -0
  15. package/commands/create/libs/utilities.js +73 -8
  16. package/commands/create/libs/vars.js +120 -136
  17. package/commands/create/services/aws/acm.js +61 -0
  18. package/commands/create/services/aws/cloudfront.js +51 -45
  19. package/commands/create/services/aws/ec2.js +675 -48
  20. package/commands/create/services/aws/elasticache.js +159 -0
  21. package/commands/create/services/aws/elasticbeanstalk.js +154 -57
  22. package/commands/create/services/aws/iam.js +402 -82
  23. package/commands/create/services/aws/index.js +1398 -260
  24. package/commands/create/services/aws/opensearch.js +155 -0
  25. package/commands/create/services/aws/rds.js +57 -31
  26. package/commands/create/services/aws/s3.js +52 -31
  27. package/commands/create/services/aws/secretsmanager.js +21 -12
  28. package/commands/create/services/aws/ses.js +195 -0
  29. package/commands/create/templates/elasticbeanstalk/.ebextensions/laravel/cron.config +45 -0
  30. package/commands/create/templates/elasticbeanstalk/.ebextensions/laravel/queue-worker.config +29 -0
  31. package/commands/create/templates/elasticbeanstalk/.ebextensions/laravel/software.config +12 -0
  32. package/commands/create/templates/elasticbeanstalk/.ebextensions/misc/setvars.config +2 -16
  33. package/commands/create/templates/elasticbeanstalk/.platform/confighooks/postdeploy/rewrite-flush.sh +1 -1
  34. package/commands/create/templates/elasticbeanstalk/.platform/confighooks/postdeploy/setvars.sh +19 -0
  35. package/commands/create/templates/elasticbeanstalk/.platform/hooks/postdeploy/restart_queue.sh +4 -0
  36. package/commands/create/templates/elasticbeanstalk/.platform/hooks/prebuild/setvars.sh +19 -0
  37. package/package.json +7 -2
@@ -0,0 +1,155 @@
1
+ const {
2
+ OpenSearchClient,
3
+ CreateDomainCommand,
4
+ DeleteDomainCommand,
5
+ DescribeDomainCommand,
6
+ } = require("@aws-sdk/client-opensearch");
7
+ const { Spinner, poll } = require("../../libs/utilities");
8
+ const { awsClientConfig } = require("../../libs/vars");
9
+
10
+ const getClient = () => new OpenSearchClient(awsClientConfig);
11
+
12
+ module.exports.createOpenSearchDomain = async (
13
+ name,
14
+ securityGroupId,
15
+ privateSubnetIds,
16
+ instanceProfileRole,
17
+ tags = [],
18
+ ) => {
19
+ const accountId = instanceProfileRole.split(":")[4] || "*";
20
+ const region = process.env.AWS_REGION;
21
+
22
+ const res = await Spinner.prototype.simple(
23
+ `Creating OpenSearch domain ${name}`,
24
+ () => {
25
+ return getClient().send(
26
+ new CreateDomainCommand({
27
+ DomainName: name,
28
+ EngineVersion: "OpenSearch_2.19",
29
+ ClusterConfig: {
30
+ InstanceType: "t3.small.search",
31
+ InstanceCount: 2,
32
+ ZoneAwarenessEnabled: true,
33
+ ZoneAwarenessConfig: {
34
+ AvailabilityZoneCount: 2,
35
+ },
36
+ },
37
+ EBSOptions: {
38
+ EBSEnabled: true,
39
+ VolumeType: "gp3",
40
+ VolumeSize: 20,
41
+ },
42
+ VPCOptions: {
43
+ SubnetIds: privateSubnetIds,
44
+ SecurityGroupIds: [securityGroupId],
45
+ },
46
+ EncryptionAtRestOptions: {
47
+ Enabled: true,
48
+ },
49
+ NodeToNodeEncryptionOptions: {
50
+ Enabled: true,
51
+ },
52
+ DomainEndpointOptions: {
53
+ EnforceHTTPS: true,
54
+ TLSSecurityPolicy: "Policy-Min-TLS-1-2-2019-07",
55
+ },
56
+ AdvancedSecurityOptions: {
57
+ Enabled: false,
58
+ InternalUserDatabaseEnabled: false,
59
+ },
60
+ AccessPolicies: JSON.stringify({
61
+ Version: "2012-10-17",
62
+ Statement: [
63
+ {
64
+ Effect: "Allow",
65
+ Principal: {
66
+ AWS: instanceProfileRole,
67
+ },
68
+ Action: "es:ESHttp*",
69
+ Resource: `arn:aws:es:${region}:${accountId}:domain/${name}/*`,
70
+ },
71
+ ],
72
+ }),
73
+ TagList: [
74
+ { Key: "client", Value: process.env.AWS_PROFILE },
75
+ ].concat(
76
+ tags.map((t) => ({
77
+ Key: t.Key,
78
+ Value: String(t.Value),
79
+ })),
80
+ ),
81
+ }),
82
+ );
83
+ },
84
+ );
85
+
86
+ return res;
87
+ };
88
+
89
+ module.exports.waitForOpenSearchDomain = async (name) => {
90
+ const res = await Spinner.prototype.simple(
91
+ `Waiting for OpenSearch domain to become available (this may take 15-20 minutes)`,
92
+ (spinner) => {
93
+ return poll(
94
+ async () => {
95
+ const { DomainStatus } = await getClient().send(
96
+ new DescribeDomainCommand({ DomainName: name }),
97
+ );
98
+ return DomainStatus;
99
+ },
100
+ (status) =>
101
+ status.Processing ||
102
+ (!status.Endpoint && !status.Endpoints),
103
+ undefined,
104
+ spinner,
105
+ );
106
+ },
107
+ );
108
+
109
+ return res;
110
+ };
111
+
112
+ module.exports.describeOpenSearchDomain = async (name) => {
113
+ const res = await Spinner.prototype.simple(
114
+ `Describing OpenSearch domain ${name}`,
115
+ () => {
116
+ return getClient().send(
117
+ new DescribeDomainCommand({ DomainName: name }),
118
+ );
119
+ },
120
+ );
121
+
122
+ return res.DomainStatus;
123
+ };
124
+
125
+ module.exports.deleteOpenSearchDomain = async (name) => {
126
+ await Spinner.prototype.simple(`Deleting OpenSearch domain ${name}`, () => {
127
+ return getClient().send(new DeleteDomainCommand({ DomainName: name }));
128
+ });
129
+ };
130
+
131
+ module.exports.waitForOpenSearchDeletion = async (name) => {
132
+ await Spinner.prototype.simple(
133
+ `Waiting for OpenSearch domain to be deleted`,
134
+ (spinner) => {
135
+ return poll(
136
+ async () => {
137
+ try {
138
+ const { DomainStatus } = await getClient().send(
139
+ new DescribeDomainCommand({ DomainName: name }),
140
+ );
141
+ return DomainStatus;
142
+ } catch (e) {
143
+ if (e.name === "ResourceNotFoundException") {
144
+ return { deleted: true };
145
+ }
146
+ throw e;
147
+ }
148
+ },
149
+ (status) => !status.deleted,
150
+ undefined,
151
+ spinner,
152
+ );
153
+ },
154
+ );
155
+ };
@@ -1,9 +1,11 @@
1
1
  const {
2
2
  RDSClient,
3
3
  CreateDBInstanceCommand,
4
+ CreateDBSubnetGroupCommand,
4
5
  DeleteDBInstanceCommand,
5
6
  DescribeDBInstancesCommand,
6
7
  DescribeDBSnapshotsCommand,
8
+ DescribeDBSubnetGroupsCommand,
7
9
  RestoreDBInstanceFromDBSnapshotCommand,
8
10
  ModifyDBInstanceCommand,
9
11
  DescribeDBParameterGroupsCommand,
@@ -11,19 +13,52 @@ const {
11
13
  ModifyDBParameterGroupCommand,
12
14
  } = require("@aws-sdk/client-rds");
13
15
  const { Spinner, poll } = require("../../libs/utilities");
16
+ const { awsClientConfig } = require("../../libs/vars");
17
+
18
+ const getClient = () => new RDSClient(awsClientConfig);
19
+
20
+ module.exports.ensureDBSubnetGroup = async (privateSubnetIds) => {
21
+ const name = "fw-auto-private-db-subnet-group";
22
+
23
+ try {
24
+ await getClient().send(
25
+ new DescribeDBSubnetGroupsCommand({
26
+ DBSubnetGroupName: name,
27
+ }),
28
+ );
29
+
30
+ return name;
31
+ } catch (e) {
32
+ if (e.name !== "DBSubnetGroupNotFoundFault") {
33
+ throw e;
34
+ }
35
+ }
36
+
37
+ await Spinner.prototype.simple(`Creating DB subnet group ${name}`, () => {
38
+ return getClient().send(
39
+ new CreateDBSubnetGroupCommand({
40
+ DBSubnetGroupName: name,
41
+ DBSubnetGroupDescription:
42
+ "Private subnets for lab-env RDS instances",
43
+ SubnetIds: privateSubnetIds,
44
+ }),
45
+ );
46
+ });
47
+
48
+ return name;
49
+ };
14
50
 
15
51
  module.exports.createRDSInstance = async (
16
52
  name,
17
53
  tags = [],
18
54
  password,
19
55
  securityGroupId,
56
+ subnetGroupName,
20
57
  ) => {
21
- const client = new RDSClient({});
22
-
23
58
  let res = await Spinner.prototype.simple(
24
59
  `Creating RDS instance ${name}`,
25
60
  () => {
26
- return client.send(
61
+ return getClient().send(
27
62
  new CreateDBInstanceCommand({
28
63
  DBInstanceIdentifier: name,
29
64
  DBInstanceClass: "db.t3.small",
@@ -37,6 +72,7 @@ module.exports.createRDSInstance = async (
37
72
  BackupRetentionPeriod: 7,
38
73
  DBName: "ebdb",
39
74
  DBParameterGroupName: "lab-env-mysql80-ssl-required",
75
+ DBSubnetGroupName: subnetGroupName,
40
76
  VpcSecurityGroupIds: [securityGroupId],
41
77
  Tags: [
42
78
  { Key: "client", Value: process.env.AWS_PROFILE },
@@ -50,21 +86,21 @@ module.exports.createRDSInstance = async (
50
86
  };
51
87
 
52
88
  module.exports.waitForRDSInstance = async (name) => {
53
- const client = new RDSClient({});
54
-
55
89
  const res = await Spinner.prototype.simple(
56
90
  `Waiting for RDS instance to become available`,
57
- () => {
91
+ (spinner) => {
58
92
  return poll(
59
93
  async () =>
60
94
  (
61
- await client.send(
95
+ await getClient().send(
62
96
  new DescribeDBInstancesCommand({
63
97
  DBInstanceIdentifier: name,
64
98
  }),
65
99
  )
66
100
  ).DBInstances[0],
67
101
  ({ DBInstanceStatus }) => DBInstanceStatus !== "available",
102
+ undefined,
103
+ spinner,
68
104
  );
69
105
  },
70
106
  );
@@ -73,12 +109,10 @@ module.exports.waitForRDSInstance = async (name) => {
73
109
  };
74
110
 
75
111
  module.exports.describeRDSInstance = async (name) => {
76
- const client = new RDSClient({});
77
-
78
112
  let res = await Spinner.prototype.simple(
79
113
  `Describing RDS instance ${name}`,
80
114
  () => {
81
- return client.send(
115
+ return getClient().send(
82
116
  new DescribeDBInstancesCommand({
83
117
  DBInstanceIdentifier: name,
84
118
  }),
@@ -90,10 +124,8 @@ module.exports.describeRDSInstance = async (name) => {
90
124
  };
91
125
 
92
126
  module.exports.deleteRDSInstance = async (name) => {
93
- const client = new RDSClient({});
94
-
95
127
  await Spinner.prototype.simple(`Deleting RDS instance ${name}`, () => {
96
- return client.send(
128
+ return getClient().send(
97
129
  new DeleteDBInstanceCommand({
98
130
  DBInstanceIdentifier: name,
99
131
  SkipFinalSnapshot: true,
@@ -103,15 +135,13 @@ module.exports.deleteRDSInstance = async (name) => {
103
135
  };
104
136
 
105
137
  module.exports.waitForRDSDeletion = async (name) => {
106
- const client = new RDSClient({});
107
-
108
138
  await Spinner.prototype.simple(
109
139
  `Waiting for RDS instance to be deleted`,
110
- () => {
140
+ (spinner) => {
111
141
  return poll(
112
142
  async () => {
113
143
  try {
114
- const res = await client.send(
144
+ const res = await getClient().send(
115
145
  new DescribeDBInstancesCommand({
116
146
  DBInstanceIdentifier: name,
117
147
  }),
@@ -125,18 +155,18 @@ module.exports.waitForRDSDeletion = async (name) => {
125
155
  }
126
156
  },
127
157
  ({ DBInstanceStatus }) => DBInstanceStatus !== "deleted",
158
+ undefined,
159
+ spinner,
128
160
  );
129
161
  },
130
162
  );
131
163
  };
132
164
 
133
165
  module.exports.listManualSnapshots = async () => {
134
- const client = new RDSClient({});
135
-
136
166
  const res = await Spinner.prototype.simple(
137
167
  `Fetching manual RDS snapshots`,
138
168
  () => {
139
- return client.send(
169
+ return getClient().send(
140
170
  new DescribeDBSnapshotsCommand({
141
171
  SnapshotType: "manual",
142
172
  }),
@@ -157,19 +187,19 @@ module.exports.restoreRDSInstanceFromSnapshot = async (
157
187
  snapshotId,
158
188
  securityGroupId,
159
189
  tags = [],
190
+ subnetGroupName,
160
191
  ) => {
161
- const client = new RDSClient({});
162
-
163
192
  let res = await Spinner.prototype.simple(
164
193
  `Restoring RDS instance ${name} from snapshot ${snapshotId}`,
165
194
  () => {
166
- return client.send(
195
+ return getClient().send(
167
196
  new RestoreDBInstanceFromDBSnapshotCommand({
168
197
  DBInstanceIdentifier: name,
169
198
  DBSnapshotIdentifier: snapshotId,
170
199
  DBInstanceClass: "db.t3.small",
171
200
  PubliclyAccessible: false,
172
201
  DBParameterGroupName: "lab-env-mysql80-ssl-required",
202
+ DBSubnetGroupName: subnetGroupName,
173
203
  VpcSecurityGroupIds: [securityGroupId],
174
204
  Tags: [
175
205
  { Key: "client", Value: process.env.AWS_PROFILE },
@@ -183,12 +213,10 @@ module.exports.restoreRDSInstanceFromSnapshot = async (
183
213
  };
184
214
 
185
215
  module.exports.modifyRDSPassword = async (name, password) => {
186
- const client = new RDSClient({});
187
-
188
216
  await Spinner.prototype.simple(
189
217
  `Updating master password for RDS instance ${name}`,
190
218
  () => {
191
- return client.send(
219
+ return getClient().send(
192
220
  new ModifyDBInstanceCommand({
193
221
  DBInstanceIdentifier: name,
194
222
  MasterUserPassword: password,
@@ -202,10 +230,8 @@ module.exports.modifyRDSPassword = async (name, password) => {
202
230
  const SSL_PARAMETER_GROUP = "lab-env-mysql80-ssl-required";
203
231
 
204
232
  module.exports.ensureSSLParameterGroup = async () => {
205
- const client = new RDSClient({});
206
-
207
233
  try {
208
- await client.send(
234
+ await getClient().send(
209
235
  new DescribeDBParameterGroupsCommand({
210
236
  DBParameterGroupName: SSL_PARAMETER_GROUP,
211
237
  }),
@@ -214,7 +240,7 @@ module.exports.ensureSSLParameterGroup = async () => {
214
240
  await Spinner.prototype.simple(
215
241
  `Creating parameter group ${SSL_PARAMETER_GROUP}`,
216
242
  () => {
217
- return client.send(
243
+ return getClient().send(
218
244
  new CreateDBParameterGroupCommand({
219
245
  DBParameterGroupName: SSL_PARAMETER_GROUP,
220
246
  DBParameterGroupFamily: "mysql8.0",
@@ -228,7 +254,7 @@ module.exports.ensureSSLParameterGroup = async () => {
228
254
  await Spinner.prototype.simple(
229
255
  `Enabling require_secure_transport on ${SSL_PARAMETER_GROUP}`,
230
256
  () => {
231
- return client.send(
257
+ return getClient().send(
232
258
  new ModifyDBParameterGroupCommand({
233
259
  DBParameterGroupName: SSL_PARAMETER_GROUP,
234
260
  Parameters: [
@@ -12,6 +12,9 @@ const {
12
12
  DeleteObjectsCommand,
13
13
  } = require("@aws-sdk/client-s3");
14
14
  const { Spinner } = require("../../libs/utilities");
15
+ const { awsClientConfig } = require("../../libs/vars");
16
+
17
+ const getClient = () => new S3Client(awsClientConfig);
15
18
 
16
19
  module.exports.createS3Bucket = async (
17
20
  bucket,
@@ -19,36 +22,39 @@ module.exports.createS3Bucket = async (
19
22
  blockAccess = true,
20
23
  ObjectOwnership = "BucketOwnerEnforced",
21
24
  ) => {
22
- const client = new S3Client({});
23
-
24
25
  let res = await Spinner.prototype.simple(
25
26
  `Creating s3 bucket ${bucket}`,
26
27
  () => {
27
- return client.send(
28
+ return getClient().send(
28
29
  new CreateBucketCommand({ Bucket: bucket, ObjectOwnership }),
29
30
  );
30
31
  },
31
32
  );
32
33
 
34
+ const publicAccessConfig =
35
+ typeof blockAccess === "object"
36
+ ? blockAccess
37
+ : {
38
+ BlockPublicAcls: blockAccess,
39
+ BlockPublicPolicy: blockAccess,
40
+ IgnorePublicAcls: blockAccess,
41
+ RestrictPublicBuckets: blockAccess,
42
+ };
43
+
33
44
  await Spinner.prototype.simple(
34
- `${blockAccess ? "Blocking" : "Allowing"} all public access to s3 bucket`,
45
+ `Configuring public access settings for s3 bucket`,
35
46
  () => {
36
- return client.send(
47
+ return getClient().send(
37
48
  new PutPublicAccessBlockCommand({
38
49
  Bucket: bucket,
39
- PublicAccessBlockConfiguration: {
40
- BlockPublicAcls: blockAccess,
41
- BlockPublicPolicy: blockAccess,
42
- IgnorePublicAcls: blockAccess,
43
- RestrictPublicBuckets: blockAccess,
44
- },
50
+ PublicAccessBlockConfiguration: publicAccessConfig,
45
51
  }),
46
52
  );
47
53
  },
48
54
  );
49
55
 
50
56
  await Spinner.prototype.simple(`Adding tags to s3 bucket`, () => {
51
- return client.send(
57
+ return getClient().send(
52
58
  new PutBucketTaggingCommand({
53
59
  Bucket: bucket,
54
60
  Tagging: {
@@ -64,30 +70,24 @@ module.exports.createS3Bucket = async (
64
70
  };
65
71
 
66
72
  module.exports.listS3Buckets = async () => {
67
- const client = new S3Client({});
68
-
69
73
  let res = await Spinner.prototype.simple(`Listing s3 buckets`, () => {
70
- return client.send(new ListBucketsCommand({}));
74
+ return getClient().send(new ListBucketsCommand({}));
71
75
  });
72
76
 
73
77
  return res;
74
78
  };
75
79
 
76
80
  module.exports.removeS3Bucket = async (bucket) => {
77
- const client = new S3Client({});
78
-
79
81
  await Spinner.prototype.simple(`Removing s3 bucket ${bucket}`, () => {
80
- return client.send(new DeleteBucketCommand({ Bucket: bucket }));
82
+ return getClient().send(new DeleteBucketCommand({ Bucket: bucket }));
81
83
  });
82
84
  };
83
85
 
84
86
  module.exports.setS3BucketPolicy = async (bucket, OAI) => {
85
- const client = new S3Client({});
86
-
87
87
  let res = await Spinner.prototype.simple(
88
88
  `Updating s3 bucket policy`,
89
89
  () => {
90
- return client.send(
90
+ return getClient().send(
91
91
  new PutBucketPolicyCommand({
92
92
  Bucket: bucket,
93
93
  Policy: JSON.stringify({
@@ -116,11 +116,36 @@ module.exports.setS3BucketPolicy = async (bucket, OAI) => {
116
116
  return res;
117
117
  };
118
118
 
119
- module.exports.addFileToS3Bucket = async (bucket, filepath, file) => {
120
- const client = new S3Client({});
119
+ module.exports.setPublicReadPolicy = async (bucket, prefix) => {
120
+ let res = await Spinner.prototype.simple(
121
+ `Setting public read policy for ${prefix}`,
122
+ () => {
123
+ return getClient().send(
124
+ new PutBucketPolicyCommand({
125
+ Bucket: bucket,
126
+ Policy: JSON.stringify({
127
+ Version: "2012-10-17",
128
+ Statement: [
129
+ {
130
+ Sid: "PublicReadPrefix",
131
+ Effect: "Allow",
132
+ Principal: "*",
133
+ Action: "s3:GetObject",
134
+ Resource: `arn:aws:s3:::${bucket}/${prefix}`,
135
+ },
136
+ ],
137
+ }),
138
+ }),
139
+ );
140
+ },
141
+ );
142
+
143
+ return res;
144
+ };
121
145
 
146
+ module.exports.addFileToS3Bucket = async (bucket, filepath, file) => {
122
147
  let res = await Spinner.prototype.simple(`Adding file to s3 bucket`, () => {
123
- return client.send(
148
+ return getClient().send(
124
149
  new PutObjectCommand({
125
150
  Bucket: bucket,
126
151
  Body: file,
@@ -133,12 +158,10 @@ module.exports.addFileToS3Bucket = async (bucket, filepath, file) => {
133
158
  };
134
159
 
135
160
  module.exports.removeFileToS3Bucket = async (bucket, filepath) => {
136
- const client = new S3Client({});
137
-
138
161
  let res = await Spinner.prototype.simple(
139
162
  `Removing file from s3 bucket`,
140
163
  () => {
141
- return client.send(
164
+ return getClient().send(
142
165
  new DeleteObjectCommand({
143
166
  Bucket: bucket,
144
167
  Key: filepath,
@@ -151,8 +174,6 @@ module.exports.removeFileToS3Bucket = async (bucket, filepath) => {
151
174
  };
152
175
 
153
176
  module.exports.emptyS3Bucket = async (bucket) => {
154
- const client = new S3Client({});
155
-
156
177
  await Spinner.prototype.simple(`Emptying s3 bucket`, () => {
157
178
  // eslint-disable-next-line no-async-promise-executor
158
179
  return new Promise(async (resolve, reject) => {
@@ -160,7 +181,7 @@ module.exports.emptyS3Bucket = async (bucket) => {
160
181
  let ContinuationToken = null;
161
182
 
162
183
  do {
163
- let list = await client.send(
184
+ let list = await getClient().send(
164
185
  new ListObjectsV2Command({
165
186
  Bucket: bucket,
166
187
  ContinuationToken,
@@ -168,7 +189,7 @@ module.exports.emptyS3Bucket = async (bucket) => {
168
189
  );
169
190
 
170
191
  if (list.KeyCount) {
171
- let deleted = await client.send(
192
+ let deleted = await getClient().send(
172
193
  new DeleteObjectsCommand({
173
194
  Bucket: bucket,
174
195
  Delete: {
@@ -3,15 +3,17 @@ const {
3
3
  CreateSecretCommand,
4
4
  DescribeSecretCommand,
5
5
  GetSecretValueCommand,
6
+ PutSecretValueCommand,
6
7
  DeleteSecretCommand,
7
8
  } = require("@aws-sdk/client-secrets-manager");
8
9
  const { Spinner } = require("../../libs/utilities");
10
+ const { awsClientConfig } = require("../../libs/vars");
9
11
 
10
- module.exports.createSecret = async (name, secretObject, tags = []) => {
11
- const client = new SecretsManagerClient({});
12
+ const getClient = () => new SecretsManagerClient(awsClientConfig);
12
13
 
14
+ module.exports.createSecret = async (name, secretObject, tags = []) => {
13
15
  let res = await Spinner.prototype.simple(`Creating secret ${name}`, () => {
14
- return client.send(
16
+ return getClient().send(
15
17
  new CreateSecretCommand({
16
18
  Name: name,
17
19
  SecretString: JSON.stringify(secretObject),
@@ -24,12 +26,10 @@ module.exports.createSecret = async (name, secretObject, tags = []) => {
24
26
  };
25
27
 
26
28
  module.exports.describeSecret = async (name) => {
27
- const client = new SecretsManagerClient({});
28
-
29
29
  let res = await Spinner.prototype.simple(
30
30
  `Checking for existing secret ${name}`,
31
31
  () => {
32
- return client.send(
32
+ return getClient().send(
33
33
  new DescribeSecretCommand({
34
34
  SecretId: name,
35
35
  }),
@@ -41,12 +41,10 @@ module.exports.describeSecret = async (name) => {
41
41
  };
42
42
 
43
43
  module.exports.getSecretValue = async (name) => {
44
- const client = new SecretsManagerClient({});
45
-
46
44
  let res = await Spinner.prototype.simple(
47
45
  `Retrieving secret ${name}`,
48
46
  () => {
49
- return client.send(
47
+ return getClient().send(
50
48
  new GetSecretValueCommand({
51
49
  SecretId: name,
52
50
  }),
@@ -57,11 +55,22 @@ module.exports.getSecretValue = async (name) => {
57
55
  return JSON.parse(res.SecretString);
58
56
  };
59
57
 
60
- module.exports.deleteSecret = async (name) => {
61
- const client = new SecretsManagerClient({});
58
+ module.exports.updateSecretValue = async (name, secretObject) => {
59
+ let res = await Spinner.prototype.simple(`Updating secret ${name}`, () => {
60
+ return getClient().send(
61
+ new PutSecretValueCommand({
62
+ SecretId: name,
63
+ SecretString: JSON.stringify(secretObject),
64
+ }),
65
+ );
66
+ });
62
67
 
68
+ return res;
69
+ };
70
+
71
+ module.exports.deleteSecret = async (name) => {
63
72
  let res = await Spinner.prototype.simple(`Deleting secret ${name}`, () => {
64
- return client.send(
73
+ return getClient().send(
65
74
  new DeleteSecretCommand({
66
75
  SecretId: name,
67
76
  ForceDeleteWithoutRecovery: true,