@fjall/deploy-core 2.4.4 → 2.4.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/.minified
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
116 files minified at 2026-05-
|
|
1
|
+
116 files minified at 2026-05-27T21:27:37.030Z
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{CreateOrganizationalUnitCommand as
|
|
1
|
+
import{CreateOrganizationalUnitCommand as A,ListOrganizationalUnitsForParentCommand as U,ListParentsCommand as L,MoveAccountCommand as P}from"@aws-sdk/client-organizations";import{success as u,failure as d}from"@fjall/generator";import{extractErrorName as y,isOULeaf as I,SDK_TIMEOUT_MS as m,AWS_ERROR_NAMES as N}from"./types.js";import{getErrorMessage as g}from"@fjall/util";async function C(r,a){const t=await r.send(new U({ParentId:a}),{abortSignal:AbortSignal.timeout(m)});let e=t.OrganizationalUnits??[],n=t.NextToken;for(;n;){const o=await r.send(new U({ParentId:a,NextToken:n}),{abortSignal:AbortSignal.timeout(m)});e=e.concat(o.OrganizationalUnits??[]),n=o.NextToken}return e}async function x(r,a){try{return(await r.send(new L({ChildId:a}),{abortSignal:AbortSignal.timeout(m)})).Parents?.[0]?.Id}catch(t){if(y(t)===N.CHILD_NOT_FOUND)return;throw t}}async function b(r,a,t,e){const n=e.find(o=>o.Name===t);if(n?.Id)return u(n.Id);try{const s=(await r.send(new A({Name:t,ParentId:a}),{abortSignal:AbortSignal.timeout(m)})).OrganizationalUnit;return s?.Id?u(s.Id):d(new Error(`OU "${t}" was created but has no ID`))}catch(o){return d(new Error(`Failed to create OU "${t}": ${g(o)}`))}}function S(r){return r.charAt(0).toUpperCase()+r.slice(1)}async function E(r,a,t){const e={};if(t.length===0)return u(e);const n=await C(r,a);for(const o of t){const s=S(o),i=await b(r,a,s,n);if(!i.success)return d(i.error);e[o.toLowerCase()]=i.data,n.push({Id:i.data,Name:s})}return u(e)}async function p(r,a,t,e,n,o){const s=await C(r,a);for(const[i,c]of Object.entries(t)){const f=S(i),w=await b(r,a,f,s);if(!w.success)return d(w.error);const O=w.data,h=n?`${n}.${i.toLowerCase()}`:i.toLowerCase();if(e[h]=O,n){const l=i.toLowerCase();o.has(l)||(e[l]=O)}if(s.push({Id:O,Name:f}),!I(c)){const l=await p(r,O,c,e,h,o);if(!l.success)return l}}return u(void 0)}async function k(r,a,t){try{if(Array.isArray(t))return await E(r,a,t);const e={},n=new Set(Object.keys(t).map(s=>s.toLowerCase())),o=await p(r,a,t,e,"",n);return o.success?u(e):d(o.error)}catch(e){return d(new Error(`Failed to ensure OUs exist: ${g(e)}`))}}function T(r,a,t=""){const e={};for(const[n,o]of Object.entries(r)){const s=t?`${t}.${n.toLowerCase()}`:n.toLowerCase(),i=a[s];if(I(o)){if(i)for(const c of o)e[c.toLowerCase()]=i}else Object.assign(e,T(o,a,s))}return e}async function v(r,a,t,e){try{if(t.length===0)return u({moved:0,alreadyPlaced:0});let n=0,o=0;for(const s of t){if(s.environment==="root")continue;const i=e?e[s.name.toLowerCase()]:a[s.environment.toLowerCase()];if(!i)continue;const c=await x(r,s.id);if(c){if(c===i){o++;continue}try{await r.send(new P({AccountId:s.id,SourceParentId:c,DestinationParentId:i}),{abortSignal:AbortSignal.timeout(m)}),n++}catch(f){if(y(f)===N.ACCOUNT_NOT_FOUND)continue;throw f}}}return u({moved:n,alreadyPlaced:o})}catch(n){return d(new Error(`Failed to place accounts in OUs: ${g(n)}`))}}export{T as buildAccountToOUMap,k as ensureOrganisationalUnitsExist,v as placeAccountsInOUs};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{success as y,failure as h}from"@fjall/generator";import{OrganizationsClient as
|
|
1
|
+
import{success as y,failure as h}from"@fjall/generator";import{OrganizationsClient as v}from"@aws-sdk/client-organizations";import{RAMClient as x}from"@aws-sdk/client-ram";import{CloudFormationClient as T}from"@aws-sdk/client-cloudformation";import{EC2Client as M}from"@aws-sdk/client-ec2";import{BackupClient as j}from"@aws-sdk/client-backup";import{CostExplorerClient as D}from"@aws-sdk/client-cost-explorer";import{SSOAdminClient as N}from"@aws-sdk/client-sso-admin";import{ensureOrganisationExists as B}from"../aws/organisations/organisation.js";import{enablePolicyTypes as F}from"../aws/organisations/policies.js";import{enableServiceAccess as L}from"../aws/organisations/serviceAccess.js";import{enableRamSharing as W}from"../aws/organisations/ram.js";import{activateTrustedAccess as z}from"../aws/organisations/trustedAccess.js";import{enableIpamDelegatedAdmin as G}from"../aws/organisations/ipam.js";import{updateBackupGlobalSettings as K}from"../aws/organisations/backup.js";import{listAccounts as q,createAccount as H}from"../aws/organisations/accounts.js";import{ensureOrganisationalUnitsExist as J,placeAccountsInOUs as Q,buildAccountToOUMap as V}from"../aws/organisations/organisationalUnits.js";import{activateCostAllocationTags as X}from"../aws/organisations/costAllocation.js";import{checkIdentityCentreStatus as Y}from"../aws/organisations/identityCentre.js";import{registerSecurityDelegates as Z}from"../aws/organisations/delegatedAdmin.js";async function Pe(r,o,e){const n=[],s=[],t=[],c=[];let C;const u=r.getClient(v),A=r.getClient(x),S=r.getClient(T),E=r.getClient(M),I=r.getClient(j),w=r.getClient(D),O=r.getClient(N);e?.onPhaseStart?.("create-organisation"),e?.onProgress?.("Ensuring AWS Organisation exists");const p=await B(u);if(!p.success)return e?.onError?.("create-organisation",p.error),e?.onPhaseComplete?.("create-organisation","error"),h(p.error);const{orgId:R,rootId:f}=p.data;if(e?.onPhaseComplete?.("create-organisation","completed"),n.push("create-organisation"),await a("enable-policies",()=>(e?.onProgress?.("Enabling organisation policy types"),F(u,f)),n,t,e),await a("enable-service-access",()=>(e?.onProgress?.("Enabling AWS service access"),L(u)),n,t,e),await a("enable-ram-sharing",()=>(e?.onProgress?.("Enabling RAM sharing"),W(A)),n,t,e),await a("activate-trusted-access",()=>(e?.onProgress?.("Activating CloudFormation trusted access"),z(S)),n,t,e),o.platformAccountId){const i=o.platformAccountId;await a("enable-ipam",()=>(e?.onProgress?.("Enabling IPAM delegated administrator"),G(E,i)),n,t,e)}await a("configure-backup",()=>(e?.onProgress?.("Updating backup global settings"),K(I)),n,t,e),e?.onPhaseStart?.("create-accounts"),e?.onProgress?.("Checking for missing accounts");const d=await _(u,o.accounts,c);d.success?(n.push("create-accounts"),e?.onPhaseComplete?.("create-accounts","completed")):(t.push({phase:"create-accounts",error:d.error.message}),e?.onError?.("create-accounts",d.error),e?.onPhaseComplete?.("create-accounts","error"));let m={};e?.onPhaseStart?.("create-organisational-units"),e?.onProgress?.("Ensuring organisational units exist");const g=await J(u,f,o.organisationalUnits);if(g.success?(m=g.data,n.push("create-organisational-units"),e?.onPhaseComplete?.("create-organisational-units","completed")):(t.push({phase:"create-organisational-units",error:g.error.message}),e?.onError?.("create-organisational-units",g.error),e?.onPhaseComplete?.("create-organisational-units","error")),Object.keys(m).length===0)s.push("place-accounts"),e?.onPhaseStart?.("place-accounts"),e?.onPhaseComplete?.("place-accounts","skipped");else if(o.accountPlacements===void 0){const i=new Error("Account placements not provided despite OUs being created. Caller must populate accountPlacements so accounts can be moved into their target OUs.");t.push({phase:"place-accounts",error:i.message}),e?.onPhaseStart?.("place-accounts"),e?.onError?.("place-accounts",i),e?.onPhaseComplete?.("place-accounts","error")}else if(Object.keys(o.accountPlacements).length===0)s.push("place-accounts"),e?.onPhaseStart?.("place-accounts"),e?.onPhaseComplete?.("place-accounts","skipped");else{const i=$(o.accountPlacements),U=Array.isArray(o.organisationalUnits)?void 0:V(o.organisationalUnits,m);await a("place-accounts",()=>(e?.onProgress?.("Placing accounts in organisational units"),Q(u,m,i,U)),n,t,e)}const l=o.costAllocationTags??[];if(l.length>0?await a("activate-cost-tags",()=>(e?.onProgress?.("Activating cost allocation tags"),X(w,l.map(i=>({TagKey:i})))),n,t,e):(s.push("activate-cost-tags"),e?.onPhaseStart?.("activate-cost-tags"),e?.onPhaseComplete?.("activate-cost-tags","skipped")),o.skipIdentityCentre)s.push("check-identity-centre"),e?.onPhaseStart?.("check-identity-centre"),e?.onPhaseComplete?.("check-identity-centre","skipped");else{e?.onPhaseStart?.("check-identity-centre"),e?.onProgress?.("Checking Identity Centre status");const i=await Y(O);i.success?(C=i.data.enabled?"enabled":"not-enabled",n.push("check-identity-centre"),e?.onPhaseComplete?.("check-identity-centre","completed")):(t.push({phase:"check-identity-centre",error:i.error.message}),e?.onError?.("check-identity-centre",i.error),e?.onPhaseComplete?.("check-identity-centre","error"))}const P=o.securityDelegateAccountId;return P?await a("register-security-delegates",()=>(e?.onProgress?.("Registering security service delegated administrators"),Z(u,P)),n,t,e):(s.push("register-security-delegates"),e?.onPhaseStart?.("register-security-delegates"),e?.onPhaseComplete?.("register-security-delegates","skipped")),y({organisationId:R,createdAccounts:c,identityCentreStatus:C,phasesCompleted:n,phasesSkipped:s,errors:t})}async function a(r,o,e,n,s){s?.onPhaseStart?.(r);const t=await o();t.success?(e.push(r),s?.onPhaseComplete?.(r,"completed")):(n.push({phase:r,error:t.error.message}),s?.onError?.(r,t.error),s?.onPhaseComplete?.(r,"error"))}async function _(r,o,e){const n=await q(r);if(!n.success)return h(n.error);const s=new Set(n.data.map(t=>t.Name?.toLowerCase()).filter(t=>t!==void 0));for(const t of o){if(s.has(t.name.toLowerCase()))continue;const c=await H(r,t.name,t.email);if(!c.success)return h(c.error);e.push({name:c.data.accountName,accountId:c.data.accountId})}return y(void 0)}function $(r){return Object.entries(r).map(([o,e])=>({id:o,name:o,environment:e}))}export{Pe as runOrganisationSetup};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@fjall/deploy-core",
|
|
3
|
-
"version": "2.4.
|
|
3
|
+
"version": "2.4.7",
|
|
4
4
|
"description": "Shared deployment engine for Fjall — used by CLI and webapp worker",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/src/index.js",
|
|
@@ -73,7 +73,7 @@
|
|
|
73
73
|
"@aws-sdk/client-s3": "^3.1038.0",
|
|
74
74
|
"@aws-sdk/client-sso-admin": "^3.1038.0",
|
|
75
75
|
"@aws-sdk/client-sts": "^3.1038.0",
|
|
76
|
-
"@fjall/generator": "^2.4.
|
|
76
|
+
"@fjall/generator": "^2.4.7",
|
|
77
77
|
"@fjall/util": "^0.100.0",
|
|
78
78
|
"@smithy/node-http-handler": "^4.6.1",
|
|
79
79
|
"zod": "^4.4.3"
|
|
@@ -82,5 +82,5 @@
|
|
|
82
82
|
"@types/node": "^25.6.0",
|
|
83
83
|
"vitest": "^4.1.5"
|
|
84
84
|
},
|
|
85
|
-
"gitHead": "
|
|
85
|
+
"gitHead": "26678c26badf87b44e176c579041f777b9d4f591"
|
|
86
86
|
}
|