@govuk-pay/cli 0.0.25 → 0.0.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,12 +1,8 @@
|
|
|
1
1
|
Commands:
|
|
2
|
-
pay aws # Interactions with AWS, e.g. fetching STS tokens
|
|
3
2
|
pay browse # Opens web browser link to useful links
|
|
4
|
-
pay deployment_status <env> # Describe what's deployed
|
|
5
3
|
pay doctor # Attempts to initialise or fix the Pay CLI
|
|
6
4
|
pay help [COMMAND] # Describe available commands or one specific ...
|
|
7
5
|
pay local # Sets up local Pay development environment
|
|
8
6
|
pay schema # Generates web based database diagrams and me...
|
|
9
7
|
pay secrets # Manage secrets in and between environments
|
|
10
|
-
pay ssm # Start an SSM session to boxes in environments
|
|
11
8
|
pay tunnel # Open tunnel to application database
|
|
12
|
-
pay tf # Runs Terraform
|
|
@@ -21,12 +21,6 @@ handlers.set('tunnel', {
|
|
|
21
21
|
handlers.set('legacy', {
|
|
22
22
|
handler: legacy_1.default
|
|
23
23
|
});
|
|
24
|
-
handlers.set('aws', {
|
|
25
|
-
handler: legacy_1.default
|
|
26
|
-
});
|
|
27
|
-
handlers.set('deployment_status', {
|
|
28
|
-
handler: legacy_1.default
|
|
29
|
-
});
|
|
30
24
|
handlers.set('doctor', {
|
|
31
25
|
handler: legacy_1.default
|
|
32
26
|
});
|
|
@@ -42,12 +36,6 @@ handlers.set('schema', {
|
|
|
42
36
|
handlers.set('secrets', {
|
|
43
37
|
handler: legacy_1.default
|
|
44
38
|
});
|
|
45
|
-
handlers.set('ssm', {
|
|
46
|
-
handler: legacy_1.default
|
|
47
|
-
});
|
|
48
|
-
handlers.set('tf', {
|
|
49
|
-
handler: legacy_1.default
|
|
50
|
-
});
|
|
51
39
|
handlers.set('demo', {
|
|
52
40
|
handler: demo_js_1.default
|
|
53
41
|
});
|
|
@@ -1,58 +0,0 @@
|
|
|
1
|
-
require 'aws-sdk-ec2'
|
|
2
|
-
require 'aws-sdk-autoscaling'
|
|
3
|
-
require 'aws-sdk-elasticloadbalancing'
|
|
4
|
-
|
|
5
|
-
module PayCLI::Commands::Ssm
|
|
6
|
-
|
|
7
|
-
def self.usage!
|
|
8
|
-
STDERR.puts <<~USAGE
|
|
9
|
-
pay ssm <environment> <instance_id>
|
|
10
|
-
|
|
11
|
-
example:
|
|
12
|
-
pay ssm test-12 i-1c472d8c2ffd826d7
|
|
13
|
-
|
|
14
|
-
USAGE
|
|
15
|
-
exit
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
def self.start!
|
|
19
|
-
args = ARGV[1..-1] || []
|
|
20
|
-
usage! if args.length != 2
|
|
21
|
-
|
|
22
|
-
PayCLI::StopYubicoAuthenticator.stop_yubico_authenticator!
|
|
23
|
-
|
|
24
|
-
env, instance_id = args
|
|
25
|
-
|
|
26
|
-
usage! unless instance_id.match(/^i-/)
|
|
27
|
-
|
|
28
|
-
PayCLI::Environment.setup! env
|
|
29
|
-
|
|
30
|
-
warn <<~WARN
|
|
31
|
-
\e[33m
|
|
32
|
-
⚠️ WARNING: When using SSM, any and all activity you perform may be getting logged for security auditing purposes (think PCI).
|
|
33
|
-
Avoid sending or accessing \e[4manything\e[24m that could cause a security breach, such as:
|
|
34
|
-
|
|
35
|
-
• Secret API Keys or Tokens
|
|
36
|
-
• Credentials or Passwords
|
|
37
|
-
• Cardholder Data or Personally-Identifiable Information (PII)
|
|
38
|
-
• Anything else that may be protected by GDPR or PCI-DSS
|
|
39
|
-
• Anything classified as GSC 'Secret' or above
|
|
40
|
-
|
|
41
|
-
If you have a problem with this or aren't sure, use Ctrl-C \e[4mright now\e[24m and discontinue your SSM session.
|
|
42
|
-
\e[0m
|
|
43
|
-
WARN
|
|
44
|
-
sleep(5)
|
|
45
|
-
start_ssm_session(instance_id, env)
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
def self.start_ssm_session(instance_id, env)
|
|
49
|
-
STDERR.puts "SSM to instance #{instance_id} in #{env}"
|
|
50
|
-
|
|
51
|
-
pid = spawn(
|
|
52
|
-
"aws ssm start-session --target \"#{instance_id}\"",
|
|
53
|
-
in: STDIN, out: STDOUT, err: STDERR
|
|
54
|
-
)
|
|
55
|
-
Process.wait pid
|
|
56
|
-
exit $CHILD_STATUS.exitstatus
|
|
57
|
-
end
|
|
58
|
-
end
|