@govuk-pay/cli 0.0.44 → 0.0.46
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -19,6 +19,11 @@ const builder = (yargs) => {
|
|
|
19
19
|
type: 'boolean',
|
|
20
20
|
default: false,
|
|
21
21
|
description: 'Launch psql inside the apps database container (no psql history)'
|
|
22
|
+
})
|
|
23
|
+
.option('superuser', {
|
|
24
|
+
type: 'boolean',
|
|
25
|
+
default: false,
|
|
26
|
+
description: 'Connect to the database as the postgres superuser'
|
|
22
27
|
});
|
|
23
28
|
};
|
|
24
29
|
exports.builder = builder;
|
|
@@ -27,6 +32,7 @@ async function dbHandler(argv) {
|
|
|
27
32
|
await (0, standardContent_1.showHeader)();
|
|
28
33
|
const service = argv.app_name;
|
|
29
34
|
const docker = argv.docker;
|
|
35
|
+
const asSuperuser = argv.superuser;
|
|
30
36
|
if (!(service in servicesConfig)) {
|
|
31
37
|
console.error(`The service specified (${service}) was not defined in the service_config.yaml file`);
|
|
32
38
|
return;
|
|
@@ -37,14 +43,14 @@ async function dbHandler(argv) {
|
|
|
37
43
|
return;
|
|
38
44
|
}
|
|
39
45
|
if (docker) {
|
|
40
|
-
launchPsqlInDocker(serviceConfig);
|
|
46
|
+
launchPsqlInDocker(serviceConfig, asSuperuser);
|
|
41
47
|
}
|
|
42
48
|
else if (!psqlAvailable()) {
|
|
43
49
|
console.warn('PSQL installation not found locally.');
|
|
44
|
-
launchPsqlInDocker(serviceConfig);
|
|
50
|
+
launchPsqlInDocker(serviceConfig, asSuperuser);
|
|
45
51
|
}
|
|
46
52
|
else {
|
|
47
|
-
launchPsql(serviceConfig);
|
|
53
|
+
launchPsql(serviceConfig, asSuperuser);
|
|
48
54
|
}
|
|
49
55
|
}
|
|
50
56
|
exports.default = dbHandler;
|
|
@@ -55,7 +61,7 @@ function psqlAvailable() {
|
|
|
55
61
|
}
|
|
56
62
|
return false;
|
|
57
63
|
}
|
|
58
|
-
function launchPsqlInDocker(serviceConfig) {
|
|
64
|
+
function launchPsqlInDocker(serviceConfig, asSuperuser) {
|
|
59
65
|
console.log('Running psql in running app db container.');
|
|
60
66
|
console.log('Note: This means you wont have a psql history, and one will not survive restarts of pay local');
|
|
61
67
|
(0, node_child_process_1.spawn)('docker', [
|
|
@@ -66,18 +72,18 @@ function launchPsqlInDocker(serviceConfig) {
|
|
|
66
72
|
`${serviceConfig.name}_db`,
|
|
67
73
|
'psql',
|
|
68
74
|
'--host', `${serviceConfig.name}_db`,
|
|
69
|
-
'--user', serviceConfig.name,
|
|
75
|
+
'--user', asSuperuser ? 'postgres' : serviceConfig.name,
|
|
70
76
|
'--dbname', serviceConfig.name
|
|
71
77
|
], { stdio: 'inherit', shell: true });
|
|
72
78
|
}
|
|
73
|
-
function launchPsql(serviceConfig) {
|
|
79
|
+
function launchPsql(serviceConfig, asSuperuser) {
|
|
74
80
|
if (serviceConfig.db_port === undefined) {
|
|
75
81
|
throw new Error(`Service config for ${serviceConfig.name} is missing db_port specification`);
|
|
76
82
|
}
|
|
77
83
|
(0, node_child_process_1.spawn)('psql', [
|
|
78
84
|
'--host', '127.0.0.1',
|
|
79
85
|
'--port', `${serviceConfig.db_port}`,
|
|
80
|
-
'--user', serviceConfig.name,
|
|
86
|
+
'--user', asSuperuser ? 'postgres' : serviceConfig.name,
|
|
81
87
|
'--dbname', serviceConfig.name
|
|
82
88
|
], {
|
|
83
89
|
stdio: 'inherit',
|
package/src/commands/tunnel.js
CHANGED
|
@@ -44,7 +44,7 @@ async function readInputForReadOrWriteDBAccess() {
|
|
|
44
44
|
input: process.stdin,
|
|
45
45
|
output: process.stdout
|
|
46
46
|
});
|
|
47
|
-
let answer = await rl.question('Do you require read-only
|
|
47
|
+
let answer = await rl.question('Do you require read-only, read-write, or admin access to the database? [R/w/a]: ');
|
|
48
48
|
rl.close();
|
|
49
49
|
if (answer === undefined || answer === '') {
|
|
50
50
|
answer = 'R';
|
|
@@ -52,11 +52,15 @@ async function readInputForReadOrWriteDBAccess() {
|
|
|
52
52
|
}
|
|
53
53
|
if (answer === 'R' || answer === 'r') {
|
|
54
54
|
printGreen('Database read-only access requested');
|
|
55
|
-
return '
|
|
55
|
+
return 'readonly';
|
|
56
56
|
}
|
|
57
57
|
else if (answer === 'w') {
|
|
58
58
|
printGreen('Database write access requested');
|
|
59
|
-
return '
|
|
59
|
+
return 'readwrite';
|
|
60
|
+
}
|
|
61
|
+
else if (answer === 'a') {
|
|
62
|
+
printGreen('Admin access requested');
|
|
63
|
+
return 'admin';
|
|
60
64
|
}
|
|
61
65
|
else {
|
|
62
66
|
printError('Invalid option entered. Exiting..');
|
|
@@ -415,9 +419,12 @@ async function printHowToTunnelText(application, environment, dbEngineVersion, d
|
|
|
415
419
|
}
|
|
416
420
|
async function getDbUser(environment, application, dbAccessType) {
|
|
417
421
|
let paramName;
|
|
418
|
-
if (dbAccessType === '
|
|
422
|
+
if (dbAccessType === 'admin') {
|
|
419
423
|
paramName = `${environment}_${application}.db_user`;
|
|
420
424
|
}
|
|
425
|
+
else if (dbAccessType === 'readwrite') {
|
|
426
|
+
paramName = `${environment}_${application}.db_support_user_readwrite`;
|
|
427
|
+
}
|
|
421
428
|
else {
|
|
422
429
|
paramName = `${environment}_${application}.db_support_user_readonly`;
|
|
423
430
|
}
|
|
@@ -434,17 +441,23 @@ async function getDbUser(environment, application, dbAccessType) {
|
|
|
434
441
|
}
|
|
435
442
|
}
|
|
436
443
|
function getPayLowPassDbSecretName(environment, user, dbAccessType) {
|
|
437
|
-
if (dbAccessType === '
|
|
444
|
+
if (dbAccessType === 'admin') {
|
|
438
445
|
return `aws/rds/application_users/${environment.split('-')[0]}/${user}`;
|
|
439
446
|
}
|
|
447
|
+
else if (dbAccessType === 'readwrite') {
|
|
448
|
+
return `aws/rds/support_readwrite_users/${environment.split('-')[0]}/${user}`;
|
|
449
|
+
}
|
|
440
450
|
else {
|
|
441
451
|
return `aws/rds/support_readonly_users/${environment.split('-')[0]}/${user}`;
|
|
442
452
|
}
|
|
443
453
|
}
|
|
444
454
|
function getPaySecretsPasswordName(dbAccessType) {
|
|
445
|
-
if (dbAccessType === '
|
|
455
|
+
if (dbAccessType === 'admin') {
|
|
446
456
|
return 'DB_PASSWORD';
|
|
447
457
|
}
|
|
458
|
+
if (dbAccessType === 'readwrite') {
|
|
459
|
+
return 'DB_SUPPORT_PASSWORD_READWRITE';
|
|
460
|
+
}
|
|
448
461
|
else {
|
|
449
462
|
return 'DB_SUPPORT_PASSWORD_READONLY';
|
|
450
463
|
}
|