@kirschbaum-development/sst-laravel 0.2.15 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/laravel-sst.ts +32 -0
- package/package.json +4 -2
- package/src/remote-env-file.ts +24 -5
package/laravel-sst.ts
CHANGED
|
@@ -55,6 +55,36 @@ export interface LaravelServiceArgs {
|
|
|
55
55
|
health?: ServiceArgs['health'];
|
|
56
56
|
executionRole?: ServiceArgs['executionRole'];
|
|
57
57
|
permissions?: ServiceArgs['permissions'];
|
|
58
|
+
|
|
59
|
+
/**
|
|
60
|
+
* Transform the underlying ECS Service resources. Useful for hardening the
|
|
61
|
+
* ALB (e.g. restricting the load-balancer security group to a fixed set of
|
|
62
|
+
* upstream CIDRs) or adjusting other inner resources.
|
|
63
|
+
*
|
|
64
|
+
* `image` and `taskDefinition` are managed internally and cannot be
|
|
65
|
+
* overridden here — they carry the env-file dependency wiring and the
|
|
66
|
+
* `initProcessEnabled: false` setting required by this package.
|
|
67
|
+
*
|
|
68
|
+
* @example
|
|
69
|
+
* ```js
|
|
70
|
+
* web: {
|
|
71
|
+
* transform: {
|
|
72
|
+
* loadBalancerSecurityGroup: (sgArgs) => {
|
|
73
|
+
* sgArgs.ingress = [{
|
|
74
|
+
* protocol: "tcp",
|
|
75
|
+
* fromPort: 443,
|
|
76
|
+
* toPort: 443,
|
|
77
|
+
* cidrBlocks: ["173.245.48.0/20", "103.21.244.0/22"],
|
|
78
|
+
* }];
|
|
79
|
+
* },
|
|
80
|
+
* },
|
|
81
|
+
* }
|
|
82
|
+
* ```
|
|
83
|
+
*/
|
|
84
|
+
transform?: Omit<
|
|
85
|
+
NonNullable<ServiceArgs['transform']>,
|
|
86
|
+
'image' | 'taskDefinition'
|
|
87
|
+
>;
|
|
58
88
|
}
|
|
59
89
|
|
|
60
90
|
export interface LaravelWebArgs extends LaravelServiceArgs {
|
|
@@ -353,6 +383,7 @@ export class LaravelService extends Component {
|
|
|
353
383
|
},
|
|
354
384
|
|
|
355
385
|
transform: {
|
|
386
|
+
...(args.web?.transform ?? {}),
|
|
356
387
|
image: addEnvironmentFileImageDependency,
|
|
357
388
|
taskDefinition: (args) => {
|
|
358
389
|
args.containerDefinitions = (
|
|
@@ -467,6 +498,7 @@ export class LaravelService extends Component {
|
|
|
467
498
|
},
|
|
468
499
|
|
|
469
500
|
transform: {
|
|
501
|
+
...(workerConfig.transform ?? {}),
|
|
470
502
|
image: addEnvironmentFileImageDependency,
|
|
471
503
|
taskDefinition: (args) => {
|
|
472
504
|
args.containerDefinitions = (
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@kirschbaum-development/sst-laravel",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "An unofficial extension of SST to deploy containerized Laravel applications to AWS Fargate.",
|
|
6
6
|
"main": "laravel-sst.ts",
|
|
@@ -28,6 +28,7 @@
|
|
|
28
28
|
],
|
|
29
29
|
"scripts": {
|
|
30
30
|
"build": "tsc",
|
|
31
|
+
"test": "vitest run",
|
|
31
32
|
"release": "./scripts/publish.sh"
|
|
32
33
|
},
|
|
33
34
|
"repository": {
|
|
@@ -65,7 +66,8 @@
|
|
|
65
66
|
},
|
|
66
67
|
"devDependencies": {
|
|
67
68
|
"@types/node": "^20.0.0",
|
|
68
|
-
"typescript": "^5.0.0"
|
|
69
|
+
"typescript": "^5.0.0",
|
|
70
|
+
"vitest": "4.1.5"
|
|
69
71
|
},
|
|
70
72
|
"publishConfig": {
|
|
71
73
|
"access": "public",
|
package/src/remote-env-file.ts
CHANGED
|
@@ -213,19 +213,38 @@ function buildEnvFileContent(
|
|
|
213
213
|
].filter(Boolean).join('\n\n');
|
|
214
214
|
}
|
|
215
215
|
|
|
216
|
-
function toEnvFileContent(vars: Record<string, string>): string {
|
|
216
|
+
export function toEnvFileContent(vars: Record<string, string>): string {
|
|
217
217
|
const sortedKeys = Object.keys(vars).sort();
|
|
218
218
|
|
|
219
219
|
return sortedKeys
|
|
220
220
|
.map((key) => {
|
|
221
221
|
const value = vars[key];
|
|
222
|
+
const needsQuoting =
|
|
223
|
+
value.includes(' ') ||
|
|
224
|
+
value.includes('"') ||
|
|
225
|
+
value.includes("'") ||
|
|
226
|
+
value.includes('\n') ||
|
|
227
|
+
value.includes('$') ||
|
|
228
|
+
value.includes('\\') ||
|
|
229
|
+
value.includes('#');
|
|
230
|
+
|
|
231
|
+
if (!needsQuoting) {
|
|
232
|
+
return `${key}=${value}`;
|
|
233
|
+
}
|
|
222
234
|
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
235
|
+
// Single quotes are phpdotenv "raw literal" mode — no $ expansion, no escapes.
|
|
236
|
+
// Use them whenever possible so randomly-generated secrets round-trip safely.
|
|
237
|
+
if (!value.includes("'") && !value.includes('\n')) {
|
|
238
|
+
return `${key}='${value}'`;
|
|
226
239
|
}
|
|
227
240
|
|
|
228
|
-
|
|
241
|
+
// Fall back to double quotes when the value itself contains a single quote
|
|
242
|
+
// or newline. Escape \, $, and " so phpdotenv reads the literal value.
|
|
243
|
+
const escaped = value
|
|
244
|
+
.replace(/\\/g, '\\\\')
|
|
245
|
+
.replace(/\$/g, '\\$')
|
|
246
|
+
.replace(/"/g, '\\"');
|
|
247
|
+
return `${key}="${escaped}"`;
|
|
229
248
|
})
|
|
230
249
|
.join('\n');
|
|
231
250
|
}
|