@ossy/deployment-tools 0.0.46 → 0.0.47
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ossy/deployment-tools",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.47",
|
|
4
4
|
"description": "Collection of scripts and tools to aid deployment of containers and static files to Amazon Web Services through GitHub Actions",
|
|
5
5
|
"main": "./src/index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -35,6 +35,7 @@ class AwsCredentialsService {
|
|
|
35
35
|
sessionToken: responseData.Credentials.SessionToken,
|
|
36
36
|
secretAccessKey: responseData.Credentials.SecretAccessKey
|
|
37
37
|
}))
|
|
38
|
+
.then(x => AwsCredentialsService.exportCredentialsToGithubWorkflow({ ...x, awsRegion: platformConfig.awsRegion }))
|
|
38
39
|
.catch(error => {
|
|
39
40
|
logError({ message: '[AwsCredentialsService] Could not resolve temporary credentials', error })
|
|
40
41
|
return undefined
|
|
@@ -44,7 +45,7 @@ class AwsCredentialsService {
|
|
|
44
45
|
static exportCredentialsToGithubWorkflow(params) {
|
|
45
46
|
// Configure the AWS CLI and AWS SDKs using environment variables and set them as secrets.
|
|
46
47
|
// Setting the credentials as secrets masks them in Github Actions logs
|
|
47
|
-
const { accessKeyId, secretAccessKey, sessionToken } = params
|
|
48
|
+
const { accessKeyId, secretAccessKey, sessionToken, awsRegion } = params
|
|
48
49
|
|
|
49
50
|
// AWS_ACCESS_KEY_ID:
|
|
50
51
|
// Specifies an AWS access key associated with an IAM user or role
|
|
@@ -65,6 +66,15 @@ class AwsCredentialsService {
|
|
|
65
66
|
// clear session token from previous credentials action
|
|
66
67
|
core.exportVariable('AWS_SESSION_TOKEN', '')
|
|
67
68
|
}
|
|
69
|
+
|
|
70
|
+
if (awsRegion) {
|
|
71
|
+
core.exportVariable('AWS_REGION', awsRegion)
|
|
72
|
+
} else if (process.env.AWS_REGION) {
|
|
73
|
+
// clear AWS_REGION from previous credentials action
|
|
74
|
+
core.exportVariable('AWS_REGION', '')
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
return params
|
|
68
78
|
}
|
|
69
79
|
|
|
70
80
|
}
|
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
const arg = require('arg')
|
|
3
3
|
const { AwsCredentialsService } = require('./aws-credentials')
|
|
4
4
|
|
|
5
|
+
const { PlatformTemplateService } = require('../template')
|
|
6
|
+
const { PlatformConfigService } = require('../config')
|
|
5
7
|
const { logInfo, logError } = require('../log')
|
|
6
8
|
|
|
7
9
|
//eslint-disable-next-line no-unused-vars
|
|
@@ -23,6 +25,32 @@ const resolveCredentials = () => {
|
|
|
23
25
|
})
|
|
24
26
|
}
|
|
25
27
|
|
|
28
|
+
const assumeRole = () => {
|
|
29
|
+
logInfo({ message: 'assume-role' })
|
|
30
|
+
|
|
31
|
+
const parsedArgs = arg({
|
|
32
|
+
'--platforms': String,
|
|
33
|
+
'--target-platform': String
|
|
34
|
+
}, { argv: options })
|
|
35
|
+
|
|
36
|
+
const [platformName] = parsedArgs['--target-platform']
|
|
37
|
+
|
|
38
|
+
PlatformTemplateService.readFromFile(parsedArgs['--platforms'] || process.env.PLATFORMS)
|
|
39
|
+
.then(templates => templates.map(PlatformConfigService.from))
|
|
40
|
+
.then(configs => configs.find(x => x.platformName === platformName))
|
|
41
|
+
.then(targetConfig => {
|
|
42
|
+
|
|
43
|
+
if (!targetConfig) {
|
|
44
|
+
return logError({ message: 'No configuration found' })
|
|
45
|
+
}
|
|
46
|
+
|
|
47
|
+
AwsCredentialsService.resolveAwsCredentials(targetConfig)
|
|
48
|
+
.then(() => logInfo({ message: `Assumed role for ${targetConfig.platformName}` }))
|
|
49
|
+
|
|
50
|
+
})
|
|
51
|
+
|
|
52
|
+
}
|
|
53
|
+
|
|
26
54
|
!!command
|
|
27
|
-
? { 'resolve-credentials': resolveCredentials }[command]()
|
|
55
|
+
? { 'resolve-credentials': resolveCredentials, 'assume-role': assumeRole }[command]()
|
|
28
56
|
: logError({ message: 'No command provided' })
|