npm - @ossy/deployment-tools - Versions diffs - 0.0.94 → 0.0.97 - Mend

@ossy/deployment-tools 0.0.94 → 0.0.97

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/CHANGELOG.md +24 -0
package/README.md +38 -15
package/package.json +3 -2
package/src/deploy/cli.js +2 -2
package/src/index.cli.js +0 -0
package/src/infrastructure/container-deployment-target/container-deployment-target.js +3 -1
package/src/infrastructure/deployment-target-stack.js +22 -9

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,24 @@
+# Change Log
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+## 0.0.97 (2026-03-28)
+**Note:** Version bump only for package @ossy/deployment-tools
+## 0.0.96 (2026-03-28)
+**Note:** Version bump only for package @ossy/deployment-tools
+## 0.0.95 (2026-03-28)
+**Note:** Version bump only for package @ossy/deployment-tools

package/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
 # @ossy/deployment-tools
 Collection of scripts and tools to aid deployment of
-containers and static files to Amazon Web Services through GitHub Actions
+containers and static files to Amazon Web Services through GitHub Actions.
 ## Server
@@ -26,22 +26,45 @@ npx @ossy/deployment-tools server status
 ## Deployment
-### deploy
-Sends a deployment request to the aws sqs deployment queue.
+The first argument after the package name is the **handler** (`deployment`). Commands are **`deployment deploy`** (one site) and **`deployment deploy-all`** (every deployment entry for a platform).
+Deployments are read from a **glob** of JSON files (e.g. `deployments.json`), and platform definitions from a **platforms** JSON file. Domain and platform for a given site are **not** taken from `ossy.json`; they live in those deployment records (and, in app workflows, mirror **`domain` / `platform` in `src/config.js`** when you use **`@ossy/cli publish`**).
+### deploy (single domain)
 ```bash
-npx --yes @ossy/deployment-tools deploy \
-  --username ${{ github.actor }} \
-  --authentication ${{ secrets.GITHUB_TOKEN }} \
-  --target-env ${{ github.event.inputs.environmentName }} \
-  --platforms packages/infrastructure/bin/deployment-platforms.json \
-  --ossyfile packages/${{ github.event.inputs.packageName }}/ossy.json \
+npx --yes @ossy/deployment-tools deployment deploy \
+  --username "${{ github.actor }}" \
+  --authentication "${{ secrets.GITHUB_TOKEN }}" \
+  --domain example.com \
+  --platform my-platform \
+  --platforms-path packages/infrastructure/bin/deployment-platforms.json \
+  --deployments-path "packages/infrastructure/deployments/**/*.json"
+```
+| Flag | Alias | Description |
+|------|--------|-------------|
+| `--username` | `-u` | User recorded on the deployment request |
+| `--authentication` | `-a` | Token used to authorize the request |
+| `--domain` | `-d` | Target site domain (must match an entry under that platform in the deployments glob) |
+| `--platform` | `-p` | Target deployment platform name |
+| `--platforms-path` | `-pp` | Path to platforms JSON (AWS / queue config) |
+| `--deployments-path` | `-dp` | Glob of deployment JSON files |
+### deploy-all (whole platform)
+```bash
+npx --yes @ossy/deployment-tools deployment deploy-all \
+  --username "${{ github.actor }}" \
+  --authentication "${{ secrets.GITHUB_TOKEN }}" \
+  --platform my-platform \
+  --platforms-path packages/infrastructure/bin/deployment-platforms.json \
+  --deployments-path "packages/infrastructure/deployments/**/*.json"
 ```
-The `cdk.json` file tells the CDK Toolkit how to execute your app.
+### Apps: use @ossy/cli publish
-* `cdk deploy`      deploy this stack to your default AWS account/region
-* `cdk diff`        compare deployed stack with current state
-* `cdk synth`       emits the synthesized CloudFormation template
+For Ossy apps, prefer **`npx @ossy/cli publish`** from the website package: it resolves **`--domain` / `--platform`** from **`src/config.js`** (or **`--config`**) when possible, calls **`deployment deploy`** (or **`deploy-all`** with **`--all`**), then can upload **resource templates** from the same config. See **`packages/cli/README.md`**.
 ## Useful commands
@@ -84,7 +107,7 @@ journalctl -u docker.service -n 200 -f
  - 1 release new version of the npm package with `npm publish`
  - 2 ssh into the instance with `ssh -i path/to/keys ubuntu@<ip>`
  - 3 stop the deployment-tools services with `sudo systemctl stop deployment-tools.service`
- - 4 remove the old version of the tool woth `rm -rf ~/.npm/_npx`
+ - 4 remove the old version of the tool with `rm -rf ~/.npm/_npx`
  - 5 start the deployment-tools services again with `sudo systemctl start deployment-tools.service`
 That's it, the service will download the latest version of the package.
@@ -103,4 +126,4 @@ sudo apt-get install -y nodejs
 # Verify the installation
 node --version
 npm --version
-```
+```

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ossy/deployment-tools",
-  "version": "0.0.94",
+  "version": "0.0.97",
   "description": "Collection of scripts and tools to aid deployment of containers and static files to Amazon Web Services through GitHub Actions",
   "source": "./src/index.js",
   "main": "./src/index.js",
@@ -30,5 +30,6 @@
   "devDependencies": {
     "jest": "^27.5.1",
     "jsdoc": "^4.0.2"
-  }
+  },
+  "gitHead": "2f021c5267eda824587a8670dc51507ce48720e0"
 }

package/src/deploy/cli.js CHANGED Viewed

@@ -11,7 +11,7 @@ const deploy = options => {
     '-u': '--username',
     '--authentication': String,
-    '--a': '--authentication',
+    '-a': '--authentication',
     '--domain': String,
     '-d': '--domain',
@@ -46,7 +46,7 @@ const deployAll = options => {
     '-u': '--username',
     '--authentication': String,
-    '--a': '--authentication',
+    '-a': '--authentication',
     '--platform': String,
     '-p': '--platform',

package/src/index.cli.js CHANGED Viewed

File without changes

package/src/infrastructure/container-deployment-target/container-deployment-target.js CHANGED Viewed

@@ -76,7 +76,9 @@ class ContainerDeploymentTarget extends Construct {
     const platformConfigDeployment = new BucketDeployment(this, 'PlatformConfigDeployment', {
       sources: [Source.jsonData('platform-config.json', { ...props.config, awsRoleToAssume: undefined })],
-      destinationBucket: props.bucket
+      destinationBucket: props.bucket,
+      // Default prune:true would delete every other object (e.g. media/*) on each infra deploy.
+      prune: false
     })
     const role = new Role(this, 'role', {

package/src/infrastructure/deployment-target-stack.js CHANGED Viewed

@@ -1,9 +1,9 @@
 /* eslint-disable no-new */
-const { nanoid } = require('nanoid')
 const { CfnOutput, Stack, RemovalPolicy } = require('aws-cdk-lib')
+const { BackupPlan, BackupVault, BackupResource } = require('aws-cdk-lib/aws-backup')
 const { Bucket, BlockPublicAccess } = require('aws-cdk-lib/aws-s3')
-const { Distribution, PriceClass } = require('aws-cdk-lib/aws-cloudfront')
-const { S3BucketOrigin,  } = require('aws-cdk-lib/aws-cloudfront-origins')
+const { Distribution, PriceClass, ResponseHeadersPolicy } = require('aws-cdk-lib/aws-cloudfront')
+const { S3BucketOrigin } = require('aws-cdk-lib/aws-cloudfront-origins')
 const { ContainerDeploymentTarget } = require('./container-deployment-target')
 /**
@@ -17,11 +17,6 @@ class DeploymentTargetStack extends Stack {
       throw ('[DeploymentTargetStack] No template provided')
     }
-    // create a bucket name before running cdk deploy and put it in config
-    // so that it won't change when updating resources
-    // const bucketId = nanoid().toLowerCase().replaceAll('_', '').replaceAll('-', '')
-    // const bucketName = `${props.config.platformName}-${bucketId}`
     // TODO: Check if the bucket already exists and use it
     // instead of having the whole deployment fail
     const staticDeploymentTarget =
@@ -30,6 +25,7 @@ class DeploymentTargetStack extends Stack {
         blockPublicAccess: BlockPublicAccess.BLOCK_ALL,
         removalPolicy: RemovalPolicy.RETAIN,
         autoDeleteObjects: false,
+        versioned: true,
         cors: [{
           allowedHeaders: ['*'],
           allowedMethods: ['GET', 'PUT', 'POST' ],
@@ -38,9 +34,26 @@ class DeploymentTargetStack extends Stack {
         }]
       })
+    const mediaBackupVault = new BackupVault(this, 'StaticMediaBackupVault', {
+      backupVaultName: `${props.config.platformName}-static-media`,
+      removalPolicy: RemovalPolicy.RETAIN
+    })
+    const mediaBackupPlan = BackupPlan.daily35DayRetention(this, 'StaticMediaBackupPlan', mediaBackupVault)
+    mediaBackupPlan.addSelection('StaticDeploymentTargetBucket', {
+      backupSelectionName: `${props.config.platformName}-s3-static-media`,
+      resources: [BackupResource.fromArn(staticDeploymentTarget.bucketArn)],
+      allowRestores: true
+    })
     const mediaCDN = new Distribution(this, 'Media', {
         defaultBehavior: {
-          origin: S3BucketOrigin.withOriginAccessControl(staticDeploymentTarget, { originPath: '/media' })
+          origin: S3BucketOrigin.withOriginAccessControl(staticDeploymentTarget, { originPath: '/media' }),
+          // S3 bucket CORS does not add headers on viewer responses; without this, browser fetch()
+          // to the CDN is cross-origin and Chrome may block with net::ERR_BLOCKED_BY_ORB.
+          responseHeadersPolicy:
+            ResponseHeadersPolicy.CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT
         },
         priceClass: PriceClass.PRICE_CLASS_100
       })