@peterhauge/apiops-cli 0.3.0-alpha.0 → 0.4.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +166 -0
- package/README.md +6 -0
- package/dist/cli/init-command.js +5 -5
- package/dist/cli/init-command.js.map +1 -1
- package/dist/lib/render-template.d.ts +10 -0
- package/dist/lib/render-template.d.ts.map +1 -0
- package/dist/lib/render-template.js +14 -0
- package/dist/lib/render-template.js.map +1 -0
- package/dist/services/api-extractor.d.ts.map +1 -1
- package/dist/services/api-extractor.js +10 -6
- package/dist/services/api-extractor.js.map +1 -1
- package/dist/services/extract-service.d.ts.map +1 -1
- package/dist/services/extract-service.js +4 -2
- package/dist/services/extract-service.js.map +1 -1
- package/dist/services/identity-guide-service.d.ts +3 -4
- package/dist/services/identity-guide-service.d.ts.map +1 -1
- package/dist/services/identity-guide-service.js +6 -40
- package/dist/services/identity-guide-service.js.map +1 -1
- package/dist/services/init-service.d.ts.map +1 -1
- package/dist/services/init-service.js +61 -28
- package/dist/services/init-service.js.map +1 -1
- package/dist/services/product-extractor.d.ts.map +1 -1
- package/dist/services/product-extractor.js +4 -2
- package/dist/services/product-extractor.js.map +1 -1
- package/dist/services/publish-service.d.ts.map +1 -1
- package/dist/services/publish-service.js +30 -0
- package/dist/services/publish-service.js.map +1 -1
- package/dist/services/resource-publisher.d.ts +5 -0
- package/dist/services/resource-publisher.d.ts.map +1 -1
- package/dist/services/resource-publisher.js +15 -1
- package/dist/services/resource-publisher.js.map +1 -1
- package/dist/services/secret-redaction-guard.d.ts +40 -0
- package/dist/services/secret-redaction-guard.d.ts.map +1 -0
- package/dist/services/secret-redaction-guard.js +92 -0
- package/dist/services/secret-redaction-guard.js.map +1 -0
- package/dist/services/secret-redactor.d.ts +18 -0
- package/dist/services/secret-redactor.d.ts.map +1 -1
- package/dist/services/secret-redactor.js +172 -0
- package/dist/services/secret-redactor.js.map +1 -1
- package/dist/templates/azure-devops/publish-pipeline.d.ts.map +1 -1
- package/dist/templates/azure-devops/publish-pipeline.js +62 -28
- package/dist/templates/azure-devops/publish-pipeline.js.map +1 -1
- package/dist/templates/configs/filter-config.d.ts.map +1 -1
- package/dist/templates/configs/filter-config.js +6 -118
- package/dist/templates/configs/filter-config.js.map +1 -1
- package/dist/templates/configs/override-config.d.ts.map +1 -1
- package/dist/templates/configs/override-config.js +7 -92
- package/dist/templates/configs/override-config.js.map +1 -1
- package/dist/templates/configs/schema-ref.d.ts +18 -0
- package/dist/templates/configs/schema-ref.d.ts.map +1 -0
- package/dist/templates/configs/schema-ref.js +26 -0
- package/dist/templates/configs/schema-ref.js.map +1 -0
- package/dist/templates/copilot/configure-filter-prompt.d.ts +10 -0
- package/dist/templates/copilot/configure-filter-prompt.d.ts.map +1 -0
- package/dist/templates/copilot/configure-filter-prompt.js +14 -0
- package/dist/templates/copilot/configure-filter-prompt.js.map +1 -0
- package/dist/templates/copilot/configure-overrides-prompt.d.ts +7 -0
- package/dist/templates/copilot/configure-overrides-prompt.d.ts.map +1 -0
- package/dist/templates/copilot/configure-overrides-prompt.js +12 -0
- package/dist/templates/copilot/configure-overrides-prompt.js.map +1 -0
- package/dist/templates/copilot/identity-setup-prompt.d.ts.map +1 -1
- package/dist/templates/copilot/identity-setup-prompt.js +19 -24
- package/dist/templates/copilot/identity-setup-prompt.js.map +1 -1
- package/dist/templates/generated/embedded-markdown.d.ts +8 -5
- package/dist/templates/generated/embedded-markdown.d.ts.map +1 -1
- package/dist/templates/generated/embedded-markdown.js +8 -5
- package/dist/templates/generated/embedded-markdown.js.map +1 -1
- package/dist/templates/github-actions/extract-workflow.js +4 -4
- package/dist/templates/github-actions/publish-workflow.d.ts +2 -1
- package/dist/templates/github-actions/publish-workflow.d.ts.map +1 -1
- package/dist/templates/github-actions/publish-workflow.js +103 -78
- package/dist/templates/github-actions/publish-workflow.js.map +1 -1
- package/package.json +8 -5
|
@@ -2,54 +2,99 @@
|
|
|
2
2
|
// Licensed under the MIT license.
|
|
3
3
|
/**
|
|
4
4
|
* GitHub Actions publish workflow template
|
|
5
|
-
* Push-to-main trigger with commit ID choice
|
|
5
|
+
* Push-to-main trigger with commit ID choice and a single parameterized publish
|
|
6
|
+
* job driven by a workflow-level environment variable (TARGET_ENV)
|
|
6
7
|
*/
|
|
7
8
|
export function generatePublishWorkflow(config) {
|
|
9
|
+
const defaultEnvironment = config.environments[0] ?? 'dev';
|
|
8
10
|
const envChoices = config.environments.map((env) => ` - ${env}`).join('\n');
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
11
|
+
return `name: Run APIM Publisher
|
|
12
|
+
|
|
13
|
+
on:
|
|
14
|
+
push:
|
|
15
|
+
branches:
|
|
16
|
+
- main
|
|
17
|
+
paths:
|
|
18
|
+
- '${config.artifactDir}/**'
|
|
19
|
+
- 'configuration.*.yaml'
|
|
20
|
+
workflow_dispatch:
|
|
21
|
+
inputs:
|
|
22
|
+
COMMIT_ID_CHOICE:
|
|
23
|
+
description: 'Choose "publish-all-artifacts-in-repo" only when you want to force republishing all artifacts (e.g. after build failure). Otherwise stick with the default behavior of "publish-artifacts-in-last-commit"'
|
|
24
|
+
required: true
|
|
25
|
+
type: choice
|
|
26
|
+
default: publish-artifacts-in-last-commit
|
|
27
|
+
options:
|
|
28
|
+
- publish-artifacts-in-last-commit
|
|
29
|
+
- publish-all-artifacts-in-repo
|
|
30
|
+
ENVIRONMENT:
|
|
31
|
+
description: 'Choose which environment to publish to'
|
|
32
|
+
required: true
|
|
33
|
+
type: choice
|
|
34
|
+
default: ${defaultEnvironment}
|
|
35
|
+
options:
|
|
36
|
+
${envChoices}
|
|
37
|
+
|
|
38
|
+
permissions:
|
|
39
|
+
id-token: write
|
|
40
|
+
contents: read
|
|
41
|
+
|
|
42
|
+
# A single workflow-level variable selects the target environment. On manual runs
|
|
43
|
+
# it comes from the ENVIRONMENT input; on push to main it defaults to '${defaultEnvironment}'.
|
|
44
|
+
env:
|
|
45
|
+
TARGET_ENV: \${{ github.event.inputs.ENVIRONMENT || '${defaultEnvironment}' }}
|
|
46
|
+
|
|
47
|
+
jobs:
|
|
48
|
+
get-commit:
|
|
20
49
|
runs-on: ubuntu-latest
|
|
21
|
-
|
|
50
|
+
outputs:
|
|
51
|
+
commit_id: \${{ steps.commit.outputs.commit_id }}
|
|
52
|
+
steps:
|
|
53
|
+
- name: Set the Commit Id
|
|
54
|
+
id: commit
|
|
55
|
+
run: echo "commit_id=\${GITHUB_SHA}" >> $GITHUB_OUTPUT
|
|
56
|
+
|
|
57
|
+
publish:
|
|
58
|
+
runs-on: ubuntu-latest
|
|
59
|
+
environment: \${{ github.event.inputs.ENVIRONMENT || '${defaultEnvironment}' }}
|
|
22
60
|
needs: get-commit
|
|
23
61
|
steps:
|
|
24
62
|
- name: Checkout repository
|
|
25
|
-
uses: actions/checkout@
|
|
63
|
+
uses: actions/checkout@v5
|
|
26
64
|
with:
|
|
27
65
|
fetch-depth: 2
|
|
28
66
|
|
|
29
67
|
- name: Setup Node.js
|
|
30
|
-
uses: actions/setup-node@
|
|
68
|
+
uses: actions/setup-node@v5
|
|
31
69
|
with:
|
|
32
70
|
node-version: '22'
|
|
33
71
|
|
|
34
72
|
- name: Install dependencies
|
|
35
73
|
run: npm install
|
|
36
74
|
|
|
75
|
+
- name: Resolve target environment
|
|
76
|
+
id: env
|
|
77
|
+
run: |
|
|
78
|
+
echo "name=\${TARGET_ENV}" >> "$GITHUB_OUTPUT"
|
|
79
|
+
echo "upper=$(echo "\${TARGET_ENV}" | tr '[:lower:]' '[:upper:]')" >> "$GITHUB_OUTPUT"
|
|
80
|
+
|
|
37
81
|
- name: Azure Login (Federated Credential)
|
|
38
|
-
uses: azure/login@
|
|
82
|
+
uses: azure/login@v3
|
|
39
83
|
with:
|
|
40
84
|
client-id: \${{ secrets.AZURE_CLIENT_ID }}
|
|
41
85
|
tenant-id: \${{ secrets.AZURE_TENANT_ID }}
|
|
42
86
|
subscription-id: \${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
|
43
87
|
|
|
44
|
-
- name: Validate token source values
|
|
88
|
+
- name: Validate token source values
|
|
45
89
|
env:
|
|
46
90
|
AVAILABLE_SECRETS_JSON: \${{ toJSON(secrets) }}
|
|
47
91
|
run: |
|
|
48
92
|
missing=0
|
|
49
|
-
|
|
93
|
+
config_file="configuration.\${TARGET_ENV}.yaml"
|
|
94
|
+
tokens=$(grep -o '{#\\[[^]]*\\]#}' "$config_file" | sed -E 's/^\\{#\\[([^]]+)\\]#\\}$/\\1/' | sort -u || true)
|
|
50
95
|
|
|
51
96
|
if [ -z "$tokens" ]; then
|
|
52
|
-
echo "No tokens found in
|
|
97
|
+
echo "No tokens found in $config_file"
|
|
53
98
|
exit 0
|
|
54
99
|
fi
|
|
55
100
|
|
|
@@ -78,87 +123,67 @@ ${autoDeployComment}
|
|
|
78
123
|
exit 1
|
|
79
124
|
fi
|
|
80
125
|
|
|
81
|
-
- name: Substitute tokens in configuration
|
|
82
|
-
uses: cschleiden/replace-tokens@v1.
|
|
126
|
+
- name: Substitute tokens in configuration file
|
|
127
|
+
uses: cschleiden/replace-tokens@v1.4
|
|
83
128
|
with:
|
|
84
129
|
tokenPrefix: '{#['
|
|
85
130
|
tokenSuffix: ']#}'
|
|
86
|
-
files: '["configuration
|
|
131
|
+
files: '["configuration.\${{ env.TARGET_ENV }}.yaml"]'
|
|
87
132
|
# Token values are injected in the previous step based on token names.
|
|
88
|
-
# Ensure tokens in configuration
|
|
133
|
+
# Ensure tokens in the configuration file match secret names exactly.
|
|
89
134
|
|
|
90
|
-
- name: Validate token substitution
|
|
135
|
+
- name: Validate token substitution
|
|
91
136
|
run: |
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
137
|
+
config_file="configuration.\${TARGET_ENV}.yaml"
|
|
138
|
+
if grep -q '{#\\[' "$config_file"; then
|
|
139
|
+
echo "Unresolved tokens remain in $config_file"
|
|
140
|
+
grep -o '{#\\[[^]]*\\]#}' "$config_file" | sort -u
|
|
95
141
|
exit 1
|
|
96
142
|
fi
|
|
97
143
|
|
|
98
|
-
- name:
|
|
144
|
+
- name: Dry-run validation (incremental)
|
|
99
145
|
if: \${{ github.event.inputs.COMMIT_ID_CHOICE != 'publish-all-artifacts-in-repo' }}
|
|
100
146
|
run: |
|
|
101
147
|
npx apiops publish \\
|
|
102
148
|
--subscription-id \${{ secrets.AZURE_SUBSCRIPTION_ID }} \\
|
|
103
|
-
--resource-group \${{ secrets
|
|
104
|
-
--service-name \${{ secrets
|
|
149
|
+
--resource-group \${{ secrets[format('APIM_RESOURCE_GROUP_{0}', steps.env.outputs.upper)] }} \\
|
|
150
|
+
--service-name \${{ secrets[format('APIM_SERVICE_NAME_{0}', steps.env.outputs.upper)] }} \\
|
|
105
151
|
--source ${config.artifactDir} \\
|
|
106
|
-
--overrides configuration
|
|
107
|
-
--commit-id \${{ needs.get-commit.outputs.commit_id }}
|
|
152
|
+
--overrides configuration.\${{ env.TARGET_ENV }}.yaml \\
|
|
153
|
+
--commit-id \${{ needs.get-commit.outputs.commit_id }} \\
|
|
154
|
+
--dry-run
|
|
108
155
|
|
|
109
|
-
- name:
|
|
156
|
+
- name: Dry-run validation (all artifacts)
|
|
110
157
|
if: \${{ github.event.inputs.COMMIT_ID_CHOICE == 'publish-all-artifacts-in-repo' }}
|
|
111
158
|
run: |
|
|
112
159
|
npx apiops publish \\
|
|
113
160
|
--subscription-id \${{ secrets.AZURE_SUBSCRIPTION_ID }} \\
|
|
114
|
-
--resource-group \${{ secrets
|
|
115
|
-
--service-name \${{ secrets
|
|
161
|
+
--resource-group \${{ secrets[format('APIM_RESOURCE_GROUP_{0}', steps.env.outputs.upper)] }} \\
|
|
162
|
+
--service-name \${{ secrets[format('APIM_SERVICE_NAME_{0}', steps.env.outputs.upper)] }} \\
|
|
116
163
|
--source ${config.artifactDir} \\
|
|
117
|
-
--overrides configuration
|
|
118
|
-
|
|
119
|
-
}).join('\n');
|
|
120
|
-
return `name: Run APIM Publisher
|
|
121
|
-
|
|
122
|
-
on:
|
|
123
|
-
push:
|
|
124
|
-
branches:
|
|
125
|
-
- main
|
|
126
|
-
paths:
|
|
127
|
-
- '${config.artifactDir}/**'
|
|
128
|
-
- 'configuration.*.yaml'
|
|
129
|
-
workflow_dispatch:
|
|
130
|
-
inputs:
|
|
131
|
-
COMMIT_ID_CHOICE:
|
|
132
|
-
description: 'Choose "publish-all-artifacts-in-repo" only when you want to force republishing all artifacts (e.g. after build failure). Otherwise stick with the default behavior of "publish-artifacts-in-last-commit"'
|
|
133
|
-
required: true
|
|
134
|
-
type: choice
|
|
135
|
-
default: publish-artifacts-in-last-commit
|
|
136
|
-
options:
|
|
137
|
-
- publish-artifacts-in-last-commit
|
|
138
|
-
- publish-all-artifacts-in-repo
|
|
139
|
-
ENVIRONMENT:
|
|
140
|
-
description: 'Choose which environment to publish to'
|
|
141
|
-
required: true
|
|
142
|
-
type: choice
|
|
143
|
-
default: ${config.environments[0]}
|
|
144
|
-
options:
|
|
145
|
-
${envChoices}
|
|
164
|
+
--overrides configuration.\${{ env.TARGET_ENV }}.yaml \\
|
|
165
|
+
--dry-run
|
|
146
166
|
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
- name: Set the Commit Id
|
|
158
|
-
id: commit
|
|
159
|
-
run: echo "commit_id=\${GITHUB_SHA}" >> $GITHUB_OUTPUT
|
|
167
|
+
- name: Publish (incremental - last commit only)
|
|
168
|
+
if: \${{ github.event.inputs.COMMIT_ID_CHOICE != 'publish-all-artifacts-in-repo' }}
|
|
169
|
+
run: |
|
|
170
|
+
npx apiops publish \\
|
|
171
|
+
--subscription-id \${{ secrets.AZURE_SUBSCRIPTION_ID }} \\
|
|
172
|
+
--resource-group \${{ secrets[format('APIM_RESOURCE_GROUP_{0}', steps.env.outputs.upper)] }} \\
|
|
173
|
+
--service-name \${{ secrets[format('APIM_SERVICE_NAME_{0}', steps.env.outputs.upper)] }} \\
|
|
174
|
+
--source ${config.artifactDir} \\
|
|
175
|
+
--overrides configuration.\${{ env.TARGET_ENV }}.yaml \\
|
|
176
|
+
--commit-id \${{ needs.get-commit.outputs.commit_id }}
|
|
160
177
|
|
|
161
|
-
|
|
178
|
+
- name: Publish (all artifacts)
|
|
179
|
+
if: \${{ github.event.inputs.COMMIT_ID_CHOICE == 'publish-all-artifacts-in-repo' }}
|
|
180
|
+
run: |
|
|
181
|
+
npx apiops publish \\
|
|
182
|
+
--subscription-id \${{ secrets.AZURE_SUBSCRIPTION_ID }} \\
|
|
183
|
+
--resource-group \${{ secrets[format('APIM_RESOURCE_GROUP_{0}', steps.env.outputs.upper)] }} \\
|
|
184
|
+
--service-name \${{ secrets[format('APIM_SERVICE_NAME_{0}', steps.env.outputs.upper)] }} \\
|
|
185
|
+
--source ${config.artifactDir} \\
|
|
186
|
+
--overrides configuration.\${{ env.TARGET_ENV }}.yaml
|
|
162
187
|
`;
|
|
163
188
|
}
|
|
164
189
|
//# sourceMappingURL=publish-workflow.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"publish-workflow.js","sourceRoot":"","sources":["../../../src/templates/github-actions/publish-workflow.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC
|
|
1
|
+
{"version":3,"file":"publish-workflow.js","sourceRoot":"","sources":["../../../src/templates/github-actions/publish-workflow.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC;;;;GAIG;AAOH,MAAM,UAAU,uBAAuB,CAAC,MAA6B;IACnE,MAAM,kBAAkB,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC;IAC3D,MAAM,UAAU,GAAG,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAErF,OAAO;;;;;;;WAOE,MAAM,CAAC,WAAW;;;;;;;;;;;;;;;;mBAgBV,kBAAkB;;EAEnC,UAAU;;;;;;;yEAO6D,kBAAkB;;yDAElC,kBAAkB;;;;;;;;;;;;;;4DAcf,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;uBA4FvD,MAAM,CAAC,WAAW;;;;;;;;;;;;uBAYlB,MAAM,CAAC,WAAW;;;;;;;;;;;uBAWlB,MAAM,CAAC,WAAW;;;;;;;;;;;uBAWlB,MAAM,CAAC,WAAW;;CAExC,CAAC;AACF,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@peterhauge/apiops-cli",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.4.0-alpha.0",
|
|
4
|
+
"schemaVersion": "1",
|
|
4
5
|
"description": "CLI tool for Azure API Management configuration-as-code",
|
|
5
6
|
"type": "module",
|
|
6
7
|
"private": false,
|
|
@@ -10,13 +11,14 @@
|
|
|
10
11
|
"apiops": "dist/cli/index.js"
|
|
11
12
|
},
|
|
12
13
|
"files": [
|
|
13
|
-
"dist"
|
|
14
|
+
"dist",
|
|
15
|
+
"CHANGELOG.md"
|
|
14
16
|
],
|
|
15
17
|
"readme": "README.md",
|
|
16
18
|
"scripts": {
|
|
17
|
-
"prelint": "node scripts/embed-markdown-templates.mjs",
|
|
18
|
-
"prebuild": "node scripts/embed-markdown-templates.mjs",
|
|
19
|
-
"pretest": "node scripts/embed-markdown-templates.mjs",
|
|
19
|
+
"prelint": "node scripts/embed-markdown-templates.mjs && node scripts/generate-schemas.mjs",
|
|
20
|
+
"prebuild": "node scripts/embed-markdown-templates.mjs && node scripts/generate-schemas.mjs",
|
|
21
|
+
"pretest": "node scripts/embed-markdown-templates.mjs && node scripts/generate-schemas.mjs",
|
|
20
22
|
"build": "tsc",
|
|
21
23
|
"test": "vitest run",
|
|
22
24
|
"test:watch": "vitest",
|
|
@@ -44,6 +46,7 @@
|
|
|
44
46
|
"url": "https://github.com/Azure/apiops-cli/issues"
|
|
45
47
|
},
|
|
46
48
|
"homepage": "https://github.com/Azure/apiops-cli#readme",
|
|
49
|
+
"changelog": "https://github.com/Azure/apiops-cli/blob/main/CHANGELOG.md",
|
|
47
50
|
"dependencies": {
|
|
48
51
|
"@azure/identity": "^4.13.1",
|
|
49
52
|
"any-ascii": "^0.3.3",
|