@quiltdata/benchling-webhook 0.5.4 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +273 -10
- package/dist/bin/benchling-webhook.d.ts +1 -1
- package/dist/bin/benchling-webhook.d.ts.map +1 -1
- package/dist/bin/benchling-webhook.js +8 -22
- package/dist/bin/benchling-webhook.js.map +1 -1
- package/dist/bin/cdk-dev.js +59 -3
- package/dist/bin/cli.js +16 -6
- package/dist/bin/cli.js.map +1 -1
- package/dist/bin/commands/deploy.d.ts +6 -2
- package/dist/bin/commands/deploy.d.ts.map +1 -1
- package/dist/bin/commands/deploy.js +149 -90
- package/dist/bin/commands/deploy.js.map +1 -1
- package/dist/bin/config-profiles.d.ts +59 -0
- package/dist/bin/config-profiles.d.ts.map +1 -0
- package/dist/bin/config-profiles.js +272 -0
- package/dist/bin/config-profiles.js.map +1 -0
- package/dist/bin/create-secret.d.ts +25 -0
- package/dist/bin/create-secret.d.ts.map +1 -0
- package/dist/bin/create-secret.js +239 -0
- package/dist/bin/create-secret.js.map +1 -0
- package/dist/lib/benchling-auth-validator.d.ts +65 -0
- package/dist/lib/benchling-auth-validator.d.ts.map +1 -0
- package/dist/lib/benchling-auth-validator.js +213 -0
- package/dist/lib/benchling-auth-validator.js.map +1 -0
- package/dist/lib/benchling-webhook-stack.d.ts +13 -10
- package/dist/lib/benchling-webhook-stack.d.ts.map +1 -1
- package/dist/lib/benchling-webhook-stack.js +25 -69
- package/dist/lib/benchling-webhook-stack.js.map +1 -1
- package/dist/lib/config-logger.d.ts +191 -0
- package/dist/lib/config-logger.d.ts.map +1 -0
- package/dist/lib/config-logger.js +372 -0
- package/dist/lib/config-logger.js.map +1 -0
- package/dist/lib/configuration-saver.d.ts +75 -0
- package/dist/lib/configuration-saver.d.ts.map +1 -0
- package/dist/lib/configuration-saver.js +145 -0
- package/dist/lib/configuration-saver.js.map +1 -0
- package/dist/lib/configuration-validator.d.ts +63 -0
- package/dist/lib/configuration-validator.d.ts.map +1 -0
- package/dist/lib/configuration-validator.js +136 -0
- package/dist/lib/configuration-validator.js.map +1 -0
- package/dist/lib/configuration-wizard.d.ts +52 -0
- package/dist/lib/configuration-wizard.d.ts.map +1 -0
- package/dist/lib/configuration-wizard.js +193 -0
- package/dist/lib/configuration-wizard.js.map +1 -0
- package/dist/lib/fargate-service.d.ts +18 -9
- package/dist/lib/fargate-service.d.ts.map +1 -1
- package/dist/lib/fargate-service.js +177 -61
- package/dist/lib/fargate-service.js.map +1 -1
- package/dist/lib/quilt-config-resolver.d.ts +53 -0
- package/dist/lib/quilt-config-resolver.d.ts.map +1 -0
- package/dist/lib/quilt-config-resolver.js +100 -0
- package/dist/lib/quilt-config-resolver.js.map +1 -0
- package/dist/lib/s3-bucket-validator.d.ts +76 -0
- package/dist/lib/s3-bucket-validator.d.ts.map +1 -0
- package/dist/lib/s3-bucket-validator.js +237 -0
- package/dist/lib/s3-bucket-validator.js.map +1 -0
- package/dist/lib/types/config.d.ts +398 -0
- package/dist/lib/types/config.d.ts.map +1 -0
- package/dist/lib/types/config.js +11 -0
- package/dist/lib/types/config.js.map +1 -0
- package/dist/lib/utils/config-loader.d.ts +48 -0
- package/dist/lib/utils/config-loader.d.ts.map +1 -0
- package/dist/lib/utils/config-loader.js +109 -0
- package/dist/lib/utils/config-loader.js.map +1 -0
- package/dist/lib/utils/config-resolver.d.ts +138 -0
- package/dist/lib/utils/config-resolver.d.ts.map +1 -0
- package/dist/lib/utils/config-resolver.js +272 -0
- package/dist/lib/utils/config-resolver.js.map +1 -0
- package/dist/lib/utils/config.d.ts +50 -0
- package/dist/lib/utils/config.d.ts.map +1 -1
- package/dist/lib/utils/config.js +86 -0
- package/dist/lib/utils/config.js.map +1 -1
- package/dist/lib/utils/secrets.d.ts +174 -0
- package/dist/lib/utils/secrets.d.ts.map +1 -0
- package/dist/lib/utils/secrets.js +351 -0
- package/dist/lib/utils/secrets.js.map +1 -0
- package/dist/lib/xdg-cli-wrapper.d.ts +113 -0
- package/dist/lib/xdg-cli-wrapper.d.ts.map +1 -0
- package/dist/lib/xdg-cli-wrapper.js +288 -0
- package/dist/lib/xdg-cli-wrapper.js.map +1 -0
- package/dist/lib/xdg-config.d.ts +187 -0
- package/dist/lib/xdg-config.d.ts.map +1 -0
- package/dist/lib/xdg-config.js +562 -0
- package/dist/lib/xdg-config.js.map +1 -0
- package/dist/package.json +33 -25
- package/dist/scripts/config-health-check.d.ts +78 -0
- package/dist/scripts/config-health-check.d.ts.map +1 -0
- package/dist/scripts/config-health-check.js +559 -0
- package/dist/scripts/config-health-check.js.map +1 -0
- package/dist/scripts/infer-quilt-config.d.ts +50 -0
- package/dist/scripts/infer-quilt-config.d.ts.map +1 -0
- package/dist/scripts/infer-quilt-config.js +353 -0
- package/dist/scripts/infer-quilt-config.js.map +1 -0
- package/dist/scripts/install-wizard.d.ts +34 -0
- package/dist/scripts/install-wizard.d.ts.map +1 -0
- package/dist/scripts/install-wizard.js +719 -0
- package/dist/scripts/install-wizard.js.map +1 -0
- package/dist/scripts/sync-secrets.d.ts +63 -0
- package/dist/scripts/sync-secrets.d.ts.map +1 -0
- package/dist/scripts/sync-secrets.js +424 -0
- package/dist/scripts/sync-secrets.js.map +1 -0
- package/env.template +60 -47
- package/package.json +33 -25
package/README.md
CHANGED
|
@@ -7,6 +7,7 @@ Connects Benchling lab notebook entries to Quilt data packages via webhooks.
|
|
|
7
7
|
- `npx` from Node.js 18+ ([download](https://nodejs.org))
|
|
8
8
|
- [AWS credentials](https://docs.aws.amazon.com/cli/v1/userguide/cli-configure-files.html) configured
|
|
9
9
|
- Existing [Quilt deployment](https://www.quilt.bio/install)
|
|
10
|
+
- Benchling tenant with OAuth app configured
|
|
10
11
|
|
|
11
12
|
## Setup
|
|
12
13
|
|
|
@@ -18,15 +19,52 @@ npx @quiltdata/benchling-webhook manifest
|
|
|
18
19
|
|
|
19
20
|
Follow the displayed instructions to [upload the manifest](https://docs.benchling.com/docs/getting-started-benchling-apps#creating-an-app-from-a-manifest) to Benchling and get your App Definition ID.
|
|
20
21
|
|
|
21
|
-
### 2.
|
|
22
|
+
### 2. Store Benchling Secrets in AWS Secrets Manager
|
|
23
|
+
|
|
24
|
+
Create a secret in AWS Secrets Manager with your Benchling credentials:
|
|
25
|
+
|
|
26
|
+
```bash
|
|
27
|
+
aws secretsmanager create-secret \
|
|
28
|
+
--name benchling-webhook-credentials \
|
|
29
|
+
--description "Benchling OAuth credentials" \
|
|
30
|
+
--secret-string '{
|
|
31
|
+
"client_id": "your-benchling-client-id",
|
|
32
|
+
"client_secret": "your-benchling-client-secret",
|
|
33
|
+
"tenant": "your-tenant",
|
|
34
|
+
"app_definition_id": "your-app-definition-id"
|
|
35
|
+
}'
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
> **Note**: The secret must contain `client_id`, `client_secret`, and `tenant`. The `app_definition_id` is optional but recommended.
|
|
39
|
+
|
|
40
|
+
### 3. Deploy to AWS (Secrets-Only Mode - v0.6.0+)
|
|
41
|
+
|
|
42
|
+
**Recommended: Secrets-Only Mode** - Minimal configuration, all settings resolved from AWS:
|
|
43
|
+
|
|
44
|
+
```bash
|
|
45
|
+
npx @quiltdata/benchling-webhook deploy \
|
|
46
|
+
--quilt-stack-arn "arn:aws:cloudformation:us-east-1:123456789012:stack/QuiltStack/abc123" \
|
|
47
|
+
--benchling-secret "benchling-webhook-credentials"
|
|
48
|
+
```
|
|
49
|
+
|
|
50
|
+
That's it! The deployment automatically resolves:
|
|
51
|
+
- Quilt catalog URL from your stack
|
|
52
|
+
- S3 bucket configuration
|
|
53
|
+
- Athena database name
|
|
54
|
+
- SQS queue ARN
|
|
55
|
+
- AWS region and account
|
|
56
|
+
|
|
57
|
+
**Alternative: Legacy Mode** - For existing deployments or manual configuration:
|
|
22
58
|
|
|
23
59
|
```bash
|
|
24
|
-
npx @quiltdata/benchling-webhook
|
|
60
|
+
npx @quiltdata/benchling-webhook deploy \
|
|
61
|
+
--benchling-secrets @benchling-secrets.json \
|
|
62
|
+
--catalog your-catalog.quiltdata.com
|
|
25
63
|
```
|
|
26
64
|
|
|
27
|
-
|
|
65
|
+
**See [Secrets Configuration Guide](./docs/SECRETS_CONFIGURATION.md) and [Migration Guide](./docs/MIGRATION_GUIDE_V06.md) for more options**
|
|
28
66
|
|
|
29
|
-
###
|
|
67
|
+
### 4. Install in Benchling
|
|
30
68
|
|
|
31
69
|
After deployment, you'll receive a webhook URL. Set it in your Benchling app settings and [install the app](https://docs.benchling.com/docs/getting-started-benchling-apps#installing-your-app) in your tenant.
|
|
32
70
|
|
|
@@ -34,12 +72,162 @@ After deployment, you'll receive a webhook URL. Set it in your Benchling app set
|
|
|
34
72
|
|
|
35
73
|
In Benchling: Create entry → Insert Canvas → "Quilt Integration" → Create/Update package
|
|
36
74
|
|
|
75
|
+
## Configuration
|
|
76
|
+
|
|
77
|
+
### Deployment Modes (v0.6.0+)
|
|
78
|
+
|
|
79
|
+
#### Secrets-Only Mode (Recommended)
|
|
80
|
+
|
|
81
|
+
The simplest deployment method - just provide two parameters:
|
|
82
|
+
|
|
83
|
+
```bash
|
|
84
|
+
npx @quiltdata/benchling-webhook deploy \
|
|
85
|
+
--quilt-stack-arn "arn:aws:cloudformation:region:account:stack/QuiltStack/id" \
|
|
86
|
+
--benchling-secret "my-secret-name"
|
|
87
|
+
```
|
|
88
|
+
|
|
89
|
+
**Benefits**:
|
|
90
|
+
- ✅ Minimal configuration - only 2 parameters needed
|
|
91
|
+
- ✅ Centralized secrets in AWS Secrets Manager
|
|
92
|
+
- ✅ Automatic configuration resolution from CloudFormation
|
|
93
|
+
- ✅ No manual parameter updates when infrastructure changes
|
|
94
|
+
- ✅ Better security - no secrets in CI/CD pipelines
|
|
95
|
+
|
|
96
|
+
**How to find your Quilt Stack ARN**:
|
|
97
|
+
```bash
|
|
98
|
+
# List your CloudFormation stacks
|
|
99
|
+
aws cloudformation describe-stacks --query 'Stacks[?contains(StackName, `Quilt`)].StackId'
|
|
100
|
+
|
|
101
|
+
# Or from the AWS Console → CloudFormation → Stack Details → Stack info → ARN
|
|
102
|
+
```
|
|
103
|
+
|
|
104
|
+
#### Legacy Mode
|
|
105
|
+
|
|
106
|
+
For existing deployments or manual configuration:
|
|
107
|
+
|
|
108
|
+
```bash
|
|
109
|
+
# Option 1: Inline JSON
|
|
110
|
+
npx @quiltdata/benchling-webhook deploy \
|
|
111
|
+
--benchling-secrets '{"client_id":"xxx","client_secret":"yyy","tenant":"company"}' \
|
|
112
|
+
--catalog your-catalog.quiltdata.com
|
|
113
|
+
|
|
114
|
+
# Option 2: JSON File
|
|
115
|
+
npx @quiltdata/benchling-webhook deploy \
|
|
116
|
+
--benchling-secrets @benchling-secrets.json \
|
|
117
|
+
--catalog your-catalog.quiltdata.com
|
|
118
|
+
|
|
119
|
+
# Option 3: AWS Secrets Manager ARN
|
|
120
|
+
npx @quiltdata/benchling-webhook deploy \
|
|
121
|
+
--benchling-secrets "arn:aws:secretsmanager:region:account:secret:name" \
|
|
122
|
+
--catalog your-catalog.quiltdata.com
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
**📖 [Complete Configuration Guide](./docs/SECRETS_CONFIGURATION.md)**
|
|
126
|
+
**📖 [Migration Guide to v0.6.0](./docs/MIGRATION_GUIDE_V06.md)**
|
|
127
|
+
|
|
128
|
+
### Secret Format
|
|
129
|
+
|
|
130
|
+
**Required fields**:
|
|
131
|
+
- `client_id`: Benchling OAuth client ID
|
|
132
|
+
- `client_secret`: Benchling OAuth client secret
|
|
133
|
+
- `tenant`: Benchling tenant name (e.g., "company" for company.benchling.com)
|
|
134
|
+
|
|
135
|
+
**Optional fields**:
|
|
136
|
+
- `app_definition_id`: Benchling app definition ID
|
|
137
|
+
- `api_url`: Custom Benchling API URL
|
|
138
|
+
|
|
139
|
+
**Example**:
|
|
140
|
+
```json
|
|
141
|
+
{
|
|
142
|
+
"client_id": "abc123",
|
|
143
|
+
"client_secret": "secret_key",
|
|
144
|
+
"tenant": "mycompany",
|
|
145
|
+
"app_definition_id": "app_def_123"
|
|
146
|
+
}
|
|
147
|
+
```
|
|
148
|
+
|
|
149
|
+
### Updating Secrets
|
|
150
|
+
|
|
151
|
+
To update Benchling credentials after deployment:
|
|
152
|
+
|
|
153
|
+
**Method 1: Update in AWS Secrets Manager (Recommended)**
|
|
154
|
+
```bash
|
|
155
|
+
aws secretsmanager update-secret \
|
|
156
|
+
--secret-id benchling-webhook/credentials \
|
|
157
|
+
--secret-string '{"client_id":"new_id","client_secret":"new_secret","tenant":"company"}'
|
|
158
|
+
|
|
159
|
+
# Restart ECS service to pick up changes
|
|
160
|
+
aws ecs update-service \
|
|
161
|
+
--cluster benchling-webhook-cluster \
|
|
162
|
+
--service benchling-webhook-service \
|
|
163
|
+
--force-new-deployment
|
|
164
|
+
```
|
|
165
|
+
|
|
166
|
+
**Method 2: Redeploy Stack**
|
|
167
|
+
```bash
|
|
168
|
+
npx @quiltdata/benchling-webhook deploy \
|
|
169
|
+
--benchling-secrets @updated-secrets.json
|
|
170
|
+
```
|
|
171
|
+
|
|
172
|
+
## All Available Commands
|
|
173
|
+
|
|
37
174
|
For all available commands, run:
|
|
38
175
|
|
|
39
176
|
```bash
|
|
40
177
|
npx @quiltdata/benchling-webhook --help
|
|
41
178
|
```
|
|
42
179
|
|
|
180
|
+
### Commands
|
|
181
|
+
|
|
182
|
+
- `deploy` - Deploy the CDK stack to AWS (default command)
|
|
183
|
+
- `init` - Initialize configuration interactively
|
|
184
|
+
- `validate` - Validate configuration without deploying
|
|
185
|
+
- `test` - Test the deployed webhook endpoint
|
|
186
|
+
- `manifest` - Generate Benchling app manifest file
|
|
187
|
+
|
|
188
|
+
### Deploy Options
|
|
189
|
+
|
|
190
|
+
```bash
|
|
191
|
+
npx @quiltdata/benchling-webhook deploy [options]
|
|
192
|
+
```
|
|
193
|
+
|
|
194
|
+
**Secrets-Only Mode (v0.6.0+ - Recommended)**:
|
|
195
|
+
- `--quilt-stack-arn <arn>` - ARN of Quilt CloudFormation stack
|
|
196
|
+
- `--benchling-secret <name>` - Name or ARN of Benchling secret in Secrets Manager
|
|
197
|
+
|
|
198
|
+
**Legacy Mode Configuration**:
|
|
199
|
+
- `--benchling-secrets <value>` - Benchling secrets (ARN, JSON, or @file)
|
|
200
|
+
- `--catalog <url>` - Quilt catalog URL
|
|
201
|
+
- `--bucket <name>` - S3 bucket for data
|
|
202
|
+
|
|
203
|
+
**AWS Configuration**:
|
|
204
|
+
- `--profile <name>` - AWS profile to use
|
|
205
|
+
- `--region <region>` - AWS region to deploy to (auto-detected in secrets-only mode)
|
|
206
|
+
- `--image-tag <tag>` - Docker image tag to deploy (default: latest)
|
|
207
|
+
|
|
208
|
+
**Deployment Options**:
|
|
209
|
+
- `--env-file <path>` - Path to .env file (default: .env)
|
|
210
|
+
- `--yes` - Skip confirmation prompts
|
|
211
|
+
- `--no-bootstrap-check` - Skip CDK bootstrap verification
|
|
212
|
+
- `--require-approval <level>` - CDK approval level (default: never)
|
|
213
|
+
|
|
214
|
+
### Deprecated Parameters (v0.6.0+)
|
|
215
|
+
|
|
216
|
+
> ⚠️ **Warning**: The following parameters are deprecated and will be removed in v1.0.0
|
|
217
|
+
|
|
218
|
+
- `--tenant` - Use `--benchling-secrets` or secrets-only mode instead
|
|
219
|
+
- `--client-id` - Use `--benchling-secrets` or secrets-only mode instead
|
|
220
|
+
- `--client-secret` - Use `--benchling-secrets` or secrets-only mode instead
|
|
221
|
+
- `--app-id` - Use `--benchling-secrets` or secrets-only mode instead
|
|
222
|
+
|
|
223
|
+
**Migration guide**: See [Migration Guide to v0.6.0](./docs/MIGRATION_GUIDE_V06.md)
|
|
224
|
+
|
|
225
|
+
## Documentation
|
|
226
|
+
|
|
227
|
+
- 📖 [Secrets Configuration Guide](./docs/SECRETS_CONFIGURATION.md) - Comprehensive secrets management documentation
|
|
228
|
+
- 📖 [Architecture Decision Record: Secrets Management](./docs/ADR-001-SECRETS-MANAGEMENT.md) - Design decisions and rationale
|
|
229
|
+
- 📖 [CHANGELOG.md](./CHANGELOG.md) - Version history and release notes
|
|
230
|
+
|
|
43
231
|
## Development
|
|
44
232
|
|
|
45
233
|
For local development and contributing:
|
|
@@ -47,16 +235,91 @@ For local development and contributing:
|
|
|
47
235
|
```bash
|
|
48
236
|
git clone https://github.com/quiltdata/benchling-webhook.git
|
|
49
237
|
cd benchling-webhook
|
|
50
|
-
npm install
|
|
51
238
|
|
|
52
|
-
#
|
|
53
|
-
npm run
|
|
54
|
-
npm run cli -- deploy
|
|
239
|
+
# Install dependencies and configure (interactive)
|
|
240
|
+
npm run setup
|
|
55
241
|
|
|
56
|
-
|
|
57
|
-
npm run build
|
|
242
|
+
# Build package
|
|
243
|
+
npm run build
|
|
58
244
|
```
|
|
59
245
|
|
|
246
|
+
### Testing Workflow
|
|
247
|
+
|
|
248
|
+
```bash
|
|
249
|
+
# 1. Run unit tests (lint + typecheck + mocked tests)
|
|
250
|
+
npm run test
|
|
251
|
+
|
|
252
|
+
# 2. Run local integration tests (builds Docker, uses real Benchling payloads)
|
|
253
|
+
npm run test:local
|
|
254
|
+
|
|
255
|
+
# 3. Run remote integration tests (deploys dev stack, tests through API Gateway)
|
|
256
|
+
npm run test:remote
|
|
257
|
+
|
|
258
|
+
# Individual test commands
|
|
259
|
+
npm run test:ts # TypeScript tests only
|
|
260
|
+
npm run test:python # Python unit tests only
|
|
261
|
+
npm run build:typecheck # Type checking only
|
|
262
|
+
npm run lint # Linting only
|
|
263
|
+
```
|
|
264
|
+
|
|
265
|
+
### Release Workflow
|
|
266
|
+
|
|
267
|
+
```bash
|
|
268
|
+
# Create and push version tag (triggers release pipeline)
|
|
269
|
+
npm run release:tag
|
|
270
|
+
|
|
271
|
+
# CI will run:
|
|
272
|
+
# - npm run test:remote (builds dev image, deploys dev stack, tests)
|
|
273
|
+
# - npm run release (promotes to production after tests pass)
|
|
274
|
+
```
|
|
275
|
+
|
|
276
|
+
## Troubleshooting
|
|
277
|
+
|
|
278
|
+
### Common Issues
|
|
279
|
+
|
|
280
|
+
**Error: "Invalid secret ARN format"**
|
|
281
|
+
- Verify ARN format: `arn:aws:secretsmanager:region:account:secret:name`
|
|
282
|
+
- See [Troubleshooting Guide](./docs/SECRETS_CONFIGURATION.md#troubleshooting)
|
|
283
|
+
|
|
284
|
+
**Error: "Missing required field: client_id"**
|
|
285
|
+
- Check secret JSON includes all required fields: `client_id`, `client_secret`, `tenant`
|
|
286
|
+
- Validate JSON syntax: `echo '{"client_id":"..."}' | jq .`
|
|
287
|
+
|
|
288
|
+
**Deprecation Warning**
|
|
289
|
+
- Migrate to `--benchling-secrets` parameter
|
|
290
|
+
- See [Migration Guide](./docs/SECRETS_CONFIGURATION.md#migration-guide)
|
|
291
|
+
|
|
292
|
+
**For more help**: See [Secrets Configuration - Troubleshooting](./docs/SECRETS_CONFIGURATION.md#troubleshooting)
|
|
293
|
+
|
|
294
|
+
## Security
|
|
295
|
+
|
|
296
|
+
- Secrets are stored in AWS Secrets Manager with encryption at rest
|
|
297
|
+
- Secrets are masked in all CLI output
|
|
298
|
+
- CloudFormation parameters use `noEcho: true`
|
|
299
|
+
- IAM policies grant least-privilege access
|
|
300
|
+
- CloudTrail logs all secret access for audit
|
|
301
|
+
|
|
302
|
+
**Best Practices**:
|
|
303
|
+
- Never commit secrets to version control
|
|
304
|
+
- Use AWS Secrets Manager for production deployments
|
|
305
|
+
- Rotate secrets regularly
|
|
306
|
+
- Review IAM policies periodically
|
|
307
|
+
|
|
308
|
+
**For detailed security guidance**: See [Secrets Configuration - Security](./docs/SECRETS_CONFIGURATION.md#security-best-practices)
|
|
309
|
+
|
|
310
|
+
## Support
|
|
311
|
+
|
|
312
|
+
- 🐛 [Report Issues](https://github.com/quiltdata/benchling-webhook/issues)
|
|
313
|
+
- 📧 Security vulnerabilities: security@quiltdata.com
|
|
314
|
+
- 📖 [Documentation](./docs/)
|
|
315
|
+
- 💬 [Discussions](https://github.com/quiltdata/benchling-webhook/discussions)
|
|
316
|
+
|
|
60
317
|
## License
|
|
61
318
|
|
|
62
319
|
Apache-2.0
|
|
320
|
+
|
|
321
|
+
## Version
|
|
322
|
+
|
|
323
|
+
Current version: 0.5.4 (see [CHANGELOG.md](./CHANGELOG.md))
|
|
324
|
+
|
|
325
|
+
Next version: 0.6.0 (secrets management integration)
|
|
@@ -43,7 +43,7 @@ export declare function checkCdkBootstrap(account: string, region: string): Prom
|
|
|
43
43
|
export declare function inferConfiguration(catalogUrl: string): Promise<InferenceResult>;
|
|
44
44
|
/**
|
|
45
45
|
* Create CDK app and stack (synthesis only, no deployment)
|
|
46
|
-
*
|
|
46
|
+
* Secrets-only mode (v0.6.0+) - requires QUILT_STACK_ARN and BENCHLING_SECRET
|
|
47
47
|
*/
|
|
48
48
|
export declare function createStack(config: Config): DeploymentResult;
|
|
49
49
|
export { inferStackConfig };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"benchling-webhook.d.ts","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";AACA,OAAO,eAAe,CAAC;AACvB,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAEvE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAIlD,QAAA,MAAQ,gBAAgB,KAA4B,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC;IACb,KAAK,EAAE,qBAAqB,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CACnC,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,eAAe,CAAC,CAsC1B;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAoBrF;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,
|
|
1
|
+
{"version":3,"file":"benchling-webhook.d.ts","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";AACA,OAAO,eAAe,CAAC;AACvB,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAEvE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAIlD,QAAA,MAAQ,gBAAgB,KAA4B,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC;IACb,KAAK,EAAE,qBAAqB,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CACnC,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,eAAe,CAAC,CAsC1B;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAoBrF;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,CAuB5D;AAiKD,OAAO,EAAE,gBAAgB,EAAE,CAAC"}
|
|
@@ -107,7 +107,7 @@ async function inferConfiguration(catalogUrl) {
|
|
|
107
107
|
}
|
|
108
108
|
/**
|
|
109
109
|
* Create CDK app and stack (synthesis only, no deployment)
|
|
110
|
-
*
|
|
110
|
+
* Secrets-only mode (v0.6.0+) - requires QUILT_STACK_ARN and BENCHLING_SECRET
|
|
111
111
|
*/
|
|
112
112
|
function createStack(config) {
|
|
113
113
|
const app = new cdk.App();
|
|
@@ -116,16 +116,9 @@ function createStack(config) {
|
|
|
116
116
|
account: config.cdkAccount,
|
|
117
117
|
region: config.cdkRegion,
|
|
118
118
|
},
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
prefix: config.pkgPrefix || "benchling",
|
|
123
|
-
benchlingClientId: config.benchlingClientId,
|
|
124
|
-
benchlingClientSecret: config.benchlingClientSecret,
|
|
125
|
-
benchlingTenant: config.benchlingTenant,
|
|
126
|
-
quiltCatalog: config.quiltCatalog,
|
|
127
|
-
quiltDatabase: config.quiltDatabase,
|
|
128
|
-
webhookAllowList: config.webhookAllowList,
|
|
119
|
+
// Secrets-only mode parameters (v0.6.0+)
|
|
120
|
+
quiltStackArn: config.quiltStackArn,
|
|
121
|
+
benchlingSecret: config.benchlingSecret,
|
|
129
122
|
logLevel: config.logLevel || "INFO",
|
|
130
123
|
createEcrRepository: config.createEcrRepository === "true",
|
|
131
124
|
ecrRepositoryName: config.ecrRepositoryName || "quiltdata/benchling",
|
|
@@ -241,23 +234,16 @@ async function legacyMain() {
|
|
|
241
234
|
else {
|
|
242
235
|
console.log(`✓ CDK is bootstrapped (CDKToolkit stack: ${bootstrapStatus.status})\n`);
|
|
243
236
|
}
|
|
244
|
-
// Create stack
|
|
237
|
+
// Create stack - Secrets-only mode (v0.6.0+)
|
|
245
238
|
const app = new cdk.App();
|
|
246
239
|
new benchling_webhook_stack_1.BenchlingWebhookStack(app, "BenchlingWebhookStack", {
|
|
247
240
|
env: {
|
|
248
241
|
account: config.CDK_DEFAULT_ACCOUNT,
|
|
249
242
|
region: config.CDK_DEFAULT_REGION,
|
|
250
243
|
},
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
prefix: config.PKG_PREFIX || "benchling",
|
|
255
|
-
benchlingClientId: config.BENCHLING_CLIENT_ID,
|
|
256
|
-
benchlingClientSecret: config.BENCHLING_CLIENT_SECRET,
|
|
257
|
-
benchlingTenant: config.BENCHLING_TENANT,
|
|
258
|
-
quiltCatalog: config.QUILT_CATALOG,
|
|
259
|
-
quiltDatabase: config.QUILT_DATABASE,
|
|
260
|
-
webhookAllowList: config.WEBHOOK_ALLOW_LIST,
|
|
244
|
+
// Secrets-only mode parameters (v0.6.0+)
|
|
245
|
+
quiltStackArn: config.QUILT_STACK_ARN,
|
|
246
|
+
benchlingSecret: config.BENCHLING_SECRET,
|
|
261
247
|
logLevel: config.LOG_LEVEL || "INFO",
|
|
262
248
|
// ECR repository configuration
|
|
263
249
|
createEcrRepository: config.CREATE_ECR_REPOSITORY === "true",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"benchling-webhook.js","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6CA,8CAyCC;AAMD,gDAoBC;AAMD,
|
|
1
|
+
{"version":3,"file":"benchling-webhook.js","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6CA,8CAyCC;AAMD,gDAoBC;AAMD,kCAuBC;AA5ID,yBAAuB;AACvB,iDAAmC;AACnC,4EAAuE;AACvE,iDAAyC;AAGzC,mCAAmC;AACnC,iEAAiE;AACjE,MAAM,EAAE,gBAAgB,EAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;AAqS5C,4CAAgB;AArQzB;;;GAGG;AACI,KAAK,UAAU,iBAAiB,CACnC,OAAe,EACf,MAAc;IAEd,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,IAAA,wBAAQ,EACnB,+CAA+C,MAAM,6EAA6E,EAClI,EAAE,QAAQ,EAAE,OAAO,EAAE,CACxB,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;QAElC,IACI,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAC5C,WAAW,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EACnC,CAAC;YACC,OAAO;gBACH,YAAY,EAAE,KAAK;gBACnB,OAAO,EAAE,uCAAuC,OAAO,cAAc,MAAM,EAAE;gBAC7E,OAAO,EAAE,2BAA2B,OAAO,IAAI,MAAM,EAAE;aAC1D,CAAC;QACN,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,OAAO;gBACH,YAAY,EAAE,IAAI;gBAClB,MAAM,EAAE,WAAW;gBACnB,OAAO,EAAE,iCAAiC,WAAW,qCAAqC;aAC7F,CAAC;QACN,CAAC;QAED,OAAO;YACH,YAAY,EAAE,IAAI;YAClB,MAAM,EAAE,WAAW;SACtB,CAAC;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO;YACH,YAAY,EAAE,KAAK;YACnB,OAAO,EAAE,0CAA2C,KAAe,CAAC,OAAO,EAAE;SAChF,CAAC;IACN,CAAC;AACL,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,kBAAkB,CAAC,UAAkB;IACvD,IAAI,CAAC;QACL,gBAAgB;QACZ,MAAM,aAAa,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC;YAC/C,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,WAAW,UAAU,EAAE,CAAC;QAE9B,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,CAAC,CAAC;QAErD,OAAO;YACH,OAAO,EAAE,IAAI;YACb,YAAY,EAAE,MAAM,CAAC,YAAY;SACpC,CAAC;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO;YACH,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,EAAE;YAChB,KAAK,EAAG,KAAe,CAAC,OAAO;SAClC,CAAC;IACN,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAgB,WAAW,CAAC,MAAc;IACtC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;IAE1B,MAAM,KAAK,GAAG,IAAI,+CAAqB,CAAC,GAAG,EAAE,uBAAuB,EAAE;QAClE,GAAG,EAAE;YACD,OAAO,EAAE,MAAM,CAAC,UAAU;YAC1B,MAAM,EAAE,MAAM,CAAC,SAAS;SAC3B;QACD,yCAAyC;QACzC,aAAa,EAAE,MAAM,CAAC,aAAc;QACpC,eAAe,EAAE,MAAM,CAAC,eAAgB;QACxC,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,MAAM;QACnC,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,KAAK,MAAM;QAC1D,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,qBAAqB;QACpE,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,QAAQ;KACxC,CAAC,CAAC;IAEH,OAAO;QACH,GAAG;QACH,KAAK;QACL,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;KACzB,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,eAAe;IAC1B,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC;IAC5B,IAAI,WAAW,GAA2B,EAAE,CAAC;IAE7C,sEAAsE;IACtE,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QACxB,IAAI,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,yCAAyC,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;YAC9E,MAAM,MAAM,GAAG,MAAM,gBAAgB,CACjC,WAAW,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,EAAE,CACjE,CAAC;YACF,WAAW,GAAG,MAAM,CAAC,YAAY,CAAC;YAClC,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QACjE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACT,wDAAyD,KAAe,CAAC,OAAO,EAAE,CACrF,CAAC;YACF,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;IACL,CAAC;IAED,wDAAwD;IACxD,MAAM,MAAM,GAAG,EAAE,GAAG,WAAW,EAAE,GAAG,OAAO,EAAE,CAAC;IAE9C,yCAAyC;IACzC,MAAM,gBAAgB,GAAG;QACrB,eAAe;QACf,mBAAmB;QACnB,qBAAqB;QACrB,yBAAyB;QACzB,kBAAkB;KACrB,CAAC;IAEF,MAAM,WAAW,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;IAE3E,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAChE,WAAW,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC5B,OAAO,CAAC,KAAK,CAAC,OAAO,OAAO,EAAE,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACjE,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,uCAAuC;IACvC,MAAM,oBAAoB,GAAG;QACzB,qBAAqB;QACrB,oBAAoB;QACpB,WAAW;QACX,gBAAgB;KACnB,CAAC;IAEF,MAAM,mBAAmB,GAAG,oBAAoB,CAAC,MAAM,CACnD,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAChC,CAAC;IAEF,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAChE,mBAAmB,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YACpC,OAAO,CAAC,KAAK,CAAC,OAAO,OAAO,EAAE,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,KAAK,CACT,0EAA0E,CAC7E,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;QAChF,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACjE,OAAO,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;QACvF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,qCAAqC;IACrC,MAAM,uBAAuB,GAAG;QAC5B,kBAAkB;QAClB,qBAAqB;QACrB,yBAAyB;QACzB,6BAA6B;KACvB,CAAC;IAEX,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,MAAM,CACnD,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAC5B,CAAC;IAEF,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,KAAK,CACT,mEAAmE,CACtE,CAAC;QACF,gBAAgB,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC;QACnE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,OAAO,MAAM,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,UAAU;IACrB,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;IAEvC,kBAAkB;IAClB,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAC/C,MAAM,CAAC,mBAAoB,EAC3B,MAAM,CAAC,kBAAmB,CACzB,CAAC;IAEF,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QACvC,OAAO,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC1C,OAAO,CAAC,KAAK,CAAC,KAAK,eAAe,CAAC,OAAO,EAAE,CAAC,CAAC;QAC9C,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;QAC1B,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC7C,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QACvC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;SAAM,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,4CAA4C,eAAe,CAAC,MAAM,KAAK,CAAC,CAAC;IACzF,CAAC;IAED,6CAA6C;IAC7C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;IAC1B,IAAI,+CAAqB,CAAC,GAAG,EAAE,uBAAuB,EAAE;QACpD,GAAG,EAAE;YACD,OAAO,EAAE,MAAM,CAAC,mBAAmB;YACnC,MAAM,EAAE,MAAM,CAAC,kBAAkB;SACpC;QACD,yCAAyC;QACzC,aAAa,EAAE,MAAM,CAAC,eAAgB;QACtC,eAAe,EAAE,MAAM,CAAC,gBAAiB;QACzC,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM;QACpC,+BAA+B;QAC/B,mBAAmB,EAAE,MAAM,CAAC,qBAAqB,KAAK,MAAM;QAC5D,iBAAiB,EAAE,MAAM,CAAC,mBAAmB,IAAI,qBAAqB;KACzE,CAAC,CAAC;AACP,CAAC;AAED,6CAA6C;AAC7C,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;IAC1B,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACzB,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC,CAAC,CAAC;AACP,CAAC"}
|
package/dist/bin/cdk-dev.js
CHANGED
|
@@ -230,13 +230,69 @@ async function main() {
|
|
|
230
230
|
|
|
231
231
|
await waitForWorkflow(commitSha);
|
|
232
232
|
|
|
233
|
-
// 5. Deploy CDK stack with CI-built image tag
|
|
233
|
+
// 5. Deploy CDK stack with CI-built image tag using secrets-only mode
|
|
234
234
|
console.log('');
|
|
235
|
-
console.log(`Step 5: Deploying CDK stack with CI-built image...`);
|
|
235
|
+
console.log(`Step 5: Deploying CDK stack with CI-built image (secrets-only mode)...`);
|
|
236
236
|
process.chdir(path.join(__dirname, '..'));
|
|
237
237
|
// Use the full version with timestamp (without 'v' prefix)
|
|
238
238
|
const imageTag = devTag.replace(/^v/, '');
|
|
239
|
-
|
|
239
|
+
|
|
240
|
+
// Secrets-only mode parameters
|
|
241
|
+
const quiltStackArn = 'arn:aws:cloudformation:us-east-1:712023778557:stack/quilt-staging/e51b0c10-10c9-11ee-9b41-12fda87498a3';
|
|
242
|
+
const benchlingSecret = 'benchling-webhook-dev';
|
|
243
|
+
|
|
244
|
+
run(`npm run cli -- --quilt-stack-arn ${quiltStackArn} --benchling-secret ${benchlingSecret} --image-tag ${imageTag} --yes`);
|
|
245
|
+
|
|
246
|
+
// 6. Get and store the deployment endpoint
|
|
247
|
+
console.log('');
|
|
248
|
+
console.log('Step 6: Retrieving deployment endpoint...');
|
|
249
|
+
|
|
250
|
+
try {
|
|
251
|
+
const { CloudFormationClient, DescribeStacksCommand } = require('@aws-sdk/client-cloudformation');
|
|
252
|
+
const os = require('os');
|
|
253
|
+
|
|
254
|
+
const cloudformation = new CloudFormationClient({ region: 'us-east-1' });
|
|
255
|
+
const command = new DescribeStacksCommand({ StackName: 'BenchlingWebhookStack' });
|
|
256
|
+
const response = await cloudformation.send(command);
|
|
257
|
+
|
|
258
|
+
if (response.Stacks && response.Stacks.length > 0) {
|
|
259
|
+
const stack = response.Stacks[0];
|
|
260
|
+
const endpointOutput = stack.Outputs?.find(o => o.OutputKey === 'WebhookEndpoint');
|
|
261
|
+
const webhookUrl = endpointOutput?.OutputValue || '';
|
|
262
|
+
|
|
263
|
+
if (webhookUrl) {
|
|
264
|
+
// Store endpoint in XDG config
|
|
265
|
+
const configDir = path.join(os.homedir(), '.config', 'benchling-webhook');
|
|
266
|
+
const deployJsonPath = path.join(configDir, 'deploy.json');
|
|
267
|
+
|
|
268
|
+
// Read existing deploy.json or create new one
|
|
269
|
+
let deployConfig = {};
|
|
270
|
+
if (fs.existsSync(deployJsonPath)) {
|
|
271
|
+
deployConfig = JSON.parse(fs.readFileSync(deployJsonPath, 'utf8'));
|
|
272
|
+
}
|
|
273
|
+
|
|
274
|
+
// Update dev section
|
|
275
|
+
deployConfig.dev = {
|
|
276
|
+
endpoint: webhookUrl,
|
|
277
|
+
imageTag: imageTag,
|
|
278
|
+
deployedAt: new Date().toISOString(),
|
|
279
|
+
stackName: 'BenchlingWebhookStack'
|
|
280
|
+
};
|
|
281
|
+
|
|
282
|
+
// Ensure config directory exists
|
|
283
|
+
if (!fs.existsSync(configDir)) {
|
|
284
|
+
fs.mkdirSync(configDir, { recursive: true });
|
|
285
|
+
}
|
|
286
|
+
|
|
287
|
+
// Write deploy.json
|
|
288
|
+
fs.writeFileSync(deployJsonPath, JSON.stringify(deployConfig, null, 2));
|
|
289
|
+
console.log(`✅ Stored deployment endpoint in ${deployJsonPath}`);
|
|
290
|
+
console.log(` Endpoint: ${webhookUrl}`);
|
|
291
|
+
}
|
|
292
|
+
}
|
|
293
|
+
} catch (error) {
|
|
294
|
+
console.warn(`⚠️ Could not retrieve/store deployment endpoint: ${error.message}`);
|
|
295
|
+
}
|
|
240
296
|
|
|
241
297
|
console.log('');
|
|
242
298
|
console.log('✅ Development deployment complete!');
|
package/dist/bin/cli.js
CHANGED
|
@@ -24,19 +24,29 @@ program
|
|
|
24
24
|
program
|
|
25
25
|
.command("deploy", { isDefault: true })
|
|
26
26
|
.description("Deploy the CDK stack to AWS")
|
|
27
|
-
.option("--
|
|
28
|
-
.option("--
|
|
29
|
-
.option("--tenant <name>", "Benchling tenant")
|
|
30
|
-
.option("--client-id <id>", "Benchling OAuth client ID")
|
|
31
|
-
.option("--client-secret <secret>", "Benchling OAuth client secret")
|
|
32
|
-
.option("--app-id <id>", "Benchling app definition ID")
|
|
27
|
+
.option("--quilt-stack-arn <arn>", "ARN of Quilt CloudFormation stack")
|
|
28
|
+
.option("--benchling-secret <name>", "Name or ARN of Benchling secret in Secrets Manager (defaults to package name)", "@quiltdata/benchling-webhook")
|
|
33
29
|
.option("--env-file <path>", "Path to .env file", ".env")
|
|
30
|
+
// Common options
|
|
34
31
|
.option("--no-bootstrap-check", "Skip CDK bootstrap verification")
|
|
35
32
|
.option("--require-approval <level>", "CDK approval level", "never")
|
|
36
33
|
.option("--profile <name>", "AWS profile to use")
|
|
37
34
|
.option("--region <region>", "AWS region to deploy to")
|
|
38
35
|
.option("--image-tag <tag>", "Docker image tag to deploy (default: latest)")
|
|
39
36
|
.option("--yes", "Skip confirmation prompts")
|
|
37
|
+
.addHelpText("after", `
|
|
38
|
+
Examples:
|
|
39
|
+
Deploy with default secret name:
|
|
40
|
+
$ npx @quiltdata/benchling-webhook deploy \\
|
|
41
|
+
--quilt-stack-arn "arn:aws:cloudformation:us-east-1:123456789012:stack/QuiltStack/abc123"
|
|
42
|
+
|
|
43
|
+
Deploy with custom secret name:
|
|
44
|
+
$ npx @quiltdata/benchling-webhook deploy \\
|
|
45
|
+
--quilt-stack-arn "arn:aws:cloudformation:us-east-1:123456789012:stack/QuiltStack/abc123" \\
|
|
46
|
+
--benchling-secret "my-benchling-credentials"
|
|
47
|
+
|
|
48
|
+
For more information: https://github.com/quiltdata/benchling-webhook#deployment
|
|
49
|
+
`)
|
|
40
50
|
.action(async (options) => {
|
|
41
51
|
try {
|
|
42
52
|
await (0, deploy_1.deployCommand)(options);
|
package/dist/bin/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../bin/cli.ts"],"names":[],"mappings":";;;;;;AACA,yCAAoC;AACpC,kDAA0B;AAC1B,8CAAkD;AAClD,0CAA8C;AAC9C,kDAAsD;AACtD,0CAA8C;AAC9C,kDAAsD;AAEtD,gCAAgC;AAChC,iEAAiE;AACjE,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACF,IAAI,CAAC,mBAAmB,CAAC;KACzB,WAAW,CAAC,kFAAkF,CAAC;KAC/F,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,EAAE,wBAAwB,CAAC;KAC/D,UAAU,CAAC,YAAY,EAAE,0BAA0B,CAAC,CAAC;AAE1D,2BAA2B;AAC3B,OAAO;KACF,OAAO,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;KACtC,WAAW,CAAC,6BAA6B,CAAC;KAC1C,MAAM,CAAC,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../bin/cli.ts"],"names":[],"mappings":";;;;;;AACA,yCAAoC;AACpC,kDAA0B;AAC1B,8CAAkD;AAClD,0CAA8C;AAC9C,kDAAsD;AACtD,0CAA8C;AAC9C,kDAAsD;AAEtD,gCAAgC;AAChC,iEAAiE;AACjE,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACF,IAAI,CAAC,mBAAmB,CAAC;KACzB,WAAW,CAAC,kFAAkF,CAAC;KAC/F,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,EAAE,wBAAwB,CAAC;KAC/D,UAAU,CAAC,YAAY,EAAE,0BAA0B,CAAC,CAAC;AAE1D,2BAA2B;AAC3B,OAAO;KACF,OAAO,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;KACtC,WAAW,CAAC,6BAA6B,CAAC;KAC1C,MAAM,CAAC,yBAAyB,EAAE,mCAAmC,CAAC;KACtE,MAAM,CAAC,2BAA2B,EAAE,+EAA+E,EAAE,8BAA8B,CAAC;KACpJ,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,CAAC;IACzD,iBAAiB;KAChB,MAAM,CAAC,sBAAsB,EAAE,iCAAiC,CAAC;KACjE,MAAM,CAAC,4BAA4B,EAAE,oBAAoB,EAAE,OAAO,CAAC;KACnE,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,mBAAmB,EAAE,yBAAyB,CAAC;KACtD,MAAM,CAAC,mBAAmB,EAAE,8CAA8C,CAAC;KAC3E,MAAM,CAAC,OAAO,EAAE,2BAA2B,CAAC;KAC5C,WAAW,CAAC,OAAO,EAAE;;;;;;;;;;;;CAYzB,CAAC;KACG,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACtB,IAAI,CAAC;QACD,MAAM,IAAA,sBAAa,EAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAE,KAAe,CAAC,OAAO,CAAC,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;AACL,CAAC,CAAC,CAAC;AAEP,eAAe;AACf,OAAO;KACF,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wCAAwC,CAAC;KACrD,MAAM,CAAC,iBAAiB,EAAE,kBAAkB,EAAE,MAAM,CAAC;KACrD,MAAM,CAAC,SAAS,EAAE,yBAAyB,CAAC;KAC5C,MAAM,CAAC,WAAW,EAAE,iCAAiC,CAAC;KACtD,MAAM,CAAC,SAAS,EAAE,sCAAsC,CAAC;KACzD,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACtB,IAAI,CAAC;QACD,MAAM,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAE,KAAe,CAAC,OAAO,CAAC,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;AACL,CAAC,CAAC,CAAC;AAEP,mBAAmB;AACnB,OAAO;KACF,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,0CAA0C,CAAC;KACvD,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,CAAC;KACxD,MAAM,CAAC,WAAW,EAAE,sCAAsC,CAAC;KAC3D,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACtB,IAAI,CAAC;QACD,MAAM,IAAA,0BAAe,EAAC,OAAO,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAE,KAAe,CAAC,OAAO,CAAC,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;AACL,CAAC,CAAC,CAAC;AAEP,eAAe;AACf,OAAO;KACF,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,oCAAoC,CAAC;KACjD,MAAM,CAAC,aAAa,EAAE,2DAA2D,CAAC;KAClF,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACtB,IAAI,CAAC;QACD,MAAM,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAE,KAAe,CAAC,OAAO,CAAC,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;AACL,CAAC,CAAC,CAAC;AAEP,mBAAmB;AACnB,OAAO;KACF,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,sCAAsC,CAAC;KACnD,MAAM,CAAC,iBAAiB,EAAE,kBAAkB,EAAE,mBAAmB,CAAC;KAClE,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACtB,IAAI,CAAC;QACD,MAAM,IAAA,0BAAe,EAAC,OAAO,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAE,KAAe,CAAC,OAAO,CAAC,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;AACL,CAAC,CAAC,CAAC;AAEP,qCAAqC;AACrC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAChC,OAAO,CAAC,UAAU,EAAE,CAAC;AACzB,CAAC;AAED,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
|
-
|
|
2
|
-
export declare function deployCommand(options: ConfigOptions & {
|
|
1
|
+
export declare function deployCommand(options: {
|
|
3
2
|
yes?: boolean;
|
|
4
3
|
bootstrapCheck?: boolean;
|
|
5
4
|
requireApproval?: string;
|
|
5
|
+
quiltStackArn?: string;
|
|
6
|
+
benchlingSecret?: string;
|
|
7
|
+
imageTag?: string;
|
|
8
|
+
region?: string;
|
|
9
|
+
envFile?: string;
|
|
6
10
|
}): Promise<void>;
|
|
7
11
|
//# sourceMappingURL=deploy.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deploy.d.ts","sourceRoot":"","sources":["../../../bin/commands/deploy.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"deploy.d.ts","sourceRoot":"","sources":["../../../bin/commands/deploy.ts"],"names":[],"mappings":"AAaA,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,OAAO,CAAC;IAAC,cAAc,CAAC,EAAE,OAAO,CAAC;IAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAgCzO"}
|