@toptal/davinci-workflow 1.8.1-alpha-chore-upgrade-babel-core.3 → 1.8.1

package/CHANGELOG.md

@@ -1,5 +1,14 @@
 # @toptal/davinci-workflow
 
+## 1.8.1
+
+### Patch Changes
+
+- [#1309](https://github.com/toptal/davinci/pull/1309) [`e3aac3fc`](https://github.com/toptal/davinci/commit/e3aac3fc5603664e5b2a49fca96d794e229cf498) Thanks [@dmaklygin](https://github.com/dmaklygin)! - - set up proper secrets to deployment GH Workflows
+  - autogenerate secrets from yaml file
+- Updated dependencies [[`e3aac3fc`](https://github.com/toptal/davinci/commit/e3aac3fc5603664e5b2a49fca96d794e229cf498)]:
+  - @toptal/davinci-skeleton@6.2.1
+
 ## 1.8.0
 
 ### Minor Changes

package/dist-package/package.json

@@ -0,0 +1,40 @@
+{
+  "name": "@toptal/davinci-workflow",
+  "version": "1.8.1",
+  "description": "GH Workflow generator package for frontend applications",
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": [
+    "Github Actions",
+    "GH Workflows",
+    "generator"
+  ],
+  "author": "Toptal",
+  "homepage": "https://github.com/toptal/davinci/tree/master/packages/workflow#readme",
+  "license": "ISC",
+  "bin": {
+    "davinci-workflow": "./bin/davinci-workflow.js"
+  },
+  "main": "./src/index.js",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/toptal/davinci.git"
+  },
+  "scripts": {
+    "build:package": "../../bin/build-package.js",
+    "prepublishOnly": "../../bin/prepublish.js",
+    "test": "echo \"Error: run tests from root\" && exit 1"
+  },
+  "bugs": {
+    "url": "https://github.com/toptal/davinci/issues"
+  },
+  "dependencies": {
+    "@toptal/davinci-cli-shared": "1.5.1",
+    "@toptal/davinci-skeleton": "6.2.1",
+    "fs-extra": "^9.0.1",
+    "lodash.kebabcase": "^4.1.1",
+    "ora": "^5.4.1",
+    "chalk": "^4.1.2"
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@toptal/davinci-workflow",
-  "version": "1.8.1-alpha-chore-upgrade-babel-core.3+0b7b1ccf",
+  "version": "1.8.1",
   "description": "GH Workflow generator package for frontend applications",
   "publishConfig": {
     "access": "public"
@@ -30,12 +30,11 @@
     "url": "https://github.com/toptal/davinci/issues"
   },
   "dependencies": {
-    "@toptal/davinci-cli-shared": "1.5.2-alpha-chore-upgrade-babel-core.96+0b7b1ccf",
-    "@toptal/davinci-skeleton": "6.2.1-alpha-chore-upgrade-babel-core.3+0b7b1ccf",
-    "chalk": "^4.1.2",
+    "@toptal/davinci-cli-shared": "1.5.1",
+    "@toptal/davinci-skeleton": "6.2.1",
     "fs-extra": "^9.0.1",
     "lodash.kebabcase": "^4.1.1",
-    "ora": "^5.4.1"
-  },
-  "gitHead": "0b7b1ccfe086e0714360aa12d422257236444de6"
+    "ora": "^5.4.1",
+    "chalk": "^4.1.2"
+  }
 }

package/src/commands/new-workflow.js

@@ -3,15 +3,21 @@ const path = require('path')
 const fs = require('fs-extra')
 const ora = require('ora')
 const kebabCase = require('lodash.kebabcase')
-const {WORKFLOWS_DIR, GITHUB_DIR} = require('../constants')
-const {copyWorkflowFromSkeleton} = require('../utils/skeleton')
+
+const { WORKFLOWS_DIR, GITHUB_DIR } = require('../constants')
+const {
+  copyWorkflowFromSkeleton,
+  getWorkflowSourceFilepath
+} = require('../utils/skeleton')
+const { readYMLSecrets } = require('../utils/read-secrets')
+const generateMessageFromSecrets = require('../utils/generate-command-message')
 
 /**
  * Check whether github directory exists
  * @param rootDir
  * @returns {Promise<void>}
  */
-const checkGithubDirectory = async (rootDir) => {
+const checkGithubDirectory = async rootDir => {
   const spinner = ora(`Searching for ${GITHUB_DIR} directory...`).start()
   const githubDir = path.join(rootDir, GITHUB_DIR)
 
@@ -19,7 +25,9 @@ const checkGithubDirectory = async (rootDir) => {
     const doesGithubDirExist = await fs.stat(githubDir)
 
     if (!doesGithubDirExist) {
-      throw new Error('It looks like you run Davinci command not in a root of the project.')
+      throw new Error(
+        'It looks like you run Davinci command not in a root of the project.'
+      )
     }
 
     spinner.succeed('Github directory exists!')
@@ -35,7 +43,7 @@ const checkGithubDirectory = async (rootDir) => {
  * Returns workflows directory. If the directory structure does not exist, it is created.
  * @param githubDir
  */
-const getWorkflowsDirectory = async (githubDir) => {
+const getWorkflowsDirectory = async githubDir => {
   const spinner = ora('Searching for workflows directory...').start()
 
   const workflowsDir = path.join(githubDir, WORKFLOWS_DIR)
@@ -57,48 +65,48 @@ const getWorkflowsDirectory = async (githubDir) => {
  * @param workflowName
  * @returns {*}
  */
-const getWorkflowFilename = (workflowName) => {
+const getWorkflowFilename = workflowName => {
   return kebabCase(`davinci-${workflowName}`) + '.yml'
 }
 
-const getWorkflowPostBuildFilename = (workflowName) => {
+const getWorkflowPostBuildFilename = workflowName => {
   return kebabCase(workflowName) + '.js'
 }
 
 const performPostBuildProcedure = async (filename, destDir) => {
-  const spinner = ora('Post build procedure...').start()
-  const postBuildFilePathname = path.join(require.resolve('@toptal/davinci-workflow'), '../', 'post-build', filename)
-
-  try {
-    const doesFileExist = await fs.exists(postBuildFilePathname)
-    if (!doesFileExist) {
-      spinner.succeed('No post-build procedure')
-      return
-    }
+  const postBuildFilePathname = path.join(
+    require.resolve('@toptal/davinci-workflow'),
+    '../',
+    'post-build',
+    filename
+  )
+  const doesFileExist = await fs.exists(postBuildFilePathname)
 
-    const executePostBuild = require(postBuildFilePathname)
-    if (typeof executePostBuild !== 'function') {
-      throw new Error('post build file must export a function')
-    }
+  if (!doesFileExist) {
+    return
+  }
 
-    await executePostBuild({
-      print,
-      destDir
-    })
+  const executePostBuild = require(postBuildFilePathname)
 
-    spinner.succeed('Post-build procedure has been executed!')
-  } catch (err) {
-    spinner.fail()
-    throw err
+  if (typeof executePostBuild !== 'function') {
+    throw new Error('post build file must export a function')
   }
+
+  await executePostBuild({
+    print,
+    destDir
+  })
 }
 
-const createCommand = async (workflowName) => {
-  print.green(
-    'Creating',
-    workflowName,
-    '...'
-  )
+const printMandatorySecretsList = async fileName => {
+  const workflowFilepath = getWorkflowSourceFilepath(fileName)
+  const secrets = readYMLSecrets(workflowFilepath)
+
+  print.grey(generateMessageFromSecrets(secrets))
+}
+
+const createCommand = async workflowName => {
+  print.green('Creating', workflowName, '...')
 
   const rootDir = process.cwd()
 
@@ -109,12 +117,18 @@ const createCommand = async (workflowName) => {
     const workflowsDir = await getWorkflowsDirectory(githubDir)
     // get filename
     const fileName = getWorkflowFilename(workflowName)
+
     // copy workflow to an appropriate directory
     await copyWorkflowFromSkeleton(fileName, workflowsDir)
+    // print successfull result
+    print.green('Workflow has been created.\n')
     // execute a possible post-build procedure
-    await performPostBuildProcedure(getWorkflowPostBuildFilename(workflowName), workflowsDir)
-
-    print.green('Workflow has been created.')
+    await performPostBuildProcedure(
+      getWorkflowPostBuildFilename(workflowName),
+      workflowsDir
+    )
+    // read and print mandatory ENV secrets that must be installed beforehand
+    await printMandatorySecretsList(fileName)
   } catch (err) {
     print.red(err)
     process.exit(1)

package/src/constants.js

@@ -1,7 +1,31 @@
 const GITHUB_DIR = '.github'
 const WORKFLOWS_DIR = 'workflows'
 
+const SECRET_DEFINITION = {
+  // common
+  TOPTAL_DEVBOT_TOKEN:
+    'GH access token to checkout and publish comments/reactions in PRs',
+  GCR_ACCOUNT_KEY: 'Google Cloud Account Key. Necessary to upload Docker image',
+  SENTRY_SOURCEMAP_UPLOAD_TOKEN:
+    'Sentry Token. Necessary to upload source files to Sentry',
+  // production
+  TOPTAL_BOT_JENKINS_DEPLOYMENT_TOKEN:
+    'Jenkins Deploy Token. Necessary to execute deploy to PRODUCTION Jenkins job',
+  HTTP_PROXY:
+    'Jenkins Proxy. Necessary to execute deploy to production Jenkins job',
+  // staging
+  TOPTAL_BOT_JENKINS_API_TOKEN:
+    'Jenkins Deploy Token. Necessary to execute deploy to STAGING Jenkins job',
+  // temploy
+  TOPTAL_JENKINS_BUILD_TOKEN:
+    'Jenkins Build Token. Necessary to execute Jenkins job',
+  // alpha-package
+  NPM_TOKEN_PUBLISH: 'NPM publish access token',
+  NPM_TOKEN_READ_ONLY: 'NPM read token'
+}
+
 module.exports = {
   GITHUB_DIR,
-  WORKFLOWS_DIR
+  WORKFLOWS_DIR,
+  SECRET_DEFINITION
 }

package/src/post-build/alpha-package.js

@@ -1,9 +1,11 @@
 const chalk = require('chalk')
-const skeleton = require('../utils/skeleton')
 const path = require('path')
 
-const executePostBuild = ({destDir}) => {
-  const logText = chalk.red.bold
+const skeleton = require('../utils/skeleton')
+const yellowBoldText = chalk.yellow.bold
+const logText = chalk.red.bold
+
+const executePostBuild = ({ destDir }) => {
   let isScriptExist = false
 
   try {
@@ -13,7 +15,8 @@ const executePostBuild = ({destDir}) => {
     const config = skeleton.readPackageJson(rootDir)
 
     if (!config.scripts['build:package']) {
-      config.scripts['build:package'] = 'lerna run build:package --stream --parallel'
+      config.scripts['build:package'] =
+        'lerna run build:package --stream --parallel'
     } else {
       isScriptExist = true
     }
@@ -24,15 +27,16 @@ const executePostBuild = ({destDir}) => {
   }
 
   console.log(
-    chalk.green('\r\nPublish Alpha Package (alpha-package) GH Workflow has been generated! \n'),
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    logText('@toptal-bot run package:alpha-release'), ' — it performs build & release of a new alpha package \n',
-    'The following GH secrets ', logText('must'), ' be specified in repo to properly execute the command: \n',
-    logText('NPM_TOKEN_PUBLISH'), ' — NPM publish access token\n',
-    logText('TOPTAL_DEVBOT_TOKEN'), ' — GH access token to checkout and publish comments/reactions in PRs\n',
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    isScriptExist ? logText('Script "build:package" exists in package.json! \n') : logText('New "build:package" script was added in package.json! \n'),
-
+    [
+      chalk.green(
+        '\nPublish Alpha Package (alpha-package) GH Workflow has been generated! \n\n'
+      ),
+      yellowBoldText('@toptal-bot run package:alpha-release'),
+      ' — it performs build&release of a new alpha package \n',
+      !isScriptExist
+        ? logText('New "build:package" script was added in package.json! \n')
+        : ''
+    ].join('')
   )
 }
 

package/src/post-build/deploy-temploy.js

@@ -1,8 +1,10 @@
 const chalk = require('chalk')
-const skeleton = require('../utils/skeleton')
 const path = require('path')
 
-const executePostBuild = ({destDir}) => {
+const skeleton = require('../utils/skeleton')
+const yellowBoldText = chalk.yellow.bold
+
+const executePostBuild = ({ destDir }) => {
   const logText = chalk.red.bold
   let isScriptExist = false
 
@@ -24,15 +26,16 @@ const executePostBuild = ({destDir}) => {
   }
 
   console.log(
-    chalk.green('\r\nDeploy Temploy (deploy-temploy) GH Workflow has been generated! \n'),
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    logText('@toptal-bot run temploy'), ' — it performs build & deploy a new temploy \n',
-    'The following GH secrets ', logText('must'), ' be specified in repo to properly execute the command: \n',
-    logText('GCR_ACCOUNT_KEY'), ' — Google Cloud Account Key. Necessary to upload Docker image\n',
-    logText('TOPTAL_DEVBOT_TOKEN'), ' — GH access token to checkout and publish comments/reactions in PRs\n',
-    logText('TOPTAL_JENKINS_BUILD_TOKEN'), ' — Jenkins Build Token. Necessary to execute Jenkins job\n',
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    isScriptExist ? logText('Script "build" exists in package.json! \n') : logText('New "build" script was added in package.json! \n'),
+    [
+      chalk.green(
+        '\r\nDeploy Temploy (deploy-temploy) GH Workflow has been generated! \n\n'
+      ),
+      yellowBoldText('@toptal-bot run temploy'),
+      ' — it performs build & deploy a new temploy \n',
+      !isScriptExist
+        ? logText('New "build" script was added in package.json! \n')
+        : ''
+    ].join('')
   )
 }
 

package/src/post-build/deploy.js

@@ -2,14 +2,14 @@ const chalk = require('chalk')
 const path = require('path')
 
 const skeleton = require('../utils/skeleton')
-
+const logText = chalk.red.bold
+const yellowBoldText = chalk.yellow.bold
 const deployWorkflows = [
   'davinci-deploy-production.yml',
   'davinci-deploy-staging.yml'
 ]
 
 const executePostBuild = async ({ destDir }) => {
-  const logText = chalk.red.bold
   let isScriptExist = false
 
   const rootDir = path.resolve(destDir, '../../')
@@ -40,37 +40,21 @@ const executePostBuild = async ({ destDir }) => {
   }
 
   console.log(
-    chalk.green('\r\nDeploy GH Workflow has been generated! \n'),
-    'Three workflows have been created - ',
-    chalk.green(
-      'davinci-deploy.yml, davinci-deploy-staging.yml and davinci-deploy-production.yml'
-    ),
-    '\n',
-    'davinci-deploy.yml builds and pushes image & release image and according to settings in davinci.yml it triggers deploy to staging and/or production\n',
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    logText('@toptal-bot run deploy-staging'),
-    ' — it performs build & deploy to staging for the latest commit in the PR branch \n',
-    'The following GH secrets ',
-    logText('must'),
-    ' be specified in the repo to properly execute the command: \n',
-    logText('GCR_ACCOUNT_KEY'),
-    ' — Google Cloud Account Key. Necessary to upload Docker image\n',
-    logText('TOPTAL_DEVBOT_TOKEN'),
-    ' — GH access token to checkout and publish comments/reactions in PRs\n',
-    logText('TOPTAL_JENKINS_BUILD_TOKEN'),
-    ' — Jenkins Build Token. Necessary to execute Jenkins jobs\n',
-    logText('TOPTAL_BOT_JENKINS_DEPLOYMENT_TOKEN'),
-    ' — Jenkins Deploy Token. Necessary to execute deploy to production Jenkins job\n',
-    logText('TOPTAL_BOT_USERNAME'),
-    ' — Jenkins User Name. Necessary to execute deploy to production Jenkins job\n',
-    logText('HTTP_PROXY'),
-    ' — Jenkins Proxy. Necessary to execute deploy to production Jenkins job\n',
-    logText('NPM_TOKEN'),
-    ' — NPM Token. Necessary to load private NPM packages\n',
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    isScriptExist
-      ? logText('Script "build" already exists in package.json! \n')
-      : logText('New "build" script was added in package.json! \n')
+    [
+      chalk.green('\nDeploy GH Workflow has been generated!\n\n'),
+      'Three workflows have been created — ',
+      chalk.green(
+        'davinci-deploy.yml, davinci-deploy-staging.yml and davinci-deploy-production.yml'
+      ),
+      '\n\n',
+      chalk.green('davinci-deploy.yml'),
+      ' GH Workflow builds&pushes Docker image and according to settings in davinci.yml it triggers deploy to staging and/or production\n\n',
+      yellowBoldText('@toptal-bot run deploy-staging'),
+      ' — it performs build & deploy to staging for the latest commit in the PR branch \n',
+      !isScriptExist
+        ? logText('New "build" script was added in package.json! \n')
+        : ''
+    ].join('')
   )
 }
 

package/src/post-build/integration-tests.js

@@ -1,23 +1,25 @@
 const chalk = require('chalk')
 
-const CONFLUENCE_PAGE = 'https://toptal-core.atlassian.net/l/c/qtXKBzvs#Generated-IT-Workflow'
-
-const redBoldText = chalk.red.bold
+const CONFLUENCE_PAGE =
+  'https://toptal-core.atlassian.net/l/c/qtXKBzvs#Generated-IT-Workflow'
 const yellowBoldText = chalk.yellow.bold
 
 const executePostBuild = () => {
   console.log(
-    chalk.green('\r\nIntegration tests (integration-tests) GH Workflow has been generated! \n\n'),
-    'Workflow is located in ', chalk.green.bold('.github/workflows/davinci-integration-tests.yml'), '\n',
-    'But it likely won\'t work out of the box and will ', yellowBoldText('require little bit of adjusting'), ' to make it work in your CI\n',
-    'Read more about customization here ', chalk.grey.bold(CONFLUENCE_PAGE), '\n',
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    'The following GH secrets ', redBoldText('must'), ' be specified in repo to properly execute the command: \n',
-    redBoldText('TOPTAL_DEVBOT_TOKEN'), ' — GH access token to checkout and publish comments/reactions in PRs\n',
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
-    'The following GH secrets are ', yellowBoldText('optional'), ': \n',
-    yellowBoldText('NPM_TOKEN_READ_ONLY'), ' — needed when your project has private dependencies\n',
-    '———————————————————————————————————————————————————————————————————————————————————————————————— \n',
+    [
+      chalk.green(
+        '\nIntegration tests (integration-tests) GH Workflow has been generated! \n\n'
+      ),
+      'Workflow is located in ',
+      chalk.green.bold('.github/workflows/davinci-integration-tests.yml'),
+      '\n',
+      "But it likely won't work out of the box and will ",
+      yellowBoldText('require little bit of adjusting'),
+      ' to make it work in your CI\n',
+      'Read more about customization here ',
+      chalk.grey.bold(CONFLUENCE_PAGE),
+      '\n'
+    ].join('')
   )
 }
 

package/src/utils/generate-command-message.js

@@ -0,0 +1,38 @@
+const chalk = require('chalk')
+
+const { SECRET_DEFINITION } = require('../constants')
+const logText = chalk.red.bold
+
+/**
+ * Function gather necessary secrets to a command message
+ * @type {Array} list of secrets
+ */
+const generateMessageFromSecrets = secretsList => {
+  if (secretsList.length === 0) {
+    return ''
+  }
+
+  let message = [
+    '————————————————————————————————————————————————————————————————————————————————————————————————\n',
+    'The following GH secrets',
+    logText('must'),
+    'be specified in the repo to properly execute the command: \n\n'
+  ].join(' ')
+
+  message += secretsList.reduce((message, secret) => {
+    if (!SECRET_DEFINITION[secret]) {
+      throw new Error(`the definition for the secret: ${secret} is not found`)
+    }
+
+    message += ' ' + logText(secret) + ' — ' + SECRET_DEFINITION[secret] + '\n'
+
+    return message
+  }, '')
+
+  message +=
+    '————————————————————————————————————————————————————————————————————————————————————————————————\n'
+
+  return message
+}
+
+module.exports = generateMessageFromSecrets

package/src/utils/read-secrets.js

@@ -0,0 +1,42 @@
+const fs = require('fs')
+
+const reg = /\$\{\{\s*secrets\.([A-Za-z_\-0-9]+)\s*\}\}/g
+
+/**
+ * Pick up secrets from string
+ * @param document
+ * @returns {String[]}
+ */
+const readSecrets = document => {
+  let match
+
+  const secrets = []
+
+  // eslint-disable-next-line no-cond-assign
+  while ((match = reg.exec(document))) {
+    secrets.push(match[1])
+  }
+
+  return secrets
+}
+
+/**
+ * Read YML file's secrets and return a list of them
+ * @param pathname
+ * @returns {String[]}
+ */
+const readYMLSecrets = pathname => {
+  try {
+    const file = fs.readFileSync(pathname, 'utf8')
+
+    return readSecrets(file)
+  } catch (e) {
+    console.log('readYMLSecrets Error: ', e)
+    throw e
+  }
+}
+
+module.exports = {
+  readSecrets,
+  readYMLSecrets
+}

package/src/utils/skeleton.js

@@ -19,17 +19,22 @@ const writePackageJson = (folder, config) => {
   fs.writeFileSync(packageJsonFile, modifiedConfigData)
 }
 
+const getWorkflowSourceFilepath = fileName => {
+  const skeletonPath = require.resolve('@toptal/davinci-skeleton')
+
+  return path.join(skeletonPath, '../..', GITHUB_DIR, WORKFLOWS_DIR, fileName)
+}
+
 const copyWorkflowFromSkeleton = async (fileName, destDir) => {
   const spinner = ora('Copying workflow...').start()
 
-  const skeletonPath = require.resolve('@toptal/davinci-skeleton')
-  const srcFilepath = path.join(skeletonPath, '../..', GITHUB_DIR, WORKFLOWS_DIR, fileName)
+  const srcFilepath = getWorkflowSourceFilepath(fileName)
   const destFilepath = path.join(destDir, fileName)
 
   try {
     await fs.copy(srcFilepath, destFilepath)
 
-    spinner.succeed('Workflow copied!')
+    spinner.succeed('Workflow has been copied!')
   } catch (err) {
     spinner.fail()
     throw err
@@ -39,5 +44,6 @@ const copyWorkflowFromSkeleton = async (fileName, destDir) => {
 module.exports = {
   readPackageJson,
   writePackageJson,
-  copyWorkflowFromSkeleton,
+  getWorkflowSourceFilepath,
+  copyWorkflowFromSkeleton
 }