carlin 0.19.0

package/dist/deploy/cicd/command.js

@@ -0,0 +1,84 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deployCicdCommand = exports.options = exports.readSSHKey = void 0;
+/* eslint-disable no-param-reassign */
+const change_case_1 = require("change-case");
+const fs_1 = __importDefault(require("fs"));
+const npmlog_1 = __importDefault(require("npmlog"));
+const config_1 = require("../../config");
+const utils_1 = require("../../utils");
+const pipelines_1 = require("./pipelines");
+const deployCicd_1 = require("./deployCicd");
+const logPrefix = 'deploy-cicd';
+/**
+ * Created to allow mocking.
+ */
+const readSSHKey = (dir) => fs_1.default.readFileSync(dir, 'utf-8');
+exports.readSSHKey = readSSHKey;
+exports.options = {
+    cpu: {
+        type: 'string',
+    },
+    memory: {
+        type: 'string',
+    },
+    pipelines: {
+        choices: pipelines_1.pipelines,
+        coerce: (values) => values.map((value) => change_case_1.camelCase(value)),
+        default: [],
+        description: 'Pipelines that will be implemented with the CICD stack.',
+        type: 'array',
+    },
+    'update-repository': {
+        alias: ['ur'],
+        description: 'Determine if the repository image will be updated.',
+        default: true,
+        type: 'boolean',
+    },
+    'ssh-key': {
+        demandOption: true,
+        type: 'string',
+    },
+    'ssh-url': {
+        demandOption: true,
+        type: 'string',
+    },
+    'slack-webhook-url': {
+        type: 'string',
+    },
+    /**
+     * This option has the format:
+     *
+     * ```ts
+     * Array<{
+     *  name: string,
+     *  value: string,
+     * }>
+     * ```
+     */
+    'task-environment': {
+        alias: ['te'],
+        default: [],
+        describe: 'A list of environment variables that will be passed to the ECS container task.',
+        type: 'array',
+    },
+};
+exports.deployCicdCommand = {
+    command: 'cicd',
+    describe: 'Deploy CICD.',
+    builder: (yargs) => yargs.options(utils_1.addGroupToOptions(exports.options, 'Deploy CICD Options')),
+    handler: ({ destroy, ...rest }) => {
+        if (destroy) {
+            npmlog_1.default.info(logPrefix, `${config_1.NAME} doesn't destroy CICD stack.`);
+        }
+        else {
+            deployCicd_1.deployCicd({
+                ...rest,
+                sshKey: exports.readSSHKey(rest['ssh-key']),
+            });
+        }
+    },
+};

package/dist/deploy/cicd/config.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PIPELINE_ECS_TASK_EXECUTION_MANUAL_APPROVAL_ACTION_NAME = exports.PIPELINE_ECS_TASK_EXECUTION_STAGE_NAME = exports.ECS_TASK_DEFAULT_MEMORY = exports.ECS_TASK_DEFAULT_CPU = void 0;
+exports.ECS_TASK_DEFAULT_CPU = '2048';
+exports.ECS_TASK_DEFAULT_MEMORY = '4096';
+exports.PIPELINE_ECS_TASK_EXECUTION_STAGE_NAME = `PipelineRunECSTasksStage`;
+exports.PIPELINE_ECS_TASK_EXECUTION_MANUAL_APPROVAL_ACTION_NAME = `PipelineRunECSTasksApproval`;

package/dist/deploy/cicd/deployCicd.js

@@ -0,0 +1,114 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deployCicd = exports.getLambdaInput = void 0;
+const fs = __importStar(require("fs"));
+const npmlog_1 = __importDefault(require("npmlog"));
+const path = __importStar(require("path"));
+const utils_1 = require("../../utils");
+const cloudFormation_core_1 = require("../cloudFormation.core");
+const utils_2 = require("../utils");
+const lambda_1 = require("../lambda");
+const cicd_template_1 = require("./cicd.template");
+const getCicdStackName_1 = require("./getCicdStackName");
+const logPrefix = 'cicd';
+const getLambdaInput = (extension) => path.resolve(__dirname, `lambdas/index.${extension}`);
+exports.getLambdaInput = getLambdaInput;
+const deployCicdLambdas = async ({ stackName }) => {
+    const lambdaInput = (() => {
+        /**
+         * This case happens when carlin command is executed when the package is
+         * built.
+         */
+        if (fs.existsSync(exports.getLambdaInput('js'))) {
+            return exports.getLambdaInput('js');
+        }
+        /**
+         * The package isn't built.
+         */
+        if (fs.existsSync(exports.getLambdaInput('ts'))) {
+            return exports.getLambdaInput('ts');
+        }
+        throw new Error('Cannot read CICD lambdas file.');
+    })();
+    const s3 = await lambda_1.deployLambdaCode({
+        lambdaInput,
+        lambdaExternals: [],
+        /**
+         * Needs stackName to define the S3 key.
+         */
+        stackName,
+    });
+    if (!s3 || !s3.bucket) {
+        throw new Error('Cannot retrieve bucket in which Lambda code was deployed.');
+    }
+    return s3;
+};
+const waitRepositoryImageUpdate = async ({ stackName, }) => {
+    npmlog_1.default.info(logPrefix, 'Starting repository image update...');
+    const { OutputValue: projectName } = await cloudFormation_core_1.getStackOutput({
+        stackName,
+        outputKey: cicd_template_1.REPOSITORY_IMAGE_CODE_BUILD_PROJECT_LOGICAL_ID,
+    });
+    if (!projectName) {
+        throw new Error(`Cannot retrieve repository image CodeBuild project name.`);
+    }
+    const build = await utils_1.startCodeBuildBuild({ projectName });
+    if (build.id) {
+        await utils_1.waitCodeBuildFinish({ buildId: build.id, name: stackName });
+    }
+};
+const deployCicd = async ({ cpu, memory, pipelines, updateRepository, slackWebhookUrl, sshKey, sshUrl, taskEnvironment, }) => {
+    try {
+        const { stackName } = await utils_2.handleDeployInitialization({
+            logPrefix,
+            stackName: getCicdStackName_1.getCicdStackName(),
+        });
+        await cloudFormation_core_1.deploy({
+            template: cicd_template_1.getCicdTemplate({
+                cpu,
+                memory,
+                pipelines,
+                s3: await deployCicdLambdas({ stackName }),
+                slackWebhookUrl,
+                taskEnvironment,
+            }),
+            params: {
+                StackName: stackName,
+                Parameters: [
+                    { ParameterKey: 'SSHUrl', ParameterValue: sshUrl },
+                    { ParameterKey: 'SSHKey', ParameterValue: sshKey },
+                ],
+            },
+            terminationProtection: true,
+        });
+        if (updateRepository) {
+            await waitRepositoryImageUpdate({ stackName });
+        }
+    }
+    catch (error) {
+        utils_2.handleDeployError({ error, logPrefix });
+    }
+};
+exports.deployCicd = deployCicd;

package/dist/deploy/cicd/ecsTaskReportCommand.js

@@ -0,0 +1,53 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ecsTaskReportCommand = void 0;
+const aws_sdk_1 = __importDefault(require("aws-sdk"));
+const npmlog_1 = __importDefault(require("npmlog"));
+const logPrefix = 'cicd-ecs-task-report';
+/**
+ * This method create the payload to send to Lambda ECS task report handler.
+ *
+ * @param param.status execution status.
+ */
+const sendEcsTaskReport = async ({ status }) => {
+    if (!process.env.ECS_TASK_REPORT_HANDLER_NAME) {
+        npmlog_1.default.info(logPrefix, 'ECS_TASK_REPORT_HANDLER_NAME not defined.');
+        return;
+    }
+    const lambda = new aws_sdk_1.default.Lambda();
+    const payload = { status };
+    if (process.env.ECS_TASK_ARN) {
+        payload.ecsTaskArn = process.env.ECS_TASK_ARN;
+    }
+    if (process.env.PIPELINE_NAME) {
+        payload.pipelineName = process.env.PIPELINE_NAME;
+    }
+    await lambda
+        .invokeAsync({
+        FunctionName: process.env.ECS_TASK_REPORT_HANDLER_NAME,
+        InvokeArgs: JSON.stringify(payload),
+    })
+        .promise();
+    npmlog_1.default.info(logPrefix, 'Report sent.');
+};
+const options = {
+    status: {
+        choices: ['Approved', 'Rejected'],
+        demandOption: true,
+        type: 'string',
+    },
+};
+/**
+ * Used to send report to ECS Task Report Handler Lambda.
+ */
+exports.ecsTaskReportCommand = {
+    command: 'cicd-ecs-task-report',
+    describe: false,
+    builder: (yargs) => yargs.options(options),
+    handler: async (args) => {
+        return sendEcsTaskReport(args);
+    },
+};

package/dist/deploy/cicd/getCicdStackName.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCicdStackName = void 0;
+const change_case_1 = require("change-case");
+const config_1 = require("../../config");
+const getProjectName_1 = require("../../utils/getProjectName");
+const getCicdStackName = () => {
+    const project = getProjectName_1.getProjectName();
+    return change_case_1.pascalCase([config_1.NAME, 'Cicd', project].join(' '));
+};
+exports.getCicdStackName = getCicdStackName;

package/dist/deploy/cicd/getTriggerPipelineObjectKey.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getTriggerPipelinesObjectKey = exports.TRIGGER_PIPELINES_OBJECT_KEY_PREFIX = void 0;
+exports.TRIGGER_PIPELINES_OBJECT_KEY_PREFIX = 'cicd/pipelines/triggers/';
+/**
+ * The file with this key inside the source S3 key of main and tag pipelines
+ * will trigger those pipelines.
+ */
+const getTriggerPipelinesObjectKey = (pipeline) => {
+    return `${exports.TRIGGER_PIPELINES_OBJECT_KEY_PREFIX}${pipeline}.zip`;
+};
+exports.getTriggerPipelinesObjectKey = getTriggerPipelinesObjectKey;

package/dist/deploy/cicd/lambdas/cicdApiV1.handler.js

@@ -0,0 +1,124 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cicdApiV1Handler = void 0;
+const aws_sdk_1 = require("aws-sdk");
+const executeTasks_1 = require("./executeTasks");
+const getProcessEnvVariable_1 = require("./getProcessEnvVariable");
+const codebuild = new aws_sdk_1.CodeBuild({ apiVersion: '2016-10-06' });
+/**
+ * The CI/CD REST API is responsible to update the image of the repository and
+ * running tasks inside a container using [ECS Fargate](https://aws.amazon.com/fargate/).
+ * The API URL has the format of an [AWS API Gateway](https://aws.amazon.com/api-gateway/) URL:
+ *
+ * ```sh
+ * https://<api-id>.execute-api.<region>.amazonaws.com/v1
+ * ```
+ *
+ * It can be found on the "Outputs" tab if you access the CI/CD stack details
+ * from AWS Console or by the output `ApiV1Endpoint` that is printed after the
+ * stack creation.
+ *
+ * Such API has the `/cicd` endpoint, that is consumed by a POST method. This
+ * endpoint has two actions, defined by the `action` property, passed inside
+ * the body of the POST method.
+ *
+ * - **updateRepository**
+ *
+ *   This action update the repository image on AWS ECR. This command is useful
+ *   to you update your _node_modules_ folder or your [Yarn cache](https://classic.yarnpkg.com/en/docs/cli/cache/).
+ *
+ *   Body interface:
+ *
+ *   ```ts
+ *   {
+ *     action: "updateRepository";
+ *   }
+ *   ```
+ *
+ * - **executeTask**
+ *
+ *   This action create an execution of your repository image using [ECS Fargate](https://aws.amazon.com/fargate/).
+ *   The commands that will be executed is passed by the `commands` property,
+ *   which receives an array of commands. You can also provide the following
+ *   properties:
+ *
+ *   - `cpu`: CPU value reserved for the task.
+ *   - `memory`: memory value reserved for the task.
+ *   - `taskEnvironment`: list of environment variables that can be accessed
+ *     on task execution.
+ *
+ *   Body interface:
+ *
+ *   ```ts
+ *   {
+ *      action: "executeTask";
+ *      commands: string[];
+ *      cpu?: string;
+ *      memory?: string;
+ *      taskEnvironment?: Array<{ name: string; value: string }>;
+ *   }
+ *   ```
+ *
+ *   Example:
+ *
+ *   ```json
+ *   {
+ *      "action": "executeTask",
+ *      "commands": [
+ *        "git status",
+ *        "git pull origin main",
+ *        "yarn",
+ *        "yarn test"
+ *      ],
+ *      "cpu": "1024",
+ *      "memory": "2048",
+ *      "taskEnvironment": [
+ *        {
+ *           "name": "CI",
+ *           "value": "true"
+ *        }
+ *      ]
+ *   }
+ *   ```
+ *
+ */
+const cicdApiV1Handler = async (event) => {
+    try {
+        const body = JSON.parse(event.body || JSON.stringify({}));
+        let response;
+        if (body.action === 'updateRepository') {
+            response = await codebuild
+                .startBuild({
+                projectName: getProcessEnvVariable_1.getProcessEnvVariable('PROCESS_ENV_REPOSITORY_IMAGE_CODE_BUILD_PROJECT_NAME'),
+            })
+                .promise();
+        }
+        if (body.action === 'executeTask') {
+            const { commands = [], cpu, memory, taskEnvironment = [] } = body;
+            if (commands.length === 0) {
+                throw new Error('Commands were not provided.');
+            }
+            response = await executeTasks_1.executeTasks({ commands, cpu, memory, taskEnvironment });
+        }
+        if (response) {
+            return {
+                statusCode: 200,
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify(response),
+            };
+        }
+        return {
+            statusCode: 403,
+            body: 'Execute access forbidden',
+        };
+    }
+    catch (err) {
+        return {
+            statusCode: 400,
+            body: err.message,
+        };
+    }
+};
+exports.cicdApiV1Handler = cicdApiV1Handler;

package/dist/deploy/cicd/lambdas/ecsTaskReport.handler.js

@@ -0,0 +1,79 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ecsTaskReportHandler = exports.getEcsTaskLogsUrl = void 0;
+const webhook_1 = require("@slack/webhook");
+const putApprovalResultManualTask_1 = require("./putApprovalResultManualTask");
+const getEcsTaskLogsUrl = ({ ecsTaskArn }) => {
+    if (!process.env.ECS_TASK_CONTAINER_NAME ||
+        !process.env.ECS_TASK_LOGS_LOG_GROUP) {
+        return undefined;
+    }
+    /**
+     * Arn has the following format:
+     * arn:aws:ecs:us-east-1:483684946879:task/CarlinCicdCarlinMonorepo-RepositoryTasksECSCluster-1J6saGT91hCr/6fcc78682de442ae89a0b7339ac7d981
+     *
+     * We want the "6fcc78682de442ae89a0b7339ac7d981" part.
+     */
+    const ecsTaskId = ecsTaskArn.split('/')[2];
+    const ecsTaskLogsUrl = [
+        /**
+         * https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime
+         */
+        `https://console.aws.amazon.com/cloudwatch/home?region=${process.env.AWS_REGION}#logsV2:log-groups`,
+        'log-group',
+        process.env.ECS_TASK_LOGS_LOG_GROUP,
+        'log-events',
+        `ecs/${process.env.ECS_TASK_CONTAINER_NAME}/${ecsTaskId}`.replace(/\//g, '%252F'),
+    ].join('/');
+    return ecsTaskLogsUrl;
+};
+exports.getEcsTaskLogsUrl = getEcsTaskLogsUrl;
+/**
+ * This method is invoked when an ECS task is executed and the success or
+ * failure commands calls `carlin cicd-ecs-task-report --status=<status>`.
+ */
+const ecsTaskReportHandler = async ({ ecsTaskArn, status, pipelineName, }) => {
+    const logs = ecsTaskArn && exports.getEcsTaskLogsUrl({ ecsTaskArn });
+    const handleApprovalResult = async () => {
+        if (pipelineName) {
+            await putApprovalResultManualTask_1.putApprovalResultManualTask({
+                pipelineName,
+                result: {
+                    status,
+                    summary: JSON.stringify({ status, logs }),
+                },
+            });
+        }
+    };
+    const handleStackNotification = async () => {
+        const url = process.env.SLACK_WEBHOOK_URL;
+        if (!url) {
+            return;
+        }
+        const webhook = new webhook_1.IncomingWebhook(url);
+        await webhook.send({
+            blocks: [
+                {
+                    type: 'section',
+                    text: {
+                        type: 'mrkdwn',
+                        text: `<${logs}|Logs>`,
+                    },
+                },
+                {
+                    type: 'section',
+                    text: {
+                        type: 'mrkdwn',
+                        text: `\`\`\`${JSON.stringify({
+                            status,
+                            pipelineName,
+                        }, null, 2)}\`\`\``,
+                    },
+                },
+            ],
+        });
+    };
+    await Promise.all([handleApprovalResult(), handleStackNotification()]);
+    return { statusCode: 200, body: 'ok' };
+};
+exports.ecsTaskReportHandler = ecsTaskReportHandler;