cloudmason 2.0.35 → 2.0.36

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/commands/ssh_build.js +18 -4
  2. package/package.json +1 -1
package/commands/ssh_build.js CHANGED
@@ -432,11 +432,25 @@ class EC2AMIBuilder {
432
432
 
433
433
  async createAMI() {
434
434
  console.log('📸 Creating AMI from instance...');
435
-
436
- // Cleanup commands before AMI creation
435
+
436
+ // Cleanup commands before AMI creation - remove all sensitive data
437
437
  const cleanupCommands = [
438
- ['Cleaning up instance before AMI creation', 'sudo dnf clean all && sudo rm -rf /tmp/* /var/tmp/* /var/log/messages* /var/log/secure* ~/.bash_history'],
439
- ['Checking disk usage', 'df -h && du -sh .']
438
+ // Remove SSH authorized keys (contains the temporary build key)
439
+ ['Removing SSH authorized keys', 'rm -f ~/.ssh/authorized_keys && sudo rm -f /root/.ssh/authorized_keys'],
440
+ // Remove SSH host keys (new instances will regenerate their own)
441
+ ['Removing SSH host keys', 'sudo rm -f /etc/ssh/ssh_host_*'],
442
+ // Clean cloud-init so it runs fresh on new instances
443
+ ['Cleaning cloud-init data', 'sudo rm -rf /var/lib/cloud/*'],
444
+ // Reset machine-id for unique instance identification
445
+ ['Resetting machine-id', 'sudo truncate -s 0 /etc/machine-id'],
446
+ // Clean bash history for all users
447
+ ['Cleaning bash history', 'rm -f ~/.bash_history && sudo rm -f /root/.bash_history'],
448
+ // Clean logs and temp files
449
+ ['Cleaning logs and temp files', 'sudo rm -rf /tmp/* /var/tmp/* /var/log/messages* /var/log/secure* /var/log/cloud-init*.log'],
450
+ // Clean DNF cache
451
+ ['Cleaning DNF cache', 'sudo dnf clean all'],
452
+ // Verify cleanup and check disk usage
453
+ ['Checking disk usage', 'df -h && du -sh /home/ec2-user/app']
440
454
  ];
441
455
 
442
456
  // Execute cleanup commands
package/package.json CHANGED
@@ -1 +1 @@
1
- {"name":"cloudmason","version":"2.0.35","description":"","main":"main.js","scripts":{"build":"node build.js"},"bin":{"mason":"./main.js"},"repository":{"type":"git","url":"https://github.com/kai-harvey/cloudmason.git"},"author":"Kai Harvey","license":"ISC","dependencies":{"@aws-sdk/client-acm":"^3.418.0","@aws-sdk/client-auto-scaling":"^3.470.0","@aws-sdk/client-cloudformation":"^3.418.0","@aws-sdk/client-ec2":"^3.864.0","@aws-sdk/client-iam":"^3.864.0","@aws-sdk/client-marketplace-catalog":"^3.716.0","@aws-sdk/client-route-53":"^3.425.0","@aws-sdk/client-s3":"^3.418.0","@aws-sdk/client-ssm":"^3.421.0","adm-zip":"^0.5.10","ssh2":"^1.16.0","yaml":"^2.6.1"}}
1
+ {"name":"cloudmason","version":"2.0.36","description":"","main":"main.js","scripts":{"build":"node build.js"},"bin":{"mason":"./main.js"},"repository":{"type":"git","url":"https://github.com/kai-harvey/cloudmason.git"},"author":"Kai Harvey","license":"ISC","dependencies":{"@aws-sdk/client-acm":"^3.418.0","@aws-sdk/client-auto-scaling":"^3.470.0","@aws-sdk/client-cloudformation":"^3.418.0","@aws-sdk/client-ec2":"^3.864.0","@aws-sdk/client-iam":"^3.864.0","@aws-sdk/client-marketplace-catalog":"^3.716.0","@aws-sdk/client-route-53":"^3.425.0","@aws-sdk/client-s3":"^3.418.0","@aws-sdk/client-ssm":"^3.421.0","adm-zip":"^0.5.10","ssh2":"^1.16.0","yaml":"^2.6.1"}}