declapract-typescript-ehmpathy 0.24.0 → 0.25.1

package/dist/practices/cicd-package/best-practice/.github/workflows/.publish-npm.yml

@@ -14,15 +14,26 @@ jobs:
       - name: checkout
         uses: actions/checkout@v3
 
-      - name: set node version
+      - name: set node-version
         uses: actions/setup-node@v3
         with:
           registry-url: 'https://registry.npmjs.org/'
           node-version-file: '.nvmrc'
           cache: 'npm'
 
-      - name: install
-        run: npm ci
+      - name: node-modules cache get
+        uses: actions/cache/restore@v3
+        id: cache
+        with:
+          path: ./node_modules
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+
+      - name: node-modules cache miss install
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: npm ci --ignore-scripts --prefer-offline --no-audit
+
+      - name: build
+        run: npm run build
 
       - name: publish
         run: npm publish

package/dist/practices/cicd-service/best-practice/.github/workflows/.deploy-sls.yml

@@ -19,6 +19,11 @@ on:
         type: string
         description: the id of the account the credentials are expected to access
         required: true
+      needs-vpn-for-acceptance:
+        type: boolean
+        description: whether or not this environment needs vpn access for acceptance tests
+        required: false
+        default: false
     secrets:
       aws-access-key-id:
         required: true
@@ -26,6 +31,9 @@ on:
       aws-secret-access-key:
         required: true
         description: required credentials to authenticate with aws provider and state persistance
+      open-vpn-config:
+        required: false
+        description: complete openvpn config required to enter the vpn, if needed
 
 jobs:
   deploy:
@@ -34,7 +42,7 @@ jobs:
       - name: checkout
         uses: actions/checkout@v3
 
-      - name: set node version
+      - name: set node-version
         uses: actions/setup-node@v3
         with:
           node-version-file: '.nvmrc'
@@ -68,5 +76,108 @@ jobs:
       - name: deploy
         run: STAGE=${{ inputs.stage }} DEPLOYER_NAME=$GITHUB_ACTOR npm run deploy
 
+  assure:
+    runs-on: ubuntu-latest
+    needs: [deploy]
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+
+      - name: set node-version
+        uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          cache: 'npm'
+
+      - name: configure aws credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        id: credentials
+        with:
+          aws-access-key-id: ${{ secrets.aws-access-key-id }}
+          aws-secret-access-key: ${{ secrets.aws-secret-access-key }}
+          aws-region: ${{ inputs.aws-region }}
+
+      - name: confirm aws credentials
+        run: |
+          [[ ${{steps.credentials.outputs.aws-account-id}} != ${{ inputs.aws-account-id }} ]] \
+            && echo 'wrong aws account' && exit 1 \
+            || echo 'correct aws account';
+
+      - name: node-modules cache get
+        uses: actions/cache/restore@v3
+        id: cache
+        with:
+          path: ./node_modules
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+
+      - name: node-modules cache miss install
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: npm ci --ignore-scripts --prefer-offline --no-audit
+
+      - name: vpn:prepare
+        if: inputs.needs-vpn-for-acceptance
+        run: |
+          sudo apt update \
+          && sudo apt-get install openvpn openvpn-systemd-resolved \
+          && mkdir ~/.vpn \
+          && echo "${{ secrets.open-vpn-config }}" | base64 -d > ~/.vpn/vpn.connection.ovpn
+
+      - name: vpn:connect
+        if: inputs.needs-vpn-for-acceptance
+        run: |
+          # create the log file, so that we have permissions to read it
+          touch openvpn.log
+
+          # start openvpn in the background
+          sudo openvpn --config ~/.vpn/vpn.connection.ovpn --daemon --log openvpn.log
+
+          # wait until we've confirmed that it successfully connected; https://superuser.com/a/900134/425694
+          ( tail -f -n0 openvpn.log & ) | grep -q "Initialization Sequence Completed"
+
       - name: test:acceptance
         run: STAGE=${{ inputs.stage }} npm run test:acceptance
+
+      - name: vpn:disconnect
+        if: inputs.needs-vpn-for-acceptance
+        run: sudo killall openvpn
+
+  prune:
+    runs-on: ubuntu-latest
+    needs: [deploy]
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+
+      - name: set node-version
+        uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          cache: 'npm'
+
+      - name: configure aws credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        id: credentials
+        with:
+          aws-access-key-id: ${{ secrets.aws-access-key-id }}
+          aws-secret-access-key: ${{ secrets.aws-secret-access-key }}
+          aws-region: ${{ inputs.aws-region }}
+
+      - name: confirm aws credentials
+        run: |
+          [[ ${{steps.credentials.outputs.aws-account-id}} != ${{ inputs.aws-account-id }} ]] \
+            && echo 'wrong aws account' && exit 1 \
+            || echo 'correct aws account';
+
+      - name: node-modules cache get
+        uses: actions/cache/restore@v3
+        id: cache
+        with:
+          path: ./node_modules
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+
+      - name: node-modules cache miss install
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: npm ci --ignore-scripts --prefer-offline --no-audit
+
+      - name: prune
+        run: STAGE=${{ inputs.stage }} DEPLOYER_NAME=$GITHUB_ACTOR npm run deploy:prune

package/dist/practices/cicd-service/best-practice/.github/workflows/.sql-schema-control.yml

@@ -40,14 +40,22 @@ jobs:
       - name: checkout
         uses: actions/checkout@v3
 
-      - name: set node version
+      - name: set node-version
         uses: actions/setup-node@v3
         with:
           node-version-file: '.nvmrc'
           cache: 'npm'
 
-      - name: install
-        run: npm ci --ignore-scripts
+      - name: node-modules cache get
+        uses: actions/cache/restore@v3
+        id: cache
+        with:
+          path: ./node_modules
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+
+      - name: node-modules cache miss install
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: npm ci --ignore-scripts --prefer-offline --no-audit
 
       - name: configure aws credentials
         uses: aws-actions/configure-aws-credentials@v1
@@ -117,14 +125,22 @@ jobs:
       - name: checkout
         uses: actions/checkout@v3
 
-      - name: set node version
+      - name: set node-version
         uses: actions/setup-node@v3
         with:
           node-version-file: '.nvmrc'
           cache: 'npm'
 
-      - name: install
-        run: npm ci --ignore-scripts
+      - name: node-modules cache get
+        uses: actions/cache/restore@v3
+        id: cache
+        with:
+          path: ./node_modules
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+
+      - name: node-modules cache miss install
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: npm ci --ignore-scripts --prefer-offline --no-audit
 
       - name: configure aws credentials
         uses: aws-actions/configure-aws-credentials@v1

package/dist/practices/errors/best-practice/src/utils/errors/UnexpectedCodePathError.ts

@@ -8,7 +8,7 @@ export class UnexpectedCodePathError extends Error {
   constructor(message: string, metadata?: Record<string, any>) {
     const fullMessage = `UnexpectedCodePath: ${message}${
       metadata ? `\n\n${JSON.stringify(metadata)}` : ''
-    }}`;
+    }`;
     super(fullMessage);
   }
 }

package/dist/practices/linting/best-practice/.depcheckrc.yml

@@ -5,6 +5,7 @@ ignores:
   - '@commitlint/config-conventional'
   - '@trivago/prettier-plugin-sort-imports'
   - '@tsconfig/node-lts-strictest'
+  - serverless-prune-plugin
   - core-js
   - ts-jest
   - ts-node

package/dist/practices/package-json-order/best-practice/package.json.declapract.ts

@@ -59,8 +59,10 @@ export const desiredRelativeKeyOrder = {
     'test',
     'test:acceptance',
     'prepush',
+    'prepublish',
     'preversion',
     'postversion',
+    'deploy:prune',
     'deploy:release',
     'deploy:send-notification',
     'deploy:dev',

package/dist/practices/serverless/best-practice/package.json

@@ -1,9 +1,11 @@
 {
   "devDependencies": {
     "serverless": "@declapract{check.minVersion('2.57.0')}",
+    "serverless-prune-plugin": "@declapract{check.minVersion('2.0.2')}",
     "if-env": "@declapract{check.minVersion('1.0.4')}"
   },
   "scripts": {
+    "deploy:prune": "npx sls prune -n 7 --stage $STAGE",
     "deploy:release": "npm run build && sls deploy --verbose --stage $STAGE",
     "deploy:send-notification": "curl -X POST -H 'Content-type: application/json' --data \"{\\\"text\\\":\\\"$([ -z $DEPLOYER_NAME ] && git config user.name || echo $DEPLOYER_NAME) has deployed $npm_package_name@v$npm_package_version:\nhttps://github.com/@declapract{variable.organizationName}/$npm_package_name/tree/v$npm_package_version\\\"}\" @declapract{variable.slackWebhookUrl}",
     "deploy:dev": "STAGE=dev npm run deploy:release",

package/dist/practices/serverless/best-practice/serverless.yml

@@ -3,6 +3,9 @@ service: @declapract{variable.projectName}
 package:
   artifact: .artifact/contents.zip
 
+plugins:
+  - serverless-prune-plugin
+
 provider:
   name: aws
   runtime: nodejs16.x

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "declapract-typescript-ehmpathy",
-  "version": "0.24.0",
+  "version": "0.25.1",
   "description": "declapract best practices declarations for typescript",
   "main": "src/index.js",
   "repository": "ehmpathy/declapract-typescript-ehmpathy",
@@ -32,7 +32,6 @@
   "license": "ISC",
   "dependencies": {
     "domain-objects": "0.7.5",
-    "dynamodb-dao-generator": "1.0.0",
     "expect": "29.4.2",
     "flat": "5.0.2",
     "lodash.uniq": "4.5.0",