declapract-typescript-ehmpathy 0.31.10 → 0.32.0

package/dist/practices/cicd-common/best-practice/.github/workflows/.install.yml

@@ -0,0 +1,46 @@
+name: .install
+
+on:
+  workflow_call:
+    outputs:
+      node-modules-cache-key:
+        description: a max(stable) cache key to the node modules of this commit's dependencies
+        value: ${{ jobs.npm.outputs.node-modules-cache-key }}
+
+jobs:
+  npm:
+    runs-on: ubuntu-20.04
+    outputs:
+      node-modules-cache-key: ${{ steps.cache.outputs.cache-primary-key }}
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+
+      - name: set node-version
+        uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+
+      - name: node-modules deps hash
+        id: deps-hash
+        run: |
+          PACKAGE_DEPS_HASH=$(jq '.packages' package-lock.json | jq 'del(."".version)' | md5sum | awk '{print $1}');
+          echo "PACKAGE_DEPS_HASH=$PACKAGE_DEPS_HASH"
+          echo "package-deps-hash=$PACKAGE_DEPS_HASH" >> "$GITHUB_OUTPUT"
+      - name: node-modules cache get
+        uses: actions/cache/restore@v3
+        id: cache
+        with:
+          path: ./node_modules
+          key: ${{ runner.os }}-node-${{ steps.deps-hash.outputs.package-deps-hash }}
+
+      - name: node-modules cache miss install
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: npm ci --ignore-scripts --prefer-offline --no-audit
+
+      - name: node-modules cache set
+        if: steps.cache.outputs.cache-hit != 'true'
+        uses: actions/cache/save@v3
+        with:
+          path: ./node_modules
+          key: ${{ steps.cache.outputs.cache-primary-key }}

package/dist/practices/cicd-common/best-practice/.github/workflows/.test.yml

@@ -20,38 +20,13 @@ on:
         description: required credentials to authenticate with aws the aws account against which to run the tests
 
 jobs:
+  # install the dependencies
   install:
-    runs-on: ubuntu-latest
-    steps:
-      - name: checkout
-        uses: actions/checkout@v3
-
-      - name: set node-version
-        uses: actions/setup-node@v3
-        with:
-          node-version-file: '.nvmrc'
-
-      - name: node-modules cache get
-        uses: actions/cache/restore@v3
-        id: cache
-        with:
-          path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
-
-      - name: node-modules cache miss install
-        if: steps.cache.outputs.cache-hit != 'true'
-        run: npm ci --ignore-scripts --prefer-offline --no-audit
-
-      - name: node-modules cache set
-        if: steps.cache.outputs.cache-hit != 'true'
-        uses: actions/cache/save@v3
-        with:
-          path: ./node_modules
-          key: ${{ steps.cache.outputs.cache-primary-key }}
+    uses: ./.github/workflows/.install.yml
 
   # run tests in parallel
   test-commits:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: [install]
     steps:
       - name: checkout
@@ -68,13 +43,13 @@ jobs:
         uses: actions/cache/restore@v3
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: test:commits
         run: npm run test:commits
 
   test-types:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: [install]
     steps:
       - name: checkout
@@ -89,13 +64,13 @@ jobs:
         uses: actions/cache/restore@v3
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: test:types
         run: npm run test:types
 
   test-format:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: [install]
     steps:
       - name: checkout
@@ -110,13 +85,13 @@ jobs:
         uses: actions/cache/restore@v3
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: test:format
         run: npm run test:format
 
   test-lint:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: [install]
     steps:
       - name: checkout
@@ -131,13 +106,13 @@ jobs:
         uses: actions/cache/restore@v3
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: test:lint
         run: npm run test:lint
 
   test-unit:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: [install]
     steps:
       - name: checkout
@@ -152,13 +127,13 @@ jobs:
         uses: actions/cache/restore@v3
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: test:unit
         run: THOROUGH=true npm run test:unit
 
   test-integration:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: [install]
     steps:
       - name: checkout
@@ -173,7 +148,7 @@ jobs:
         uses: actions/cache/restore@v3
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: configure aws credentials
         if: "${{ inputs.aws-account-id != '' }}"
@@ -198,7 +173,7 @@ jobs:
         run: THOROUGH=true npm run test:integration
 
   test-acceptance-locally:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: [install]
     steps:
       - name: checkout
@@ -213,7 +188,7 @@ jobs:
         uses: actions/cache/restore@v3
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: configure aws credentials
         if: "${{ inputs.aws-account-id != '' }}"

package/dist/practices/cicd-package/best-practice/.github/workflows/.publish-npm.yml

@@ -8,8 +8,12 @@ on:
         description: required credentials to authenticate with the aws account under which to publish
 
 jobs:
+  install:
+    uses: ./.github/workflows/.install.yml
+
   publish:
     runs-on: ubuntu-20.04
+    needs: [install]
     steps:
       - name: checkout
         uses: actions/checkout@v3
@@ -25,7 +29,7 @@ jobs:
         id: cache
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: node-modules cache miss install
         if: steps.cache.outputs.cache-hit != 'true'

package/dist/practices/cicd-service/best-practice/.github/workflows/.deploy-sls.yml

@@ -36,8 +36,12 @@ on:
         description: complete openvpn config required to enter the vpn, if needed
 
 jobs:
+  install:
+    uses: ./.github/workflows/.install.yml
+
   deploy:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
+    needs: [install]
     steps:
       - name: checkout
         uses: actions/checkout@v3
@@ -66,7 +70,7 @@ jobs:
         id: cache
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: node-modules cache miss install
         if: steps.cache.outputs.cache-hit != 'true'
@@ -76,8 +80,8 @@ jobs:
         run: STAGE=${{ inputs.stage }} DEPLOYER_NAME=$GITHUB_ACTOR npm run deploy
 
   assure:
-    runs-on: ubuntu-latest
-    needs: [deploy]
+    runs-on: ubuntu-20.04
+    needs: [install, deploy]
     steps:
       - name: checkout
         uses: actions/checkout@v3
@@ -106,7 +110,7 @@ jobs:
         id: cache
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: node-modules cache miss install
         if: steps.cache.outputs.cache-hit != 'true'
@@ -140,8 +144,8 @@ jobs:
         run: sudo killall openvpn
 
   prune:
-    runs-on: ubuntu-latest
-    needs: [deploy]
+    runs-on: ubuntu-20.04
+    needs: [install, deploy]
     steps:
       - name: checkout
         uses: actions/checkout@v3
@@ -170,7 +174,7 @@ jobs:
         id: cache
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: node-modules cache miss install
         if: steps.cache.outputs.cache-hit != 'true'

package/dist/practices/cicd-service/best-practice/.github/workflows/.sql-schema-control.yml

@@ -32,8 +32,12 @@ on:
         description: complete openvpn config required to enter the vpn
 
 jobs:
+  install:
+    uses: ./.github/workflows/.install.yml
+
   plan:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
+    needs: [install]
     outputs:
       has-changes-planned: ${{ steps.evaluate-plan.outputs.has-changes-planned }}
     steps:
@@ -50,7 +54,7 @@ jobs:
         id: cache
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: node-modules cache miss install
         if: steps.cache.outputs.cache-hit != 'true'
@@ -116,9 +120,9 @@ jobs:
         run: sudo killall openvpn
 
   apply:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     environment: ${{ inputs.github-environment }}
-    needs: plan
+    needs: [install, plan]
     if: ${{ inputs.allow-apply == true && needs.plan.outputs.has-changes-planned == 'true' }}
     steps:
       - name: checkout
@@ -134,7 +138,7 @@ jobs:
         id: cache
         with:
           path: ./node_modules
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ needs.install.outputs.node-modules-cache-key }}
 
       - name: node-modules cache miss install
         if: steps.cache.outputs.cache-hit != 'true'

package/dist/practices/domain/best-practice/package.json

@@ -1,7 +1,7 @@
 {
   "dependencies": {
-    "domain-objects": "@declapract{check.minVersion('0.10.3')}",
+    "domain-objects": "@declapract{check.minVersion('0.21.9')}",
     "joi": "@declapract{check.minVersion('17.4.0')}",
-    "type-fns": "@declapract{check.minVersion('0.8.1')}"
+    "type-fns": "@declapract{check.minVersion('0.16.0')}"
   }
 }

package/dist/practices/environments/best-practice/src/utils/environment.ts

@@ -1,3 +1,4 @@
+import { UnexpectedCodePathError } from '@ehmpathy/error-fns';
 import { createIsOfEnum } from 'type-fns';
 
 export enum Stage {
@@ -7,6 +8,22 @@ export enum Stage {
 }
 export const isOfStage = createIsOfEnum(Stage);
 
+/**
+ * verify that the server is on UTC timezone
+ *
+ * why?
+ * - non UTC timezone usage causes problems and takes a while to track down
+ * - by failing fast if the server our code runs in is not in UTC, we avoid these issues
+ * =>
+ * - create a pit of success
+ */
+const TIMEZONE = process.env.TZ;
+if (TIMEZONE !== 'UTC')
+  throw new UnexpectedCodePathError(
+    'env.TZ is not set to UTC. this can cause issues. please set the env var',
+    { found: TIMEZONE, desire: 'UTC' },
+  );
+
 /**
  * this allows us to infer what the stage should be in environments that do not have STAGE specified
  * - e.g., when running locally

package/dist/practices/lambda-handlers/best-practice/package.json

@@ -1,6 +1,6 @@
 {
   "dependencies": {
-    "simple-lambda-handlers": "@declapract{check.minVersion('0.9.0')}"
+    "simple-lambda-handlers": "@declapract{check.minVersion('0.9.1')}"
   },
   "devDependencies": {}
 }

package/dist/practices/linting/best-practice/.eslintrc.js

@@ -43,5 +43,6 @@ module.exports = {
     '@typescript-eslint/lines-between-class-members': 'off',
     'no-return-await': 'off', // this does not help anything and actually leads to bugs if we subsequently wrap the return in a try catch without remembering to _then_ add await
     '@typescript-eslint/return-await': 'off',
+    '@typescript-eslint/no-unsafe-declaration-merging': 'off', // dobjs are built off of this
   },
 };

package/dist/practices/persist-with-rds/best-practice/package.json

@@ -4,10 +4,10 @@
     "yesql": "@declapract{check.minVersion('3.2.2')}"
   },
   "devDependencies": {
-    "sql-code-generator": "@declapract{check.minVersion('0.9.3')}",
-    "sql-dao-generator": "@declapract{check.minVersion('0.4.0')}",
+    "sql-code-generator": "@declapract{check.minVersion('0.10.0')}",
+    "sql-dao-generator": "@declapract{check.minVersion('0.8.1')}",
     "sql-schema-control": "@declapract{check.minVersion('1.5.0')}",
-    "sql-schema-generator": "@declapract{check.minVersion('0.23.0')}",
+    "sql-schema-generator": "@declapract{check.minVersion('0.25.0')}",
     "@types/yesql": "@declapract{check.minVersion('3.2.2')}",
     "@types/pg": "@declapract{check.minVersion('8.6.1')}"
   },

package/dist/practices/serverless/best-practice/serverless.yml

@@ -17,6 +17,7 @@ provider:
     environment: ${self:provider.stage}
     product: ${self:service}
   environment:
+    TZ: UTC # guarantee that utc timezone will be used explicitly, to facilitate a pit of success
     NODE_ENV: production # deploy with production optimizations of all resources, to make `dev` and `prod` stage deployments equivalent functionally (i.e., the same code paths in dev and prod)
     STAGE: ${self:provider.stage} # deploy specifying which stage we're targeting, to enable targeting the correct config + resources (e.g., hit dev db -vs- prod db)
     AWS_NODEJS_CONNECTION_REUSE_ENABLED: true # https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/node-reusing-connections.html

package/dist/practices/terraform/best-practice/provision/github/product/repository.tf

@@ -58,7 +58,6 @@ resource "github_branch_protection" "main_branch" {
   required_status_checks {
     strict = true # branch must be up to date. otherwise, we dont know if it will really pass once it is merged
     contexts = [
-      "suite / install",
       "suite / test-commits",
       "suite / test-types",
       "suite / test-format",

package/package.json

@@ -2,7 +2,7 @@
   "name": "declapract-typescript-ehmpathy",
   "author": "ehmpathy",
   "description": "declapract best practices declarations for typescript",
-  "version": "0.31.10",
+  "version": "0.32.0",
   "main": "src/index.js",
   "repository": "ehmpathy/declapract-typescript-ehmpathy",
   "homepage": "https://github.com/ehmpathy/declapract-typescript-ehmpathy",
@@ -38,6 +38,7 @@
     "postinstall": "[ -d .git ] && npx husky install || exit 0"
   },
   "dependencies": {
+    "@ehmpathy/error-fns": "1.3.1",
     "expect": "29.4.2",
     "flat": "5.0.2",
     "lodash.uniq": "4.5.0",