sst 2.10.3 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli/commands/secrets/list.d.ts +2 -0
- package/cli/commands/secrets/list.js +14 -5
- package/node/future/auth/adapter/google.d.ts +10 -2
- package/node/future/auth/adapter/google.js +12 -0
- package/node/future/auth/adapter/microsoft.d.ts +1 -0
- package/node/future/auth/adapter/oauth.d.ts +7 -0
- package/node/future/auth/adapter/oauth.js +1 -0
- package/node/future/auth/adapter/oidc.d.ts +4 -0
- package/node/future/auth/adapter/oidc.js +1 -0
- package/node/util/index.js +24 -5
- package/package.json +1 -1
- package/sst.mjs +16 -4
- package/support/rds-migrator/index.mjs +1 -1
|
@@ -1,11 +1,19 @@
|
|
|
1
|
-
export const list = (program) => program.command("list [format]", "Fetch all the secrets", (yargs) => yargs
|
|
1
|
+
export const list = (program) => program.command("list [format]", "Fetch all the secrets", (yargs) => yargs
|
|
2
|
+
.positional("format", {
|
|
2
3
|
type: "string",
|
|
3
4
|
choices: ["table", "env", "json"],
|
|
4
|
-
})
|
|
5
|
+
})
|
|
6
|
+
.boolean("fallback"), async (args) => {
|
|
5
7
|
const { Config } = await import("../../../config.js");
|
|
6
8
|
const { gray } = await import("colorette");
|
|
7
9
|
const { Colors } = await import("../../colors.js");
|
|
8
|
-
const
|
|
10
|
+
const configSecrets = await Config.secrets();
|
|
11
|
+
const secrets = !args.fallback
|
|
12
|
+
? configSecrets
|
|
13
|
+
: Object.entries(configSecrets).reduce((carry, [key, value]) => ({
|
|
14
|
+
...carry,
|
|
15
|
+
...(!value.value && !!value.fallback ? { [key]: value } : {}),
|
|
16
|
+
}), {});
|
|
9
17
|
if (Object.entries(secrets).length === 0) {
|
|
10
18
|
Colors.line("No secrets set");
|
|
11
19
|
return;
|
|
@@ -20,7 +28,7 @@ export const list = (program) => program.command("list [format]", "Fetch all the
|
|
|
20
28
|
break;
|
|
21
29
|
case "env":
|
|
22
30
|
for (const [key, value] of Object.entries(secrets)) {
|
|
23
|
-
console.log(`${key}=${value.value || value.fallback}`);
|
|
31
|
+
console.log(`${key}=${value.value || `${value.fallback} #fallback`}`);
|
|
24
32
|
}
|
|
25
33
|
break;
|
|
26
34
|
case "table":
|
|
@@ -42,7 +50,8 @@ export const list = (program) => program.command("list [format]", "Fetch all the
|
|
|
42
50
|
const value = secrets[key].value
|
|
43
51
|
? secrets[key].value
|
|
44
52
|
: `${secrets[key].fallback} ${gray("(fallback)")}`;
|
|
45
|
-
|
|
53
|
+
const colourPadding = secrets[key].value ? 0 : gray("").length;
|
|
54
|
+
console.log(`│ ${key.padEnd(keyLen)} │ ${value.padEnd(valueLen + colourPadding)} │`);
|
|
46
55
|
});
|
|
47
56
|
console.log("└".padEnd(keyLen + 3, "─") +
|
|
48
57
|
"┴" +
|
|
@@ -1,7 +1,15 @@
|
|
|
1
1
|
import { OidcBasicConfig } from "./oidc.js";
|
|
2
|
-
|
|
2
|
+
import { OauthBasicConfig } from "./oauth.js";
|
|
3
|
+
type GooglePrompt = "none" | "consent" | "select_account";
|
|
4
|
+
type GoogleAccessType = "offline" | "online";
|
|
5
|
+
type GoogleConfig = (OauthBasicConfig & {
|
|
6
|
+
mode: "oauth";
|
|
7
|
+
prompt?: GooglePrompt;
|
|
8
|
+
accessType?: GoogleAccessType;
|
|
9
|
+
}) | (OidcBasicConfig & {
|
|
3
10
|
mode: "oidc";
|
|
4
|
-
|
|
11
|
+
prompt?: GooglePrompt;
|
|
12
|
+
});
|
|
5
13
|
export declare function GoogleAdapter(config: GoogleConfig): () => Promise<{
|
|
6
14
|
type: "success";
|
|
7
15
|
properties: {
|
|
@@ -1,7 +1,19 @@
|
|
|
1
1
|
import { Issuer } from "openid-client";
|
|
2
2
|
import { OidcAdapter } from "./oidc.js";
|
|
3
|
+
import { OauthAdapter } from "./oauth.js";
|
|
3
4
|
const issuer = await Issuer.discover("https://accounts.google.com");
|
|
4
5
|
export function GoogleAdapter(config) {
|
|
6
|
+
/* @__PURE__ */
|
|
7
|
+
if (config.mode === "oauth") {
|
|
8
|
+
return OauthAdapter({
|
|
9
|
+
issuer,
|
|
10
|
+
...config,
|
|
11
|
+
params: {
|
|
12
|
+
...(config.accessType && { access_type: config.accessType }),
|
|
13
|
+
...config.params,
|
|
14
|
+
},
|
|
15
|
+
});
|
|
16
|
+
}
|
|
5
17
|
return OidcAdapter({
|
|
6
18
|
issuer,
|
|
7
19
|
scope: "openid email profile",
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { OidcBasicConfig } from "./oidc.js";
|
|
2
2
|
type MicrosoftConfig = OidcBasicConfig & {
|
|
3
3
|
mode: "oidc";
|
|
4
|
+
prompt?: "login" | "none" | "consent" | "select_account";
|
|
4
5
|
};
|
|
5
6
|
export declare function MicrosoftAdapter(config: MicrosoftConfig): () => Promise<{
|
|
6
7
|
type: "success";
|
|
@@ -12,7 +12,14 @@ export interface OauthBasicConfig {
|
|
|
12
12
|
* Various scopes requested for the access token
|
|
13
13
|
*/
|
|
14
14
|
scope: string;
|
|
15
|
+
/**
|
|
16
|
+
* Determines whether users will be prompted for reauthentication and consent
|
|
17
|
+
*/
|
|
15
18
|
prompt?: string;
|
|
19
|
+
/**
|
|
20
|
+
* Additional parameters to be passed to the authorization endpoint
|
|
21
|
+
*/
|
|
22
|
+
params?: Record<string, string>;
|
|
16
23
|
}
|
|
17
24
|
export interface OauthConfig extends OauthBasicConfig {
|
|
18
25
|
issuer: Issuer;
|
|
@@ -4,6 +4,10 @@ export interface OidcBasicConfig {
|
|
|
4
4
|
* The clientID provided by the third party oauth service
|
|
5
5
|
*/
|
|
6
6
|
clientID: string;
|
|
7
|
+
/**
|
|
8
|
+
* Determines whether users will be prompted for reauthentication and consent
|
|
9
|
+
*/
|
|
10
|
+
prompt?: string;
|
|
7
11
|
}
|
|
8
12
|
export interface OidcConfig extends OidcBasicConfig {
|
|
9
13
|
issuer: Issuer;
|
package/node/util/index.js
CHANGED
|
@@ -23,10 +23,8 @@ export function createProxy(constructName) {
|
|
|
23
23
|
// run code analysis after build. The code analysis runs
|
|
24
24
|
// the top level code, and would fail b/c "SST_APP" and
|
|
25
25
|
// "SST_STAGE" are undefined at build time.
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
throw new Error(`Cannot find the ${builtInEnv} environment variable. This is usually the case when you are using an older version of SST. Please update SST to the latest version to use the SST Config feature.`);
|
|
29
|
-
}
|
|
26
|
+
if (!process.env.SST_APP) {
|
|
27
|
+
throw new Error(buildMissingBuiltInEnvError());
|
|
30
28
|
}
|
|
31
29
|
// normalize prop to convert kebab cases like `my-table` to `my_table`
|
|
32
30
|
const normProp = normalizeId(prop);
|
|
@@ -109,7 +107,7 @@ async function fetchValuesFromSSM(variablesFromSsm) {
|
|
|
109
107
|
.filter((variable) => variable.constructName === "Secret")
|
|
110
108
|
.map((variable) => variable.constructId);
|
|
111
109
|
if (missingSecrets.length > 0) {
|
|
112
|
-
throw new Error(`The following
|
|
110
|
+
throw new Error(`The following secret values are not set in the "${process.env.SST_STAGE} stage": ${missingSecrets.join(", ")}`);
|
|
113
111
|
}
|
|
114
112
|
}
|
|
115
113
|
async function loadSecrets(paths) {
|
|
@@ -175,3 +173,24 @@ function storeVariable(variable, value) {
|
|
|
175
173
|
allVariables[c][id] = allVariables[c][id] || {};
|
|
176
174
|
allVariables[c][id][prop] = value;
|
|
177
175
|
}
|
|
176
|
+
function buildMissingBuiltInEnvError() {
|
|
177
|
+
// Build environment => building SSR sites
|
|
178
|
+
if (process.env.SST) {
|
|
179
|
+
return [
|
|
180
|
+
"",
|
|
181
|
+
`Cannot access bound resources. This usually happens if the "sst/node" package is used at build time. For example:`,
|
|
182
|
+
"",
|
|
183
|
+
` - The "sst/node" package is used inside the "getStaticProps()" function of a Next.js app.`,
|
|
184
|
+
` - The "sst/node" package is used at the top level outside of the "load()" function of a SvelteKit app.`,
|
|
185
|
+
"",
|
|
186
|
+
`Please wrap your build script with "sst bind". For example, "sst bind next build".`,
|
|
187
|
+
"",
|
|
188
|
+
].join("\n");
|
|
189
|
+
}
|
|
190
|
+
// Lambda/CodeBuild environment => Function/Job or SSR function
|
|
191
|
+
if (process.env.AWS_LAMBDA_FUNCTION_NAME || process.env.CODEBUILD_BUILD_ARN) {
|
|
192
|
+
return `Cannot access bound resources. This usually happens if you are using an older version of SST. Please update SST to the latest version.`;
|
|
193
|
+
}
|
|
194
|
+
// Unknown environment => client-side code
|
|
195
|
+
return `Cannot access bound resources. This usually happens if the "sst/node" package is used on the client-side. Ensure that it's only called in your server functions.`;
|
|
196
|
+
}
|
package/package.json
CHANGED
package/sst.mjs
CHANGED
|
@@ -7707,12 +7707,19 @@ var list = (program2) => program2.command(
|
|
|
7707
7707
|
(yargs2) => yargs2.positional("format", {
|
|
7708
7708
|
type: "string",
|
|
7709
7709
|
choices: ["table", "env", "json"]
|
|
7710
|
-
}),
|
|
7710
|
+
}).boolean("fallback"),
|
|
7711
7711
|
async (args) => {
|
|
7712
7712
|
const { Config: Config2 } = await Promise.resolve().then(() => (init_config(), config_exports));
|
|
7713
7713
|
const { gray } = await import("colorette");
|
|
7714
7714
|
const { Colors: Colors2 } = await Promise.resolve().then(() => (init_colors(), colors_exports));
|
|
7715
|
-
const
|
|
7715
|
+
const configSecrets = await Config2.secrets();
|
|
7716
|
+
const secrets2 = !args.fallback ? configSecrets : Object.entries(configSecrets).reduce(
|
|
7717
|
+
(carry, [key, value]) => ({
|
|
7718
|
+
...carry,
|
|
7719
|
+
...!value.value && !!value.fallback ? { [key]: value } : {}
|
|
7720
|
+
}),
|
|
7721
|
+
{}
|
|
7722
|
+
);
|
|
7716
7723
|
if (Object.entries(secrets2).length === 0) {
|
|
7717
7724
|
Colors2.line("No secrets set");
|
|
7718
7725
|
return;
|
|
@@ -7729,7 +7736,9 @@ var list = (program2) => program2.command(
|
|
|
7729
7736
|
break;
|
|
7730
7737
|
case "env":
|
|
7731
7738
|
for (const [key, value] of Object.entries(secrets2)) {
|
|
7732
|
-
console.log(
|
|
7739
|
+
console.log(
|
|
7740
|
+
`${key}=${value.value || `${value.fallback} #fallback`}`
|
|
7741
|
+
);
|
|
7733
7742
|
}
|
|
7734
7743
|
break;
|
|
7735
7744
|
case "table":
|
|
@@ -7755,8 +7764,11 @@ var list = (program2) => program2.command(
|
|
|
7755
7764
|
);
|
|
7756
7765
|
keys.sort().forEach((key) => {
|
|
7757
7766
|
const value = secrets2[key].value ? secrets2[key].value : `${secrets2[key].fallback} ${gray("(fallback)")}`;
|
|
7767
|
+
const colourPadding = secrets2[key].value ? 0 : gray("").length;
|
|
7758
7768
|
console.log(
|
|
7759
|
-
`\u2502 ${key.padEnd(keyLen)} \u2502 ${value.padEnd(
|
|
7769
|
+
`\u2502 ${key.padEnd(keyLen)} \u2502 ${value.padEnd(
|
|
7770
|
+
valueLen + colourPadding
|
|
7771
|
+
)} \u2502`
|
|
7760
7772
|
);
|
|
7761
7773
|
});
|
|
7762
7774
|
console.log(
|