sst 2.23.15 → 2.24.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cdk/deployments.d.ts +1 -1
- package/cdk/deployments.js +1 -1
- package/cli/commands/bind.js +3 -3
- package/cli/ui/deploy.js +1 -1
- package/constructs/App.d.ts +1 -1
- package/constructs/Function.d.ts +1 -1
- package/node/auth/session.js +1 -1
- package/node/future/auth/session.js +1 -1
- package/node/websocket-api/index.js +1 -1
- package/package.json +13 -13
- package/stacks/metadata.d.ts +1 -1
- package/stacks/metadata.js +12 -6
- package/support/java-runtime/install.sh +2 -2
- package/cdk/asset-publishing.d.ts +0 -74
- package/cdk/asset-publishing.js +0 -147
- package/cdk-assets/private/asset-handler.d.ts +0 -29
- package/cdk-assets/private/asset-handler.js +0 -1
- package/cdk-assets/private/docker.d.ts +0 -94
- package/cdk-assets/private/docker.js +0 -237
- package/cdk-assets/private/handlers/container-images.d.ts +0 -22
- package/cdk-assets/private/handlers/container-images.js +0 -231
- package/cdk-assets/private/handlers/index.d.ts +0 -3
- package/cdk-assets/private/handlers/index.js +0 -18
- package/cdk-assets/publishing.d.ts +0 -113
- package/cdk-assets/publishing.js +0 -194
package/cdk/deployments.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as cxapi from "@aws-cdk/cx-api";
|
|
2
2
|
import { AssetManifest, IManifestEntry } from "cdk-assets";
|
|
3
3
|
import { Tag } from "sst-aws-cdk/lib/cdk-toolkit.js";
|
|
4
|
-
import { BuildAssetsOptions, PublishAssetsOptions } from "
|
|
4
|
+
import { BuildAssetsOptions, PublishAssetsOptions } from "sst-aws-cdk/lib/util/asset-publishing.js";
|
|
5
5
|
import { Mode } from "sst-aws-cdk/lib/api/aws-auth/credentials.js";
|
|
6
6
|
import { ISDK } from "sst-aws-cdk/lib/api/aws-auth/sdk.js";
|
|
7
7
|
import { SdkProvider } from "sst-aws-cdk/lib/api/aws-auth/sdk-provider.js";
|
package/cdk/deployments.js
CHANGED
|
@@ -3,7 +3,7 @@ import * as cxapi from "@aws-cdk/cx-api";
|
|
|
3
3
|
import * as cdk_assets from "cdk-assets";
|
|
4
4
|
import { AssetManifest } from "cdk-assets";
|
|
5
5
|
import { debug, warning } from "sst-aws-cdk/lib/logging.js";
|
|
6
|
-
import { buildAssets, publishAssets, PublishingAws, EVENT_TO_LOGGER, } from "
|
|
6
|
+
import { buildAssets, publishAssets, PublishingAws, EVENT_TO_LOGGER, } from "sst-aws-cdk/lib/util/asset-publishing.js";
|
|
7
7
|
import { Mode } from "sst-aws-cdk/lib/api/aws-auth/credentials.js";
|
|
8
8
|
import { deployStack, destroyStack, makeBodyParameterAndUpload, } from "./deploy-stack.js";
|
|
9
9
|
import { loadCurrentTemplateWithNestedStacks, loadCurrentTemplate, } from "sst-aws-cdk/lib/api/nested-stack-helpers.js";
|
package/cli/commands/bind.js
CHANGED
|
@@ -167,7 +167,7 @@ export const bind = (program) => program
|
|
|
167
167
|
]);
|
|
168
168
|
const metadataData = await metadataForStack(ssrSite.stack);
|
|
169
169
|
const metadata = metadataData
|
|
170
|
-
|
|
170
|
+
?.filter((c) => [
|
|
171
171
|
"NextjsSite",
|
|
172
172
|
"AstroSite",
|
|
173
173
|
"RemixSite",
|
|
@@ -198,7 +198,7 @@ export const bind = (program) => program
|
|
|
198
198
|
const { metadataForStack } = await import("../../stacks/metadata.js");
|
|
199
199
|
const metadataData = await metadataForStack(staticSite.stack);
|
|
200
200
|
const metadata = metadataData
|
|
201
|
-
|
|
201
|
+
?.filter((c) => ["StaticSite", "SlsNextjsSite"].includes(c.type))
|
|
202
202
|
.find((c) => {
|
|
203
203
|
// metadata prior to SST v2.3.0 doesn't have path
|
|
204
204
|
if (!c.data.path || !c.data.environment) {
|
|
@@ -224,7 +224,7 @@ export const bind = (program) => program
|
|
|
224
224
|
// Get metadata
|
|
225
225
|
const metadataData = await metadataForStack(service.stack);
|
|
226
226
|
const metadata = metadataData
|
|
227
|
-
|
|
227
|
+
?.filter((c) => ["Service"].includes(c.type))
|
|
228
228
|
.find((c) => {
|
|
229
229
|
return (path.resolve(project.paths.root, c.data.path) === process.cwd());
|
|
230
230
|
});
|
package/cli/ui/deploy.js
CHANGED
|
@@ -155,7 +155,7 @@ function getApiAccessLogPermissionsHelper(error) {
|
|
|
155
155
|
// note: this should be handled in SST as access log group names are now
|
|
156
156
|
// hardcoded with /aws/vendedlogs/apis prefix.
|
|
157
157
|
if (error.indexOf("Insufficient permissions to enable logging") > -1) {
|
|
158
|
-
return `This is a common deploy error. Check out this GitHub issue for more details - https://github.com/
|
|
158
|
+
return `This is a common deploy error. Check out this GitHub issue for more details - https://github.com/sst/sst/issues/125`;
|
|
159
159
|
}
|
|
160
160
|
}
|
|
161
161
|
function getAppSyncMultiResolverHelper(error) {
|
package/constructs/App.d.ts
CHANGED
|
@@ -77,7 +77,7 @@ export declare class App extends CDKApp {
|
|
|
77
77
|
defaultFunctionProps: (FunctionProps | ((stack: Stack) => FunctionProps))[];
|
|
78
78
|
private _defaultRemovalPolicy?;
|
|
79
79
|
/** @internal */
|
|
80
|
-
get defaultRemovalPolicy(): "destroy" | "retain" | "snapshot" | undefined;
|
|
80
|
+
get defaultRemovalPolicy(): "destroy" | "retain" | "snapshot" | "retain-on-update-or-delete" | undefined;
|
|
81
81
|
/**
|
|
82
82
|
* @internal
|
|
83
83
|
*/
|
package/constructs/Function.d.ts
CHANGED
|
@@ -268,7 +268,7 @@ export interface FunctionProps extends Omit<FunctionOptions, "functionName" | "m
|
|
|
268
268
|
*
|
|
269
269
|
* Note that, if a Layer is created in a stack (say `stackA`) and is referenced in another stack (say `stackB`), SST automatically creates an SSM parameter in `stackA` with the Layer's ARN. And in `stackB`, SST reads the ARN from the SSM parameter, and then imports the Layer.
|
|
270
270
|
*
|
|
271
|
-
* This is to get around the limitation that a Lambda Layer ARN cannot be referenced across stacks via a stack export. The Layer ARN contains a version number that is incremented everytime the Layer is modified. When you refer to a Layer's ARN across stacks, a CloudFormation export is created. However, CloudFormation does not allow an exported value to be updated. Once exported, if you try to deploy the updated layer, the CloudFormation update will fail. You can read more about this issue here - https://github.com/
|
|
271
|
+
* This is to get around the limitation that a Lambda Layer ARN cannot be referenced across stacks via a stack export. The Layer ARN contains a version number that is incremented everytime the Layer is modified. When you refer to a Layer's ARN across stacks, a CloudFormation export is created. However, CloudFormation does not allow an exported value to be updated. Once exported, if you try to deploy the updated layer, the CloudFormation update will fail. You can read more about this issue here - https://github.com/sst/sst/issues/549.
|
|
272
272
|
*
|
|
273
273
|
* @default no layers
|
|
274
274
|
*
|
package/node/auth/session.js
CHANGED
|
@@ -14,7 +14,7 @@ const SessionMemo = /* @__PURE__ */ Context.memo(() => {
|
|
|
14
14
|
if (cookie)
|
|
15
15
|
token = cookie;
|
|
16
16
|
// WebSocket may also set the token in the protocol header
|
|
17
|
-
// TODO: Once https://github.com/
|
|
17
|
+
// TODO: Once https://github.com/sst/sst/pull/2838 is merged,
|
|
18
18
|
// then we should no longer need to check both casing for the header.
|
|
19
19
|
const wsProtocol = ctxType === "ws"
|
|
20
20
|
? useHeader("sec-websocket-protocol") ||
|
|
@@ -15,7 +15,7 @@ const SessionMemo = /* @__PURE__ */ Context.memo(() => {
|
|
|
15
15
|
if (cookie)
|
|
16
16
|
token = cookie;
|
|
17
17
|
// WebSocket may also set the token in the protocol header
|
|
18
|
-
// TODO: Once https://github.com/
|
|
18
|
+
// TODO: Once https://github.com/sst/sst/pull/2838 is merged,
|
|
19
19
|
// then we should no longer need to check both casing for the header.
|
|
20
20
|
const wsProtocol = ctxType === "ws"
|
|
21
21
|
? useHeader("sec-websocket-protocol") ||
|
|
@@ -16,7 +16,7 @@ export const WebSocketApi =
|
|
|
16
16
|
export function WebSocketApiHandler(cb) {
|
|
17
17
|
return Handler("ws", async (evt, ctx) => {
|
|
18
18
|
const result = await cb(evt, ctx);
|
|
19
|
-
// TODO: Once https://github.com/
|
|
19
|
+
// TODO: Once https://github.com/sst/sst/pull/2838 is merged,
|
|
20
20
|
// then we should no longer need to check both casing for the header.
|
|
21
21
|
const token = useHeader("Sec-WebSocket-Protocol") ||
|
|
22
22
|
useHeader("sec-websocket-protocol");
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"sideEffects": false,
|
|
3
3
|
"name": "sst",
|
|
4
|
-
"version": "2.
|
|
4
|
+
"version": "2.24.1",
|
|
5
5
|
"bin": {
|
|
6
6
|
"sst": "cli/sst.js"
|
|
7
7
|
},
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
"license": "MIT",
|
|
11
11
|
"repository": {
|
|
12
12
|
"type": "git",
|
|
13
|
-
"url": "git+https://github.com/
|
|
13
|
+
"url": "git+https://github.com/sst/sst.git",
|
|
14
14
|
"directory": "packages/cli"
|
|
15
15
|
},
|
|
16
16
|
"exports": {
|
|
@@ -25,12 +25,12 @@
|
|
|
25
25
|
},
|
|
26
26
|
"homepage": "https://sst.dev",
|
|
27
27
|
"dependencies": {
|
|
28
|
-
"@aws-cdk/aws-apigatewayv2-alpha": "^2.
|
|
29
|
-
"@aws-cdk/aws-apigatewayv2-authorizers-alpha": "^2.
|
|
30
|
-
"@aws-cdk/aws-apigatewayv2-integrations-alpha": "^2.
|
|
31
|
-
"@aws-cdk/cloud-assembly-schema": "2.
|
|
32
|
-
"@aws-cdk/cloudformation-diff": "2.
|
|
33
|
-
"@aws-cdk/cx-api": "2.
|
|
28
|
+
"@aws-cdk/aws-apigatewayv2-alpha": "^2.91.0-alpha.0",
|
|
29
|
+
"@aws-cdk/aws-apigatewayv2-authorizers-alpha": "^2.91.0-alpha.0",
|
|
30
|
+
"@aws-cdk/aws-apigatewayv2-integrations-alpha": "^2.91.0-alpha.0",
|
|
31
|
+
"@aws-cdk/cloud-assembly-schema": "2.91.0",
|
|
32
|
+
"@aws-cdk/cloudformation-diff": "2.91.0",
|
|
33
|
+
"@aws-cdk/cx-api": "2.91.0",
|
|
34
34
|
"@aws-crypto/sha256-js": "^5.0.0",
|
|
35
35
|
"@aws-sdk/client-cloudformation": "^3.279.0",
|
|
36
36
|
"@aws-sdk/client-ecs": "^3.279.0",
|
|
@@ -55,17 +55,17 @@
|
|
|
55
55
|
"@smithy/signature-v4": "^2.0.1",
|
|
56
56
|
"@trpc/server": "9.16.0",
|
|
57
57
|
"adm-zip": "^0.5.10",
|
|
58
|
-
"aws-cdk-lib": "2.
|
|
58
|
+
"aws-cdk-lib": "2.91.0",
|
|
59
59
|
"aws-iot-device-sdk": "^2.2.12",
|
|
60
60
|
"aws-sdk": "^2.1326.0",
|
|
61
61
|
"builtin-modules": "3.2.0",
|
|
62
|
-
"cdk-assets": "2.
|
|
62
|
+
"cdk-assets": "2.91.0",
|
|
63
63
|
"chalk": "^5.2.0",
|
|
64
64
|
"chokidar": "^3.5.3",
|
|
65
65
|
"ci-info": "^3.7.0",
|
|
66
66
|
"colorette": "^2.0.19",
|
|
67
67
|
"conf": "^10.2.0",
|
|
68
|
-
"constructs": "10.
|
|
68
|
+
"constructs": "10.2.69",
|
|
69
69
|
"cross-spawn": "^7.0.3",
|
|
70
70
|
"dendriform-immer-patch-optimiser": "^2.1.0",
|
|
71
71
|
"dotenv": "^16.0.3",
|
|
@@ -87,7 +87,7 @@
|
|
|
87
87
|
"ora": "^6.1.2",
|
|
88
88
|
"react": "18.2.0",
|
|
89
89
|
"remeda": "^1.3.0",
|
|
90
|
-
"sst-aws-cdk": "2.
|
|
90
|
+
"sst-aws-cdk": "2.91.0",
|
|
91
91
|
"tree-kill": "^1.2.2",
|
|
92
92
|
"undici": "^5.12.0",
|
|
93
93
|
"uuid": "^9.0.0",
|
|
@@ -131,7 +131,7 @@
|
|
|
131
131
|
}
|
|
132
132
|
},
|
|
133
133
|
"bugs": {
|
|
134
|
-
"url": "https://github.com/
|
|
134
|
+
"url": "https://github.com/sst/sst/issues"
|
|
135
135
|
},
|
|
136
136
|
"main": "index.js",
|
|
137
137
|
"directories": {
|
package/stacks/metadata.d.ts
CHANGED
|
@@ -6,6 +6,6 @@ declare module "../bus.js" {
|
|
|
6
6
|
"stacks.metadata.deleted": {};
|
|
7
7
|
}
|
|
8
8
|
}
|
|
9
|
-
export declare function metadataForStack(stack: String): Promise<Metadata[]>;
|
|
9
|
+
export declare function metadataForStack(stack: String): Promise<Metadata[] | undefined>;
|
|
10
10
|
export declare function metadata(): Promise<Record<string, Metadata[]>>;
|
|
11
11
|
export declare const useMetadata: () => Promise<Record<string, Metadata[]>>;
|
package/stacks/metadata.js
CHANGED
|
@@ -16,12 +16,18 @@ export async function metadataForStack(stack) {
|
|
|
16
16
|
region: project.config.region,
|
|
17
17
|
credentials: credentials,
|
|
18
18
|
});
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
19
|
+
try {
|
|
20
|
+
const result = await s3.send(new GetObjectCommand({
|
|
21
|
+
Key: `stackMetadata/app.${project.config.name}/stage.${project.config.stage}/stack.${stack}.json`,
|
|
22
|
+
Bucket: bootstrap.bucket,
|
|
23
|
+
}));
|
|
24
|
+
const body = await result.Body.transformToString();
|
|
25
|
+
return JSON.parse(body);
|
|
26
|
+
}
|
|
27
|
+
catch (e) {
|
|
28
|
+
Logger.debug(`Fetching metadata for stack ${stack} failed`, e);
|
|
29
|
+
return;
|
|
30
|
+
}
|
|
25
31
|
}
|
|
26
32
|
export async function metadata() {
|
|
27
33
|
Logger.debug("Fetching all metadata");
|
|
@@ -18,8 +18,8 @@ mv build/target/dependency/aws-lambda-java-serialization-1.0.0.jar release/
|
|
|
18
18
|
# - AWS_LAMBDA_RUNTIME_API has to be of the format "host:port", subpath is not support (ie. "host:port/path")
|
|
19
19
|
# - official JAR uses NativeClient that cannot be run on user's machine
|
|
20
20
|
rm -rf aws-lambda-java-libs
|
|
21
|
-
git clone https://github.com/
|
|
21
|
+
git clone https://github.com/sst/aws-lambda-java-libs.git
|
|
22
22
|
cd aws-lambda-java-libs/aws-lambda-java-runtime-interface-client
|
|
23
23
|
mvn -Dmaven.test.skip=true install
|
|
24
24
|
cd ../..
|
|
25
|
-
mv aws-lambda-java-libs/aws-lambda-java-runtime-interface-client/target/aws-lambda-java-runtime-interface-client-1.1.0.jar release/
|
|
25
|
+
mv aws-lambda-java-libs/aws-lambda-java-runtime-interface-client/target/aws-lambda-java-runtime-interface-client-1.1.0.jar release/
|
|
@@ -1,74 +0,0 @@
|
|
|
1
|
-
import * as cxapi from "@aws-cdk/cx-api";
|
|
2
|
-
import * as AWS from "aws-sdk";
|
|
3
|
-
import * as cdk_assets from "cdk-assets";
|
|
4
|
-
import { SdkProvider } from "sst-aws-cdk/lib/api/aws-auth/sdk-provider.js";
|
|
5
|
-
export interface PublishAssetsOptions {
|
|
6
|
-
/**
|
|
7
|
-
* Print progress at 'debug' level
|
|
8
|
-
*/
|
|
9
|
-
readonly quiet?: boolean;
|
|
10
|
-
/**
|
|
11
|
-
* Whether to build assets before publishing.
|
|
12
|
-
*
|
|
13
|
-
* @default true To remain backward compatible.
|
|
14
|
-
*/
|
|
15
|
-
readonly buildAssets?: boolean;
|
|
16
|
-
/**
|
|
17
|
-
* Whether to build/publish assets in parallel
|
|
18
|
-
*
|
|
19
|
-
* @default true To remain backward compatible.
|
|
20
|
-
*/
|
|
21
|
-
readonly parallel?: boolean;
|
|
22
|
-
}
|
|
23
|
-
/**
|
|
24
|
-
* Use cdk-assets to publish all assets in the given manifest.
|
|
25
|
-
*/
|
|
26
|
-
export declare function publishAssets(manifest: cdk_assets.AssetManifest, sdk: SdkProvider, targetEnv: cxapi.Environment, options?: PublishAssetsOptions): Promise<void>;
|
|
27
|
-
export interface BuildAssetsOptions {
|
|
28
|
-
/**
|
|
29
|
-
* Print progress at 'debug' level
|
|
30
|
-
*/
|
|
31
|
-
readonly quiet?: boolean;
|
|
32
|
-
/**
|
|
33
|
-
* Build assets in parallel
|
|
34
|
-
*
|
|
35
|
-
* @default true
|
|
36
|
-
*/
|
|
37
|
-
readonly parallel?: boolean;
|
|
38
|
-
}
|
|
39
|
-
/**
|
|
40
|
-
* Use cdk-assets to build all assets in the given manifest.
|
|
41
|
-
*/
|
|
42
|
-
export declare function buildAssets(manifest: cdk_assets.AssetManifest, sdk: SdkProvider, targetEnv: cxapi.Environment, options?: BuildAssetsOptions): Promise<void>;
|
|
43
|
-
export declare class PublishingAws implements cdk_assets.IAws {
|
|
44
|
-
/**
|
|
45
|
-
* The base SDK to work with
|
|
46
|
-
*/
|
|
47
|
-
private readonly aws;
|
|
48
|
-
/**
|
|
49
|
-
* Environment where the stack we're deploying is going
|
|
50
|
-
*/
|
|
51
|
-
private readonly targetEnv;
|
|
52
|
-
private sdkCache;
|
|
53
|
-
constructor(
|
|
54
|
-
/**
|
|
55
|
-
* The base SDK to work with
|
|
56
|
-
*/
|
|
57
|
-
aws: SdkProvider,
|
|
58
|
-
/**
|
|
59
|
-
* Environment where the stack we're deploying is going
|
|
60
|
-
*/
|
|
61
|
-
targetEnv: cxapi.Environment);
|
|
62
|
-
discoverPartition(): Promise<string>;
|
|
63
|
-
discoverDefaultRegion(): Promise<string>;
|
|
64
|
-
discoverCurrentAccount(): Promise<cdk_assets.Account>;
|
|
65
|
-
discoverTargetAccount(options: cdk_assets.ClientOptions): Promise<cdk_assets.Account>;
|
|
66
|
-
s3Client(options: cdk_assets.ClientOptions): Promise<AWS.S3>;
|
|
67
|
-
ecrClient(options: cdk_assets.ClientOptions): Promise<AWS.ECR>;
|
|
68
|
-
secretsManagerClient(options: cdk_assets.ClientOptions): Promise<AWS.SecretsManager>;
|
|
69
|
-
/**
|
|
70
|
-
* Get an SDK appropriate for the given client options
|
|
71
|
-
*/
|
|
72
|
-
private sdk;
|
|
73
|
-
}
|
|
74
|
-
export declare const EVENT_TO_LOGGER: Record<cdk_assets.EventType, (x: string) => void>;
|
package/cdk/asset-publishing.js
DELETED
|
@@ -1,147 +0,0 @@
|
|
|
1
|
-
import * as cxapi from "@aws-cdk/cx-api";
|
|
2
|
-
import * as cdk_assets from "cdk-assets";
|
|
3
|
-
// TODO: remove after PR is merged
|
|
4
|
-
import { AssetPublishing } from "../cdk-assets/publishing.js";
|
|
5
|
-
import { Mode } from "sst-aws-cdk/lib/api/aws-auth/credentials.js";
|
|
6
|
-
import { debug, error, print } from "sst-aws-cdk/lib/logging.js";
|
|
7
|
-
/**
|
|
8
|
-
* Use cdk-assets to publish all assets in the given manifest.
|
|
9
|
-
*/
|
|
10
|
-
export async function publishAssets(manifest, sdk, targetEnv, options = {}) {
|
|
11
|
-
// This shouldn't really happen (it's a programming error), but we don't have
|
|
12
|
-
// the types here to guide us. Do an runtime validation to be super super sure.
|
|
13
|
-
if (targetEnv.account === undefined ||
|
|
14
|
-
targetEnv.account === cxapi.UNKNOWN_ACCOUNT ||
|
|
15
|
-
targetEnv.region === undefined ||
|
|
16
|
-
targetEnv.account === cxapi.UNKNOWN_REGION) {
|
|
17
|
-
throw new Error(`Asset publishing requires resolved account and region, got ${JSON.stringify(targetEnv)}`);
|
|
18
|
-
}
|
|
19
|
-
const publisher = new AssetPublishing(manifest, {
|
|
20
|
-
aws: new PublishingAws(sdk, targetEnv),
|
|
21
|
-
progressListener: new PublishingProgressListener(options.quiet ?? false),
|
|
22
|
-
throwOnError: false,
|
|
23
|
-
publishInParallel: options.parallel ?? true,
|
|
24
|
-
buildAssets: options.buildAssets ?? true,
|
|
25
|
-
publishAssets: true,
|
|
26
|
-
// TODO: remove after PR is merged
|
|
27
|
-
quiet: options.quiet,
|
|
28
|
-
});
|
|
29
|
-
await publisher.publish();
|
|
30
|
-
if (publisher.hasFailures) {
|
|
31
|
-
console.log(publisher.failures);
|
|
32
|
-
throw new Error("Failed to publish one or more assets. See the error messages above for more information.");
|
|
33
|
-
}
|
|
34
|
-
}
|
|
35
|
-
/**
|
|
36
|
-
* Use cdk-assets to build all assets in the given manifest.
|
|
37
|
-
*/
|
|
38
|
-
export async function buildAssets(manifest, sdk, targetEnv, options = {}) {
|
|
39
|
-
// This shouldn't really happen (it's a programming error), but we don't have
|
|
40
|
-
// the types here to guide us. Do an runtime validation to be super super sure.
|
|
41
|
-
if (targetEnv.account === undefined ||
|
|
42
|
-
targetEnv.account === cxapi.UNKNOWN_ACCOUNT ||
|
|
43
|
-
targetEnv.region === undefined ||
|
|
44
|
-
targetEnv.account === cxapi.UNKNOWN_REGION) {
|
|
45
|
-
throw new Error(`Asset building requires resolved account and region, got ${JSON.stringify(targetEnv)}`);
|
|
46
|
-
}
|
|
47
|
-
const publisher = new cdk_assets.AssetPublishing(manifest, {
|
|
48
|
-
aws: new PublishingAws(sdk, targetEnv),
|
|
49
|
-
progressListener: new PublishingProgressListener(options.quiet ?? false),
|
|
50
|
-
throwOnError: false,
|
|
51
|
-
publishInParallel: options.parallel ?? true,
|
|
52
|
-
buildAssets: true,
|
|
53
|
-
publishAssets: false,
|
|
54
|
-
});
|
|
55
|
-
await publisher.publish();
|
|
56
|
-
if (publisher.hasFailures) {
|
|
57
|
-
throw new Error("Failed to build one or more assets. See the error messages above for more information.");
|
|
58
|
-
}
|
|
59
|
-
}
|
|
60
|
-
export class PublishingAws {
|
|
61
|
-
aws;
|
|
62
|
-
targetEnv;
|
|
63
|
-
sdkCache = new Map();
|
|
64
|
-
constructor(
|
|
65
|
-
/**
|
|
66
|
-
* The base SDK to work with
|
|
67
|
-
*/
|
|
68
|
-
aws,
|
|
69
|
-
/**
|
|
70
|
-
* Environment where the stack we're deploying is going
|
|
71
|
-
*/
|
|
72
|
-
targetEnv) {
|
|
73
|
-
this.aws = aws;
|
|
74
|
-
this.targetEnv = targetEnv;
|
|
75
|
-
}
|
|
76
|
-
async discoverPartition() {
|
|
77
|
-
return ((await this.aws.baseCredentialsPartition(this.targetEnv, Mode.ForWriting)) ?? "aws");
|
|
78
|
-
}
|
|
79
|
-
async discoverDefaultRegion() {
|
|
80
|
-
return this.targetEnv.region;
|
|
81
|
-
}
|
|
82
|
-
async discoverCurrentAccount() {
|
|
83
|
-
const account = await this.aws.defaultAccount();
|
|
84
|
-
return (account ?? {
|
|
85
|
-
accountId: "<unknown account>",
|
|
86
|
-
partition: "aws",
|
|
87
|
-
});
|
|
88
|
-
}
|
|
89
|
-
async discoverTargetAccount(options) {
|
|
90
|
-
return (await this.sdk(options)).currentAccount();
|
|
91
|
-
}
|
|
92
|
-
async s3Client(options) {
|
|
93
|
-
return (await this.sdk(options)).s3();
|
|
94
|
-
}
|
|
95
|
-
async ecrClient(options) {
|
|
96
|
-
return (await this.sdk(options)).ecr();
|
|
97
|
-
}
|
|
98
|
-
async secretsManagerClient(options) {
|
|
99
|
-
return (await this.sdk(options)).secretsManager();
|
|
100
|
-
}
|
|
101
|
-
/**
|
|
102
|
-
* Get an SDK appropriate for the given client options
|
|
103
|
-
*/
|
|
104
|
-
async sdk(options) {
|
|
105
|
-
const env = {
|
|
106
|
-
...this.targetEnv,
|
|
107
|
-
region: options.region ?? this.targetEnv.region, // Default: same region as the stack
|
|
108
|
-
};
|
|
109
|
-
const cacheKey = JSON.stringify({
|
|
110
|
-
env,
|
|
111
|
-
assumeRuleArn: options.assumeRoleArn,
|
|
112
|
-
assumeRoleExternalId: options.assumeRoleExternalId,
|
|
113
|
-
quiet: options.quiet,
|
|
114
|
-
});
|
|
115
|
-
const maybeSdk = this.sdkCache.get(cacheKey);
|
|
116
|
-
if (maybeSdk) {
|
|
117
|
-
return maybeSdk;
|
|
118
|
-
}
|
|
119
|
-
const sdk = (await this.aws.forEnvironment(env, Mode.ForWriting, {
|
|
120
|
-
assumeRoleArn: options.assumeRoleArn,
|
|
121
|
-
assumeRoleExternalId: options.assumeRoleExternalId,
|
|
122
|
-
}, options.quiet)).sdk;
|
|
123
|
-
this.sdkCache.set(cacheKey, sdk);
|
|
124
|
-
return sdk;
|
|
125
|
-
}
|
|
126
|
-
}
|
|
127
|
-
export const EVENT_TO_LOGGER = {
|
|
128
|
-
build: debug,
|
|
129
|
-
cached: debug,
|
|
130
|
-
check: debug,
|
|
131
|
-
debug,
|
|
132
|
-
fail: error,
|
|
133
|
-
found: debug,
|
|
134
|
-
start: print,
|
|
135
|
-
success: print,
|
|
136
|
-
upload: debug,
|
|
137
|
-
};
|
|
138
|
-
class PublishingProgressListener {
|
|
139
|
-
quiet;
|
|
140
|
-
constructor(quiet) {
|
|
141
|
-
this.quiet = quiet;
|
|
142
|
-
}
|
|
143
|
-
onPublishEvent(type, event) {
|
|
144
|
-
const handler = this.quiet && type !== "fail" ? debug : EVENT_TO_LOGGER[type];
|
|
145
|
-
handler(`[${event.percentComplete}%] ${type}: ${event.message}`);
|
|
146
|
-
}
|
|
147
|
-
}
|
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
import { DockerFactory } from "./docker.js";
|
|
2
|
-
import { IAws } from "cdk-assets/lib/aws.js";
|
|
3
|
-
import { EventType } from "cdk-assets/lib/progress.js";
|
|
4
|
-
/**
|
|
5
|
-
* Handler for asset building and publishing.
|
|
6
|
-
*/
|
|
7
|
-
export interface IAssetHandler {
|
|
8
|
-
/**
|
|
9
|
-
* Build the asset.
|
|
10
|
-
*/
|
|
11
|
-
build(): Promise<void>;
|
|
12
|
-
/**
|
|
13
|
-
* Publish the asset.
|
|
14
|
-
*/
|
|
15
|
-
publish(): Promise<void>;
|
|
16
|
-
/**
|
|
17
|
-
* Return whether the asset already exists
|
|
18
|
-
*/
|
|
19
|
-
isPublished(): Promise<boolean>;
|
|
20
|
-
}
|
|
21
|
-
export interface IHandlerHost {
|
|
22
|
-
readonly aws: IAws;
|
|
23
|
-
readonly aborted: boolean;
|
|
24
|
-
readonly dockerFactory: DockerFactory;
|
|
25
|
-
emitMessage(type: EventType, m: string): void;
|
|
26
|
-
}
|
|
27
|
-
export interface IHandlerOptions {
|
|
28
|
-
readonly quiet?: boolean;
|
|
29
|
-
}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export {};
|
|
@@ -1,94 +0,0 @@
|
|
|
1
|
-
import { Logger } from "cdk-assets/lib/private/shell.js";
|
|
2
|
-
interface BuildOptions {
|
|
3
|
-
readonly directory: string;
|
|
4
|
-
/**
|
|
5
|
-
* Tag the image with a given repoName:tag combination
|
|
6
|
-
*/
|
|
7
|
-
readonly tag: string;
|
|
8
|
-
readonly target?: string;
|
|
9
|
-
readonly file?: string;
|
|
10
|
-
readonly buildArgs?: Record<string, string>;
|
|
11
|
-
readonly buildSecrets?: Record<string, string>;
|
|
12
|
-
readonly networkMode?: string;
|
|
13
|
-
readonly platform?: string;
|
|
14
|
-
readonly outputs?: string[];
|
|
15
|
-
readonly cacheFrom?: DockerCacheOption[];
|
|
16
|
-
readonly cacheTo?: DockerCacheOption;
|
|
17
|
-
readonly quiet?: boolean;
|
|
18
|
-
}
|
|
19
|
-
interface PushOptions {
|
|
20
|
-
readonly tag: string;
|
|
21
|
-
readonly quiet?: boolean;
|
|
22
|
-
}
|
|
23
|
-
export interface DockerCredentialsConfig {
|
|
24
|
-
readonly version: string;
|
|
25
|
-
readonly domainCredentials: Record<string, DockerDomainCredentials>;
|
|
26
|
-
}
|
|
27
|
-
export interface DockerDomainCredentials {
|
|
28
|
-
readonly secretsManagerSecretId?: string;
|
|
29
|
-
readonly ecrRepository?: string;
|
|
30
|
-
}
|
|
31
|
-
export interface DockerCacheOption {
|
|
32
|
-
readonly type: string;
|
|
33
|
-
readonly params?: {
|
|
34
|
-
[key: string]: string;
|
|
35
|
-
};
|
|
36
|
-
}
|
|
37
|
-
export declare class Docker {
|
|
38
|
-
private readonly logger?;
|
|
39
|
-
private configDir;
|
|
40
|
-
constructor(logger?: Logger | undefined);
|
|
41
|
-
/**
|
|
42
|
-
* Whether an image with the given tag exists
|
|
43
|
-
*/
|
|
44
|
-
exists(tag: string): Promise<boolean>;
|
|
45
|
-
build(options: BuildOptions): Promise<void>;
|
|
46
|
-
/**
|
|
47
|
-
* Get credentials from ECR and run docker login
|
|
48
|
-
*/
|
|
49
|
-
login(ecr: AWS.ECR): Promise<void>;
|
|
50
|
-
tag(sourceTag: string, targetTag: string): Promise<void>;
|
|
51
|
-
push(options: PushOptions): Promise<void>;
|
|
52
|
-
/**
|
|
53
|
-
* If a CDK Docker Credentials file exists, creates a new Docker config directory.
|
|
54
|
-
* Sets up `docker-credential-cdk-assets` to be the credential helper for each domain in the CDK config.
|
|
55
|
-
* All future commands (e.g., `build`, `push`) will use this config.
|
|
56
|
-
*
|
|
57
|
-
* See https://docs.docker.com/engine/reference/commandline/login/#credential-helpers for more details on cred helpers.
|
|
58
|
-
*
|
|
59
|
-
* @returns true if CDK config was found and configured, false otherwise
|
|
60
|
-
*/
|
|
61
|
-
configureCdkCredentials(): boolean;
|
|
62
|
-
/**
|
|
63
|
-
* Removes any configured Docker config directory.
|
|
64
|
-
* All future commands (e.g., `build`, `push`) will use the default config.
|
|
65
|
-
*
|
|
66
|
-
* This is useful after calling `configureCdkCredentials` to reset to default credentials.
|
|
67
|
-
*/
|
|
68
|
-
resetAuthPlugins(): void;
|
|
69
|
-
private execute;
|
|
70
|
-
private cacheOptionToFlag;
|
|
71
|
-
}
|
|
72
|
-
export interface DockerFactoryOptions {
|
|
73
|
-
readonly repoUri: string;
|
|
74
|
-
readonly ecr: AWS.ECR;
|
|
75
|
-
readonly logger: (m: string) => void;
|
|
76
|
-
}
|
|
77
|
-
/**
|
|
78
|
-
* Helps get appropriately configured Docker instances during the container
|
|
79
|
-
* image publishing process.
|
|
80
|
-
*/
|
|
81
|
-
export declare class DockerFactory {
|
|
82
|
-
private enterLoggedInDestinationsCriticalSection;
|
|
83
|
-
private loggedInDestinations;
|
|
84
|
-
/**
|
|
85
|
-
* Gets a Docker instance for building images.
|
|
86
|
-
*/
|
|
87
|
-
forBuild(options: DockerFactoryOptions): Promise<Docker>;
|
|
88
|
-
/**
|
|
89
|
-
* Gets a Docker instance for pushing images to ECR.
|
|
90
|
-
*/
|
|
91
|
-
forEcrPush(options: DockerFactoryOptions): Promise<Docker>;
|
|
92
|
-
private loginOncePerDestination;
|
|
93
|
-
}
|
|
94
|
-
export {};
|