sst 2.3.3 → 2.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli/commands/bind.js +20 -4
- package/cli/commands/dev.js +2 -1
- package/cli/commands/secrets/set.js +1 -1
- package/package.json +1 -1
- package/sst.mjs +23 -10
package/cli/commands/bind.js
CHANGED
|
@@ -158,18 +158,34 @@ export const bind = (program) => program
|
|
|
158
158
|
const { Logger } = await import("../../logger.js");
|
|
159
159
|
const { useAWSClient } = await import("../../credentials.js");
|
|
160
160
|
const sts = useAWSClient(STSClient);
|
|
161
|
-
|
|
161
|
+
const assumeRole = async (duration) => {
|
|
162
162
|
const { Credentials: credentials } = await sts.send(new AssumeRoleCommand({
|
|
163
163
|
RoleArn: roleArn,
|
|
164
164
|
RoleSessionName: "dev-session",
|
|
165
|
-
DurationSeconds:
|
|
165
|
+
DurationSeconds: duration,
|
|
166
166
|
}));
|
|
167
167
|
return credentials;
|
|
168
|
+
};
|
|
169
|
+
// Assue role with max duration first. This can fail if chaining roles, or if
|
|
170
|
+
// the role has a max duration set. If it fails, assume role with 1 hour duration.
|
|
171
|
+
let err;
|
|
172
|
+
try {
|
|
173
|
+
return await assumeRole(43200);
|
|
168
174
|
}
|
|
169
175
|
catch (e) {
|
|
170
|
-
|
|
171
|
-
|
|
176
|
+
err = e;
|
|
177
|
+
}
|
|
178
|
+
if (err.name === "ValidationError" &&
|
|
179
|
+
err.message.startsWith("The requested DurationSeconds exceeds")) {
|
|
180
|
+
try {
|
|
181
|
+
return await assumeRole(3600);
|
|
182
|
+
}
|
|
183
|
+
catch (e) {
|
|
184
|
+
err = e;
|
|
185
|
+
}
|
|
172
186
|
}
|
|
187
|
+
Colors.line(Colors.warning(`Failed to assume SSR role ${roleArn}. Falling back to using local IAM credentials.`));
|
|
188
|
+
Logger.debug(`Failed to assume ${roleArn}.`, err);
|
|
173
189
|
}
|
|
174
190
|
async function localIamCredentials() {
|
|
175
191
|
const { useAWSCredentials } = await import("../../credentials.js");
|
package/cli/commands/dev.js
CHANGED
|
@@ -193,7 +193,8 @@ export const dev = (program) => program.command(["dev", "start"], "Work on your
|
|
|
193
193
|
const cdCmd = path.resolve(props.path) === process.cwd()
|
|
194
194
|
? ""
|
|
195
195
|
: `cd ${props.path} && `;
|
|
196
|
-
Colors.line(Colors.
|
|
196
|
+
Colors.line(Colors.primary(`➜ `), Colors.bold(`Start ${framework}:`), `${cdCmd}npm run dev`);
|
|
197
|
+
Colors.gap();
|
|
197
198
|
}
|
|
198
199
|
});
|
|
199
200
|
}
|
|
@@ -42,7 +42,7 @@ export const set = (program) => program.command("set <name> <value>", "Set the v
|
|
|
42
42
|
: `Reloaded ${functionCount} functions`);
|
|
43
43
|
}
|
|
44
44
|
edgeSites.forEach(({ id, type }) => {
|
|
45
|
-
Colors.line(Colors.
|
|
45
|
+
Colors.line(Colors.primary(`➜ `), `Redeploy the "${id}" ${type} to use the new secret`);
|
|
46
46
|
});
|
|
47
47
|
process.exit(0);
|
|
48
48
|
});
|
package/package.json
CHANGED
package/sst.mjs
CHANGED
|
@@ -6952,10 +6952,11 @@ var dev = (program2) => program2.command(
|
|
|
6952
6952
|
if (framework) {
|
|
6953
6953
|
const cdCmd = path20.resolve(props.path) === process.cwd() ? "" : `cd ${props.path} && `;
|
|
6954
6954
|
Colors2.line(
|
|
6955
|
-
Colors2.
|
|
6955
|
+
Colors2.primary(`\u279C `),
|
|
6956
6956
|
Colors2.bold(`Start ${framework}:`),
|
|
6957
6957
|
`${cdCmd}npm run dev`
|
|
6958
6958
|
);
|
|
6959
|
+
Colors2.gap();
|
|
6959
6960
|
}
|
|
6960
6961
|
});
|
|
6961
6962
|
}
|
|
@@ -7255,23 +7256,35 @@ var bind = (program2) => program2.command(
|
|
|
7255
7256
|
const { Logger: Logger2 } = await Promise.resolve().then(() => (init_logger(), logger_exports));
|
|
7256
7257
|
const { useAWSClient: useAWSClient2 } = await Promise.resolve().then(() => (init_credentials(), credentials_exports));
|
|
7257
7258
|
const sts = useAWSClient2(STSClient2);
|
|
7258
|
-
|
|
7259
|
+
const assumeRole = async (duration) => {
|
|
7259
7260
|
const { Credentials: credentials } = await sts.send(
|
|
7260
7261
|
new AssumeRoleCommand({
|
|
7261
7262
|
RoleArn: roleArn,
|
|
7262
7263
|
RoleSessionName: "dev-session",
|
|
7263
|
-
DurationSeconds:
|
|
7264
|
+
DurationSeconds: duration
|
|
7264
7265
|
})
|
|
7265
7266
|
);
|
|
7266
7267
|
return credentials;
|
|
7268
|
+
};
|
|
7269
|
+
let err;
|
|
7270
|
+
try {
|
|
7271
|
+
return await assumeRole(43200);
|
|
7267
7272
|
} catch (e) {
|
|
7268
|
-
|
|
7269
|
-
|
|
7270
|
-
|
|
7271
|
-
|
|
7272
|
-
|
|
7273
|
-
|
|
7273
|
+
err = e;
|
|
7274
|
+
}
|
|
7275
|
+
if (err.name === "ValidationError" && err.message.startsWith("The requested DurationSeconds exceeds")) {
|
|
7276
|
+
try {
|
|
7277
|
+
return await assumeRole(3600);
|
|
7278
|
+
} catch (e) {
|
|
7279
|
+
err = e;
|
|
7280
|
+
}
|
|
7274
7281
|
}
|
|
7282
|
+
Colors2.line(
|
|
7283
|
+
Colors2.warning(
|
|
7284
|
+
`Failed to assume SSR role ${roleArn}. Falling back to using local IAM credentials.`
|
|
7285
|
+
)
|
|
7286
|
+
);
|
|
7287
|
+
Logger2.debug(`Failed to assume ${roleArn}.`, err);
|
|
7275
7288
|
}
|
|
7276
7289
|
async function localIamCredentials() {
|
|
7277
7290
|
const { useAWSCredentials: useAWSCredentials3 } = await Promise.resolve().then(() => (init_credentials(), credentials_exports));
|
|
@@ -7684,7 +7697,7 @@ var set = (program2) => program2.command(
|
|
|
7684
7697
|
}
|
|
7685
7698
|
edgeSites.forEach(({ id, type }) => {
|
|
7686
7699
|
Colors2.line(
|
|
7687
|
-
Colors2.
|
|
7700
|
+
Colors2.primary(`\u279C `),
|
|
7688
7701
|
`Redeploy the "${id}" ${type} to use the new secret`
|
|
7689
7702
|
);
|
|
7690
7703
|
});
|