Merge pull request #686 from ashley-evans/move-oidc-provider-configur…

…ation ci: replace oidc provider creation with parameter
ashley-evans · Dec 18, 2023 · 222bb88 · 222bb88
2 parents 0e4cdfa + bdd8947
commit 222bb88
Show file tree

Hide file tree

Showing 12 changed files with 38 additions and 43 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -55,7 +55,7 @@ jobs:
             - uses: scottbrenner/[email protected]
             - name: Validate Templates
               run: |
-                  xargs -n1 -r0a <(find ./templates/ -name *-template.yml -print0) cfn-lint
+                  xargs -r0a <(find ./templates/ -name *-template.yml -print0) -I {} sh -c 'cfn-lint {} -i W3002 -i W3045'
     format:
         runs-on: ubuntu-latest
         steps:
@@ -65,7 +65,7 @@ jobs:
                   node-version: "18"
             - name: Run formatters
               run: |
-                  npx prettier --check . '!services/**' '!packages/**' '!ui/**'
+                  npx prettier@^2.5.1 --check . '!services/**' '!packages/**' '!ui/**'
     lint:
         runs-on: ubuntu-latest
         steps:
@@ -88,7 +88,7 @@ jobs:
                       ${{ runner.os }}-node-v1-${{ env.cache-name }}-
             - name: Install Dependencies
               run: |
-                  npx lerna bootstrap --scope "{how-many-buzzwords,how-many-buzzwords-ui}"
+                  npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,how-many-buzzwords-ui}"
               env:
                   NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
             - name: Run linters

diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
@@ -55,7 +55,7 @@ jobs:
                   node-version: "18"
             - name: Run formatters
               run: |
-                  npx prettier --check ${{ inputs.path }}
+                  npx prettier@^2.5.1 --check ${{ inputs.path }}
     lint:
         runs-on: ubuntu-latest
         needs: changed
@@ -77,7 +77,7 @@ jobs:
             - name: Install Dependencies
               run: |
                   package_name=$(jq -r ".name" ${{ inputs.path }}/package.json)
-                  npx lerna bootstrap --scope "{how-many-buzzwords,$package_name}"
+                  npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,$package_name}"
             - name: Run linters
               run: |
                   ./node_modules/.bin/eslint ${{ inputs.path }} --max-warnings 0 --ext .js,.jsx,.ts,.tsx
@@ -105,7 +105,7 @@ jobs:
             - name: Install Dependencies
               run: |
                   package_name=$(jq -r ".name" ${{ inputs.path }}/package.json)
-                  npx lerna bootstrap --scope "{how-many-buzzwords,$package_name}"
+                  npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,$package_name}"
             - name: Run Unit Tests
               run: |
                   ./node_modules/.bin/jest --testPathPattern=${{ inputs.path }} --verbose --max-workers ${{ steps.cpu-cores.outputs.count }}

diff --git a/.github/workflows/service.yml b/.github/workflows/service.yml
@@ -60,7 +60,7 @@ jobs:
                   registry-url: "https://npm.pkg.github.com"
             - name: Run formatters
               run: |
-                  npx prettier --check ${{ inputs.path }}
+                  npx prettier@^2.5.1 --check ${{ inputs.path }}
     lint:
         runs-on: ubuntu-latest
         needs: changed
@@ -84,7 +84,7 @@ jobs:
             - name: Install Dependencies
               run: |
                   package_name=$(jq -r ".name" ${{ inputs.path }}/package.json)
-                  npx lerna bootstrap --scope "{how-many-buzzwords,${package_name}*}"
+                  npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,${package_name}*}"
               env:
                   NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
             - name: Run linters
@@ -100,7 +100,7 @@ jobs:
             - uses: scottbrenner/[email protected]
             - name: Validate Templates
               run: |
-                  xargs -r0a <(find ${{ inputs.path }} -name *-template.yml -print0) -I {} sh -c 'cfn-lint {} -i W3002'
+                  xargs -r0a <(find ${{ inputs.path }} -name *-template.yml -print0) -I {} sh -c 'cfn-lint {} -i W3002 -i W3045'
     unit-test:
         runs-on: ubuntu-latest
         needs: changed
@@ -126,7 +126,7 @@ jobs:
             - name: Install Dependencies
               run: |
                   package_name=$(jq -r ".name" ${{ inputs.path }}/package.json)
-                  npx lerna bootstrap --scope "{how-many-buzzwords,${package_name}*}"
+                  npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,${package_name}*}"
               env:
                   NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
             - name: Run Unit Tests
@@ -157,7 +157,7 @@ jobs:
             - name: Install Dependencies
               run: |
                   package_name=$(jq -r ".name" ${{ inputs.path }}/package.json)
-                  npx lerna bootstrap --scope "{how-many-buzzwords,${package_name}*}"
+                  npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,${package_name}*}"
               env:
                   NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
             - name: Setup DynamoDB local

diff --git a/.github/workflows/ui.yml b/.github/workflows/ui.yml
@@ -46,7 +46,7 @@ jobs:
                   registry-url: "https://npm.pkg.github.com"
             - name: Run formatters
               run: |
-                  npx prettier --check ${{ inputs.path }}
+                  npx prettier@^2.5.1 --check ${{ inputs.path }}
     lint:
         runs-on: ubuntu-latest
         needs: changed

diff --git a/README.md b/README.md
@@ -115,7 +115,7 @@ npm run test:integration
 Run the following command to validate all template definitions within the project:
 
 ```shell
-xargs -r0a <(find ! -path "*/.aws-sam/*" -name *-template.yml -print0) -I {} sh -c 'cfn-lint {} -i W3002'
+xargs -r0a <(find ! -path "*/.aws-sam/*" -name *-template.yml -print0) -I {} sh -c 'cfn-lint {} -i W3002 -i W3045'
 ```
 
 ### Programatically starting a crawl
@@ -164,13 +164,13 @@ aws cloudformation deploy \
     --template-file ./templates/buzzword-ci-users-template.yml \
     --stack-name buzzword-ci-users \
     --capabilities CAPABILITY_IAM \
-    --parameter-overrides GithubOrganisation=$INSERT_VALUE RepositoryName=$INSERT_VALUE
+    --parameter-overrides GithubOrganisation=$INSERT_VALUE RepositoryName=$INSERT_VALUE GithubOIDCProvider=$INSERT_VALUE
 ```
 
 Once the above command has executed, run the following commands to get the role ARNs:
 
 ```shell
-./scripts/fetch-stack-outputs.sh -s buzzword-ci-users
+./scripts/helpers/fetch-stack-outputs.sh -s buzzword-ci-users
 ```
 
 The following GitHub secrets should be created with the appropriate key/value output from the previous command:

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -41,7 +41,7 @@
         "toml": "^3.0.0",
         "ts-auto-mock": "^3.6.2",
         "ts-jest": "^29.0.3",
-        "ttypescript": "^1.5.13",
+        "ttypescript": "^1.5.15",
         "typescript": "^4.9.3",
         "wscat": "^5.0.0",
         "yargs": "^17.3.1"
@@ -50,10 +50,10 @@
         "lint-js": "node node_modules/.bin/eslint '.' --max-warnings 0 --ext .js,.jsx,.ts,.tsx",
         "lint-packages": "node node_modules/.bin/npmPkgJsonLint '.'",
         "lint": "npm run lint-js && npm run lint-packages",
-        "format:fix": "npx prettier --write .",
-        "format:check": "npx prettier --check .",
-        "i": "npx lerna bootstrap --no-ci --ignore=how-many-buzzwords-ui && npm --prefix ./ui/ run i",
-        "ci": "npx lerna bootstrap --ci --ignore=how-many-buzzwords-ui && npm --prefix ./ui/ run ci",
+        "format:fix": "npx prettier@^2.5.1 --write .",
+        "format:check": "npx prettier@^2.5.1 --check .",
+        "i": "npx lerna@^5.5.2 bootstrap --no-ci --ignore=how-many-buzzwords-ui && npm --prefix ./ui/ run i",
+        "ci": "npx lerna@^5.5.2 bootstrap --ci --ignore=how-many-buzzwords-ui && npm --prefix ./ui/ run ci",
         "clean": "rm -rf `find . -type d -name node_modules`",
         "test": "npm run test:unit && npm run test:integration",
         "test:unit": "node --experimental-vm-modules node_modules/.bin/jest --verbose --group=-integration",

diff --git a/scripts/helpers/compile-package.sh b/scripts/helpers/compile-package.sh
@@ -42,9 +42,9 @@ fi
 if [ $clean ]; then
     echo "Clean installing..."
     rm -rf $output_path
-    npx lerna bootstrap --scope "{how-many-buzzwords,$package_name}" --ci
+    npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,$package_name}" --ci
 else 
-    npx lerna bootstrap --scope "{how-many-buzzwords,$package_name}" --no-ci
+    npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,$package_name}" --no-ci
 fi
 
 if [ -f $path/tsconfig.build.json ]; then

diff --git a/scripts/helpers/compile-service.sh b/scripts/helpers/compile-service.sh
@@ -49,9 +49,9 @@ if [ $clean ]; then
         exit 1
     fi
 
-    npx lerna bootstrap --scope "{how-many-buzzwords,${package_name}*}" --ignore "{@ashley-evans/*,}" --ci
+    npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,${package_name}*}" --ignore "{@ashley-evans/*,}" --ci
 else
-    npx lerna bootstrap --scope "{how-many-buzzwords,${package_name}*}" --ignore "{@ashley-evans/*,}" --no-ci
+    npx lerna@^5.5.2 bootstrap --scope "{how-many-buzzwords,${package_name}*}" --ignore "{@ashley-evans/*,}" --no-ci
 fi
 
 if [ $? -ne 0 ]; then

diff --git a/templates/buzzword-ci-users-template.yml b/templates/buzzword-ci-users-template.yml
@@ -4,15 +4,9 @@ Parameters:
         Type: String
     RepositoryName:
         Type: String
-Resources:
     GithubOIDCProvider:
-        Type: AWS::IAM::OIDCProvider
-        Properties:
-            Url: https://token.actions.githubusercontent.com
-            ClientIdList:
-                - sts.amazonaws.com
-            ThumbprintList:
-                - 6938fd4d98bab03faadb97b34396831e3780aea1
+        Type: String
+Resources:
     DeployRole:
         Type: AWS::IAM::Role
         Properties:

diff --git a/ui/package-lock.json b/ui/package-lock.json
diff --git a/ui/package.json b/ui/package.json
@@ -23,7 +23,7 @@
         "@babel/preset-env": "^7.18.2",
         "@babel/preset-react": "^7.17.12",
         "@babel/preset-typescript": "^7.17.12",
-        "@playwright/experimental-ct-react": "1.29.1",
+        "@playwright/experimental-ct-react": "^1.29.1",
         "@testing-library/jest-dom": "^5.16.4",
         "@testing-library/react": "^13.3.0",
         "@types/react": "^18.0.9",
@@ -46,12 +46,13 @@
         "webpack-dev-server": "^4.9.0"
     },
     "scripts": {
-        "i": "npx lerna bootstrap --scope \"{how-many-buzzwords,how-many-buzzwords-ui}\" --ignore \"{@ashley-evans/*,}\" --no-ci",
-        "ci": "npx lerna bootstrap --scope \"{how-many-buzzwords,how-many-buzzwords-ui}\" --ignore \"{@ashley-evans/*,}\"",
+        "i": "npx lerna@^5.5.2 bootstrap --scope \"{how-many-buzzwords,how-many-buzzwords-ui}\" --ignore \"{@ashley-evans/*,}\" --no-ci",
+        "ci": "npx lerna@^5.5.2 bootstrap --scope \"{how-many-buzzwords,how-many-buzzwords-ui}\" --ignore \"{@ashley-evans/*,}\"",
         "prebuild": "npm run ci",
         "build": "./node_modules/.bin/webpack --mode=production --config webpack.config.js",
         "prestart": "npm run ci",
         "start": "./node_modules/.bin/webpack serve --mode=development --config webpack.config.js",
+        "pretest-ct": "npx playwright install",
         "test-ct": "playwright test -c playwright-ct.config.ts"
     }
 }