Merge a0b0b53 into faca4fb

serverless · Mar 2, 2021 · 57c008f · 57c008f
2 parents faca4fb + a0b0b53
commit 57c008f
Show file tree

Hide file tree

Showing 38 changed files with 734 additions and 674 deletions.
diff --git a/lib/appUids.js b/lib/appUids.js
@@ -1,12 +1,10 @@
 'use strict';
 
-const { getApp } = require('@serverless/platform-sdk');
+const { getPlatformClientWithAccessKey } = require('./clientUtils');
 
 module.exports = async function (orgName, appName) {
-  const app = await getApp({
-    tenant: orgName,
-    app: appName,
-  });
+  const sdk = await getPlatformClientWithAccessKey(orgName);
+  const app = await sdk.apps.get({ orgName, appName });
 
   return {
     appUid: app.appUid,

diff --git a/lib/appUids.test.js b/lib/appUids.test.js
@@ -4,15 +4,21 @@ const { expect } = require('chai');
 const proxyquire = require('proxyquire');
 const sinon = require('sinon');
 
-const getApp = sinon.stub().resolves({ appUid: 'AUID', tenantUid: 'OUID' });
+const getAppStub = sinon.stub().resolves({ appUid: 'AUID', tenantUid: 'OUID' });
 const appUids = proxyquire('./appUids', {
-  '@serverless/platform-sdk': { getApp },
+  './clientUtils': {
+    getPlatformClientWithAccessKey: () => ({
+      apps: {
+        get: getAppStub,
+      },
+    }),
+  },
 });
 
 describe('appUids', () => {
   it('returns app uid', async () => {
     const uids = await appUids('org', 'app');
-    expect(getApp.args[0][0]).to.deep.equal({ tenant: 'org', app: 'app' });
+    expect(getAppStub.args[0][0]).to.deep.equal({ orgName: 'org', appName: 'app' });
     expect(uids).to.deep.equal({ appUid: 'AUID', orgUid: 'OUID' });
   });
 });
diff --git a/lib/archiveService.js b/lib/archiveService.js
diff --git a/lib/clientUtils.js b/lib/clientUtils.js
@@ -0,0 +1,73 @@
+'use strict';
+
+const { ServerlessSDK } = require('@serverless/platform-client');
+const accountUtils = require('@serverless/utils/account');
+const configUtils = require('@serverless/utils/config');
+
+const createAccessKeyForOrg = async (orgName) => {
+  const sdk = new ServerlessSDK();
+
+  await accountUtils.refreshToken(sdk);
+
+  const user = configUtils.getLoggedInUser();
+
+  if (!user || !user.idToken) {
+    return null;
+  }
+
+  sdk.config({ accessKey: user.idToken });
+
+  const accessKeyTitle = `serverless_${Math.round(+new Date() / 1000)}`;
+  const result = await sdk.accessKeys.create(orgName, user.username, accessKeyTitle);
+
+  configUtils.set({
+    users: {
+      [user.userId]: {
+        dashboard: { accessKeys: { [orgName]: result.secretAccessKey } },
+      },
+    },
+  });
+
+  return result.secretAccessKey;
+};
+
+const getOrCreateAccessKeyForOrg = async (orgName) => {
+  if (process.env.SERVERLESS_ACCESS_KEY) {
+    return process.env.SERVERLESS_ACCESS_KEY;
+  }
+
+  const user = configUtils.getLoggedInUser();
+
+  if (!user) {
+    throw new Error('Could not find logged in user. Please log in.');
+  }
+
+  // Try to get existing access key for specifier orgName
+  const accessKeyFromConfig = user.accessKeys && user.accessKeys[orgName];
+
+  if (accessKeyFromConfig) {
+    return accessKeyFromConfig;
+  }
+
+  // Try to create a new access key if not found existing one
+  const createdAccessKey = await createAccessKeyForOrg(orgName);
+
+  if (!createdAccessKey) {
+    throw new Error('Could not create a new access key. Please log out and log in and try again.');
+  }
+
+  return createdAccessKey;
+};
+
+const getPlatformClientWithAccessKey = async (orgName) => {
+  const accessKey = await getOrCreateAccessKeyForOrg(orgName);
+
+  const sdk = new ServerlessSDK({ accessKey });
+
+  return sdk;
+};
+
+module.exports = {
+  getPlatformClientWithAccessKey,
+  getOrCreateAccessKeyForOrg,
+};
diff --git a/lib/clientUtils.test.js b/lib/clientUtils.test.js
@@ -0,0 +1,111 @@
+'use strict';
+
+const chai = require('chai');
+const proxyquire = require('proxyquire');
+const overrideEnv = require('process-utils/override-env');
+const sinon = require('sinon');
+
+chai.use(require('chai-as-promised'));
+
+const expect = chai.expect;
+
+const platformClientStub = {
+  ServerlessSDK: class ServerlessSDK {
+    constructor() {
+      this.accessKeys = {
+        create: async () => ({ secretAccessKey: 'createdAccessKey' }),
+      };
+    }
+
+    config() {}
+  },
+};
+
+describe('lib/clientUtils.test.js', () => {
+  const orgName = 'testorg';
+
+  describe('getOrCreateAccessKeyForOrg', () => {
+    it('returns SERVERLESS_ACCESS_KEY from env if set', async () => {
+      const { getOrCreateAccessKeyForOrg } = proxyquire('./clientUtils', {
+        '@serverless/utils/config': {
+          getLoggedInUser: () => null,
+        },
+      });
+      let result;
+      const accessKeyFromEnv = 'accesskeyfromenv';
+
+      await overrideEnv({ variables: { SERVERLESS_ACCESS_KEY: accessKeyFromEnv } }, async () => {
+        result = await getOrCreateAccessKeyForOrg(orgName);
+      });
+
+      expect(result).to.equal(accessKeyFromEnv);
+    });
+
+    it('throws an error if user does not exist', async () => {
+      const { getOrCreateAccessKeyForOrg } = proxyquire('./clientUtils', {
+        '@serverless/utils/config': {
+          getLoggedInUser: () => null,
+        },
+      });
+
+      await expect(getOrCreateAccessKeyForOrg(orgName)).to.be.rejectedWith(
+        'Could not find logged in user. Please log in.'
+      );
+    });
+
+    it('returns an existing access key from config', async () => {
+      const accessKeyFromConfig = 'existingaccesskey';
+
+      const { getOrCreateAccessKeyForOrg } = proxyquire('./clientUtils', {
+        '@serverless/utils/config': {
+          getLoggedInUser: () => ({
+            userId: 'someuserid',
+            accessKeys: {
+              [orgName]: accessKeyFromConfig,
+            },
+          }),
+        },
+      });
+
+      const result = await getOrCreateAccessKeyForOrg(orgName);
+      expect(result).to.equal(accessKeyFromConfig);
+    });
+
+    it('throws if it could not create an access key when user does not have idToken', async () => {
+      const { getOrCreateAccessKeyForOrg } = proxyquire('./clientUtils', {
+        '@serverless/utils/config': {
+          getLoggedInUser: () => ({
+            userId: 'someuserid',
+          }),
+        },
+      });
+
+      await expect(getOrCreateAccessKeyForOrg(orgName)).to.be.rejectedWith(
+        'Could not create a new access key. Please log out and log in and try again.'
+      );
+    });
+
+    it('succesfully returns and persists created access key', async () => {
+      const configUtilsSetStub = sinon.stub();
+      const { getOrCreateAccessKeyForOrg } = proxyquire('./clientUtils', {
+        '@serverless/utils/config': {
+          getLoggedInUser: () => ({ userId: 'userid', idToken: 'sometoken', username: 'user' }),
+          set: configUtilsSetStub,
+        },
+        '@serverless/platform-client': platformClientStub,
+      });
+
+      const result = await getOrCreateAccessKeyForOrg(orgName);
+      expect(result).to.equal('createdAccessKey');
+      expect(
+        configUtilsSetStub.calledWith({
+          users: {
+            userid: {
+              dashboard: { accessKeys: { [orgName]: result } },
+            },
+          },
+        })
+      ).to.be.true;
+    });
+  });
+});
diff --git a/lib/deployProfile.js b/lib/deployProfile.js
@@ -1,12 +1,10 @@
 'use strict';
 
-const { getAccessKeyForTenant, getDeployProfile } = require('@serverless/platform-sdk');
-const { ServerlessSDK } = require('@serverless/platform-client');
 const { serviceSlug, instanceSlug } = require('./utils');
 const { getDashboardUrl } = require('./dashboard');
+const { getPlatformClientWithAccessKey } = require('./clientUtils');
 
 module.exports.configureDeployProfile = async (ctx) => {
-  const accessKey = await getAccessKeyForTenant(ctx.sls.service.org);
   let deploymentProfile;
   const {
     provider,
@@ -45,12 +43,14 @@ module.exports.configureDeployProfile = async (ctx) => {
         .join('\n')}`
     );
   }
+
+  const sdk = await getPlatformClientWithAccessKey(org);
+
   try {
-    deploymentProfile = await getDeployProfile({
-      accessKey,
-      stage,
-      app,
-      tenant: org,
+    deploymentProfile = await sdk.deploymentProfiles.get({
+      orgName: org,
+      appName: app,
+      stageName: stage,
     });
   } catch (e) {
     if (process.env.SLS_DEBUG) {
@@ -62,16 +62,13 @@ module.exports.configureDeployProfile = async (ctx) => {
     ctx.provider.cachedCredentials.region = region;
   }
   if (!parameterizedArgs.length) {
-    const sdkV2 = new ServerlessSDK({
-      accessKey,
-    });
     let providerCredentials = {};
     try {
       if (!ctx.sls.service.orgUid) {
-        const { orgUid } = await sdkV2.getOrgByName(ctx.sls.service.org);
+        const { orgUid } = await sdk.getOrgByName(ctx.sls.service.org);
         ctx.sls.service.orgUid = orgUid;
       }
-      providerCredentials = await sdkV2.getProvidersByOrgServiceInstance(
+      providerCredentials = await sdk.getProvidersByOrgServiceInstance(
         ctx.sls.service.orgUid,
         serviceSlug({ app, service }),
         instanceSlug({ app, service, stage, region })

diff --git a/lib/deployProfile.test.js b/lib/deployProfile.test.js
@@ -4,18 +4,26 @@ const { expect } = require('chai');
 const proxyquire = require('proxyquire');
 const sinon = require('sinon');
 
-const getAccessKeyForTenant = sinon.stub().resolves('accessKey');
 let providerCredentials = [];
+
 const ServerlessSDK = sinon
   .stub()
   .returns({ getProvidersByOrgServiceInstance: async () => providerCredentials });
-const getDeployProfile = sinon.stub().resolves({
+
+const deployProfileGetStub = sinon.stub().resolves({
   secretValues: [{ secretName: 'name', secretProperties: { value: 'value' } }],
   providerCredentials: { secretValue: { accessKeyId: 'id', secretAccessKey: 'secret' } },
 });
+
 const { configureDeployProfile } = proxyquire('./deployProfile', {
-  '@serverless/platform-sdk': { getAccessKeyForTenant, getDeployProfile },
   '@serverless/platform-client': { ServerlessSDK },
+  './clientUtils': {
+    getPlatformClientWithAccessKey: () => ({
+      deploymentProfiles: {
+        get: deployProfileGetStub,
+      },
+    }),
+  },
 });
 
 describe('configureDeployProfile', () => {
@@ -40,12 +48,10 @@ describe('configureDeployProfile', () => {
       },
     };
     await configureDeployProfile(ctx);
-    expect(getAccessKeyForTenant.args[0][0]).to.equal('org');
-    expect(getDeployProfile.args[0][0]).to.deep.equal({
-      accessKey: 'accessKey',
-      app: 'app',
-      tenant: 'org',
-      stage: 'stage',
+    expect(deployProfileGetStub.args[0][0]).to.deep.equal({
+      appName: 'app',
+      orgName: 'org',
+      stageName: 'stage',
     });
     expect(ctx.provider.cachedCredentials).to.deep.equal({
       accessKeyId: 'id',