diff --git a/actions/set-shas/dist/index.js b/actions/set-shas/dist/index.js index 4012f05b..62900c38 100644 --- a/actions/set-shas/dist/index.js +++ b/actions/set-shas/dist/index.js @@ -39464,17 +39464,12 @@ const exec_1 = __nccwpck_require__(8776); function run() { return tslib_1.__awaiter(this, void 0, void 0, function* () { try { - // Get all options - const mainBranchName = core.getInput('main-branch-name'); core.info(`Got head sha "${github.context.sha}"`); let baseSha; if (github.context.eventName === 'pull_request') { - core.info(`This is a pull request, get sha from "origin/${mainBranchName}"`); - baseSha = (0, exec_1.execCommand)(`git merge-base origin/${mainBranchName} HEAD`, { - asString: true, - silent: !core.isDebug() - }); - core.info(`Got base sha "${baseSha}" from "origin/${mainBranchName}"`); + core.info(`This is a pull request, get sha from "origin/${github.context.payload.pull_request.base.ref}"`); + baseSha = github.context.payload.pull_request.base.sha; + core.info(`Got base sha "${baseSha}" from "origin/${github.context.payload.pull_request.base.ref}"`); } else { const tag = (0, exec_1.execCommand)('git describe --tags --abbrev=0', { @@ -39483,7 +39478,7 @@ function run() { }); if (!tag) { core.warning(`No tags found, get base sha from origin!`); - baseSha = (0, exec_1.execCommand)(`git rev-parse origin/${mainBranchName}~1`, { + baseSha = (0, exec_1.execCommand)(`git rev-parse origin/${core.getInput('main-branch-name')}~1`, { asString: true, silent: !core.isDebug() }); diff --git a/actions/set-shas/src/set-shas.ts b/actions/set-shas/src/set-shas.ts index 9ec992cf..52cd37b4 100644 --- a/actions/set-shas/src/set-shas.ts +++ b/actions/set-shas/src/set-shas.ts @@ -5,20 +5,14 @@ import { execCommand } from './utils/exec' async function run() { try { - // Get all options - const mainBranchName = core.getInput('main-branch-name') - core.info(`Got head sha "${github.context.sha}"`) - let baseSha + let baseSha: string if (github.context.eventName === 'pull_request') { - core.info(`This is a pull request, get sha from "origin/${mainBranchName}"`) - baseSha = execCommand(`git merge-base origin/${mainBranchName} HEAD`, { - asString: true, - silent: !core.isDebug() - }) + core.info(`This is a pull request, get sha from "origin/${github.context.payload.pull_request.base.ref}"`) + baseSha = github.context.payload.pull_request.base.sha - core.info(`Got base sha "${baseSha}" from "origin/${mainBranchName}"`) + core.info(`Got base sha "${baseSha}" from "origin/${github.context.payload.pull_request.base.ref}"`) } else { const tag = execCommand('git describe --tags --abbrev=0', { @@ -29,7 +23,7 @@ async function run() { if (!tag) { core.warning(`No tags found, get base sha from origin!`) - baseSha = execCommand(`git rev-parse origin/${mainBranchName}~1`, { + baseSha = execCommand(`git rev-parse origin/${core.getInput('main-branch-name')}~1`, { asString: true, silent: !core.isDebug() }) diff --git a/packages/e2e-runner/src/executors/run/run.impl.ts b/packages/e2e-runner/src/executors/run/run.impl.ts index 16b7f52f..94ef8b85 100644 --- a/packages/e2e-runner/src/executors/run/run.impl.ts +++ b/packages/e2e-runner/src/executors/run/run.impl.ts @@ -38,7 +38,7 @@ export async function endToEndRunner( try { switch (runner) { case 'cypress': - // eslint-disable-next-line @typescript-eslint/no-var-requires + // eslint-disable-next-line @typescript-eslint/no-var-requires,no-case-declarations const cypressExecutor = require('@nx/cypress/src/executors/cypress/cypress.impl').default return await cypressExecutor(rest, context) @@ -46,19 +46,19 @@ export async function endToEndRunner( case 'playwright': logger.warn('Runner "playwright" is no longer maintained in favor of @nx/playwright!') - // eslint-disable-next-line @typescript-eslint/no-var-requires + // eslint-disable-next-line @typescript-eslint/no-var-requires,no-case-declarations const playwrightExecutor = require('@nx-extend/playwright/src/executors/test/test.impl').default return await playwrightExecutor(rest, context) case '@nx/playwright': - // eslint-disable-next-line @typescript-eslint/no-var-requires + // eslint-disable-next-line @typescript-eslint/no-var-requires,no-case-declarations const nxPlaywrightExecutor = require('@nx/playwright').playwrightExecutor return await nxPlaywrightExecutor(rest, context) case 'run-commands': - // eslint-disable-next-line @typescript-eslint/no-var-requires + // eslint-disable-next-line @typescript-eslint/no-var-requires,no-case-declarations const runCommandsExecutor = require('nx/src/executors/run-commands/run-commands.impl').default return await runCommandsExecutor(rest as RunCommandsOptions, context) diff --git a/packages/gcp-cloud-run/src/executors/deploy/utils/get-container-flags.ts b/packages/gcp-cloud-run/src/executors/deploy/utils/get-container-flags.ts index ad94265f..5905f285 100644 --- a/packages/gcp-cloud-run/src/executors/deploy/utils/get-container-flags.ts +++ b/packages/gcp-cloud-run/src/executors/deploy/utils/get-container-flags.ts @@ -1,4 +1,4 @@ -import { logger } from '@nx/devkit' +import { getValidSecrets } from '../../../utils/get-valid-secrets' /** * The following flags apply to a single container. @@ -19,7 +19,7 @@ export interface ContainerFlags { envVars?: Record // List of key-value pairs to set as environment variables. // updateEnvVars?: Record // List of key-value pairs to set as environment variables. // removeEnvVars?: string[] // List of environment variables to be removed. - secrets?: string[] + secrets?: string[] | Record // updateSecrets?: Record // List of key-value pairs to set as secrets. // removeSecrets?: string[] // List of secrets to be removed. // clearSecrets?: boolean // Remove all secrets. @@ -43,15 +43,7 @@ export function getContainerFlags(options: ContainerFlags, containerRequired: bo return env }, []) - const validSecrets = (options.secrets || []).map((secret) => { - if (secret.includes('=') && secret.includes(':')) { - return secret - } - - logger.warn(`"${secret}" is not a valid secret! It should be in the following formats: "ENV_VAR_NAME=SECRET:VERSION" or "/secrets/api/key=SECRET:VERSION"`) - return false - }) - .filter(Boolean) + const validSecrets = getValidSecrets(options.secrets) return [ options.container && `--container=${options.container}`, @@ -80,6 +72,6 @@ export function getContainerFlags(options: ContainerFlags, containerRequired: bo // options.removeLabels && `--remove-labels=${options.removeLabels}`, options.labels && `--clear-labels --labels=${options.labels.join(',')}`, // options.updateLabels && `--update-labels=${options.updateLabels}`, - options.volumeMount && `--add-volume-mount=volume=${options.volumeMount}`, + options.volumeMount && `--add-volume-mount=volume=${options.volumeMount}` ] } diff --git a/packages/gcp-cloud-run/src/utils/get-valid-secrets.ts b/packages/gcp-cloud-run/src/utils/get-valid-secrets.ts new file mode 100644 index 00000000..11c979c9 --- /dev/null +++ b/packages/gcp-cloud-run/src/utils/get-valid-secrets.ts @@ -0,0 +1,21 @@ +import { logger } from '@nx/devkit' + +export function getValidSecrets(secrets?: string[] | Record): string[] { + if (!secrets) { + return [] + } + + if (!Array.isArray(secrets)) { + secrets = Object.values(secrets).map((secret) => `${secret}=${secrets[secret]}`) + } + + return secrets.map((secret) => { + if (secret.includes('=') && secret.includes(':')) { + return secret + } + + logger.warn(`"${secret}" is not a valid secret! It should be in the following format "ENV_VAR_NAME=SECRET:VERSION"`) + + return false + }).filter(Boolean) as string[] +} diff --git a/packages/gcp-functions/src/executors/deploy/deploy.impl.ts b/packages/gcp-functions/src/executors/deploy/deploy.impl.ts index 6c9892ae..6f11c2bc 100644 --- a/packages/gcp-functions/src/executors/deploy/deploy.impl.ts +++ b/packages/gcp-functions/src/executors/deploy/deploy.impl.ts @@ -2,6 +2,8 @@ import { ExecutorContext, logger } from '@nx/devkit' import { buildCommand, execCommand } from '@nx-extend/core' import { join } from 'path' +import { getValidSecrets } from '../../utils/get-valid-secrets' + export interface DeployExecutorSchema { functionName: string runtime?: 'nodejs16' | 'nodejs18' | 'nodejs20' | 'recommended' @@ -10,6 +12,7 @@ export interface DeployExecutorSchema { memory?: '128MB' | '256MB' | '512MB' | '1024MB' | '2048MB' | '4096MB' region: string envVarsFile?: string + envVars?: Record allowUnauthenticated?: boolean maxInstances?: number trigger?: 'http' | 'topic' | 'recourse' | 'bucket' @@ -22,7 +25,7 @@ export interface DeployExecutorSchema { securityLevel?: 'secure-optional' | 'secure-always' project?: string retry?: boolean - secrets?: string[] + secrets?: string[] | Record // Gen 2 options gen?: 1 | 2 @@ -47,6 +50,7 @@ export async function deployExecutor( triggerEvent = null, triggerLocation = null, envVarsFile = null, + envVars, maxInstances = 10, project = null, memory = '128MB', @@ -90,56 +94,50 @@ export async function deployExecutor( const { targets } = context.workspace.projects[context.projectName] - const validSecrets = secrets - .map((secret) => { - if (secret.includes('=') && secret.includes(':')) { - return secret - } - - logger.warn( - `"${secret}" is not a valid secret! It should be in the following format "ENV_VAR_NAME=SECRET:VERSION"` - ) - return false - }) - .filter(Boolean) - - let { success } = execCommand( - buildCommand([ - `gcloud functions deploy`, - functionName, - gen === 2 && '--gen2', - `--trigger-${trigger}${triggerValue ? `=${triggerValue}` : ''}`, - triggerEvent && `--trigger-event=${triggerEvent}`, - triggerLocation && `--trigger-location=${triggerLocation}`, - `--runtime=${runtime}`, - `--memory=${correctMemory}`, - `--region=${region}`, - - entryPoint && `--entry-point=${entryPoint}`, - envVarsFile && `--env-vars-file=${envVarsFile}`, - retry && `--retry`, - ingressSettings && `--ingress-settings=${ingressSettings}`, - egressSettings && `--egress-settings=${egressSettings}`, - vpcConnector && `--vpc-connector=${vpcConnector}`, - securityLevel && `--security-level=${securityLevel}`, - timeout && `--timeout=${timeout}`, - - `--source=${join( - context.root, - targets?.build?.options?.outputPath.toString() - )}`, - `--max-instances=${maxInstances}`, - - allowUnauthenticated && '--allow-unauthenticated', - serviceAccount && `--service-account=${serviceAccount}`, - - validSecrets.length > 0 && `--set-secrets=${validSecrets.join(',')}`, - - project && `--project=${project}`, - - '--quiet' - ]) - ) + const validSecrets = getValidSecrets(secrets) + + const setEnvVars = Object.keys(envVars || {}).reduce((env, envVar) => { + env.push(`${envVar}=${envVars[envVar]}`) + + return env + }, []) + + let { success } = execCommand(buildCommand([ + `gcloud functions deploy`, + functionName, + gen === 2 && '--gen2', + `--trigger-${trigger}${triggerValue ? `=${triggerValue}` : ''}`, + triggerEvent && `--trigger-event=${triggerEvent}`, + triggerLocation && `--trigger-location=${triggerLocation}`, + `--runtime=${runtime}`, + `--memory=${correctMemory}`, + `--region=${region}`, + + entryPoint && `--entry-point=${entryPoint}`, + envVarsFile && `--env-vars-file=${envVarsFile}`, + setEnvVars && `--set-env-vars=${setEnvVars.join(',')}`, + retry && `--retry`, + ingressSettings && `--ingress-settings=${ingressSettings}`, + egressSettings && `--egress-settings=${egressSettings}`, + vpcConnector && `--vpc-connector=${vpcConnector}`, + securityLevel && `--security-level=${securityLevel}`, + timeout && `--timeout=${timeout}`, + + `--source=${join( + context.root, + targets?.build?.options?.outputPath.toString() + )}`, + `--max-instances=${maxInstances}`, + + allowUnauthenticated && '--allow-unauthenticated', + serviceAccount && `--service-account=${serviceAccount}`, + + validSecrets.length > 0 && `--set-secrets=${validSecrets.join(',')}`, + + project && `--project=${project}`, + + '--quiet' + ])) if ( success && @@ -153,8 +151,8 @@ export async function deployExecutor( 'gcloud run services update', functionName, - concurrency > 0 && `--concurrency ${concurrency}`, - cpu && `--cpu ${cpu}`, + concurrency > 0 && `--concurrency=${concurrency}`, + cpu && `--cpu=${cpu}`, cloudSqlInstance && `--add-cloudsql-instances=${cloudSqlInstance}`, `--region=${region}`, diff --git a/packages/gcp-functions/src/utils/get-valid-secrets.ts b/packages/gcp-functions/src/utils/get-valid-secrets.ts new file mode 100644 index 00000000..11c979c9 --- /dev/null +++ b/packages/gcp-functions/src/utils/get-valid-secrets.ts @@ -0,0 +1,21 @@ +import { logger } from '@nx/devkit' + +export function getValidSecrets(secrets?: string[] | Record): string[] { + if (!secrets) { + return [] + } + + if (!Array.isArray(secrets)) { + secrets = Object.values(secrets).map((secret) => `${secret}=${secrets[secret]}`) + } + + return secrets.map((secret) => { + if (secret.includes('=') && secret.includes(':')) { + return secret + } + + logger.warn(`"${secret}" is not a valid secret! It should be in the following format "ENV_VAR_NAME=SECRET:VERSION"`) + + return false + }).filter(Boolean) as string[] +}