CMDCT-4105 - trying to get createusers to work as expected

Enterprise-CMCS · Jan 15, 2025 · 6b84733 · 6b84733
1 parent 7f03a5d
commit 6b84733
Show file tree

Hide file tree

Showing 21 changed files with 2,368 additions and 2,407 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -14,6 +14,9 @@ permissions:
   contents: read
   actions: read
 
+env:
+  SERVERLESS_LICENSE_KEY: ${{ secrets.SERVERLESS_LICENSE_KEY }}
+
 jobs:
   unit-tests:
     name: Unit Tests
@@ -52,13 +55,11 @@ jobs:
       - uses: actions/cache@v4
         with:
           path: "**/node_modules"
-          key: ${{ runner.os }}-modulesDDD-${{ hashFiles('**/yarn.lock', 'plugins/**') }}
+          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock', 'plugins/**') }}
       - name: set path
         run: |
           echo "PATH=$(pwd)/node_modules/.bin/:$PATH" >> $GITHUB_ENV
       - name: deploy
-        env:
-          SERVERLESS_LICENSE_KEY: ${{ secrets.SERVERLESS_LICENSE_KEY }}
         run: |
           # When deploying multiple copies of this quickstart to the same AWS Account (not ideal), a prefix helps prevent stepping on each other.
           # This can optionally be set as an GitHub Actions Secret
@@ -72,7 +73,7 @@ jobs:
           echo "<$APPLICATION_ENDPOINT>" >> $GITHUB_STEP_SUMMARY
         working-directory: services
     outputs:
-      application_endpoint: ${{ steps.endpoint.outputs.application_endpoint}}
+      application_endpoint: ${{ steps.endpoint.outputs.application_endpoint }}
       BRANCH_SPECIFIC_VARNAME_AWS_DEFAULT_REGION: ${{ steps.set_names.outputs.BRANCH_SPECIFIC_VARNAME_AWS_DEFAULT_REGION }}
       BRANCH_SPECIFIC_VARNAME_AWS_OIDC_ROLE_TO_ASSUME: ${{ steps.set_names.outputs.BRANCH_SPECIFIC_VARNAME_AWS_OIDC_ROLE_TO_ASSUME }}
 

diff --git a/.github/workflows/destroy.yml b/.github/workflows/destroy.yml
@@ -16,6 +16,9 @@ permissions:
   contents: read
   actions: read
 
+env:
+  SERVERLESS_LICENSE_KEY: ${{ secrets.SERVERLESS_LICENSE_KEY }}
+
 jobs:
   destroy:
     # Protected branches should be designated as such in the GitHub UI.
@@ -62,7 +65,7 @@ jobs:
   # Notify the integrations channel when a destroy action fails
   notify_on_destroy_failure:
     runs-on: ubuntu-latest
-    needs: 
+    needs:
       - destroy
     if: ${{ failure() }}
     steps:

diff --git a/package.json b/package.json
@@ -39,7 +39,7 @@
     "eslint-plugin-react": "^7.24.0",
     "eslint-plugin-react-hooks": "^2.x",
     "prettier": "^2.4.1",
-    "serverless": "^4.4.0",
+    "serverless": "^4.4.18",
     "serverless-bundle": "^6.0.0",
     "serverless-dotenv-plugin": "^4.0.0",
     "serverless-iam-helper": "github:Enterprise-CMCS/serverless-iam-helper",

diff --git a/serverless-compose.yml b/serverless-compose.yml
@@ -2,51 +2,51 @@ services:
   # wave 1: no dependencies
   database:
     path: services/database
-  # topics:
-  #   path: services/topics
-  # ui:
-  #   path: services/ui
+  topics:
+    path: services/topics
+  ui:
+    path: services/ui
 
-  # # wave 2: depends on database
-  # uploads:
-  #   path: services/uploads
-  #   params:
-  #     MeasureTable: ${database.MeasureTable}
-  #     CoreSetTable: ${database.CoreSetTable}
-  #     RateTable: ${database.RateTable}
+  # wave 2: depends on database
+  uploads:
+    path: services/uploads
+    params:
+      MeasureTable: ${database.MeasureTable}
+      CoreSetTable: ${database.CoreSetTable}
+      RateTable: ${database.RateTable}
 
-  # app-api:
-  #   path: services/app-api
-  #   params:
-  #     CoreSetTable: ${database.CoreSetTable}
-  #     CoreSetTableStreamArn: ${database.CoreSetTableStreamArn}
-  #     MeasureTable: ${database.MeasureTable}
-  #     MeasureTableStreamArn: ${database.MeasureTableStreamArn}
-  #     RateTable: ${database.RateTable}
-  #     RateTableStreamArn: ${database.RateTableStreamArn}
-  #     BannerTableName: ${database.BannerTableName}
+  app-api:
+    path: services/app-api
+    params:
+      CoreSetTable: ${database.CoreSetTable}
+      CoreSetTableStreamArn: ${database.CoreSetTableStreamArn}
+      MeasureTable: ${database.MeasureTable}
+      MeasureTableStreamArn: ${database.MeasureTableStreamArn}
+      RateTable: ${database.RateTable}
+      RateTableStreamArn: ${database.RateTableStreamArn}
+      BannerTableName: ${database.BannerTableName}
 
-  # # wave 3: depends on many
-  # ui-auth:
-  #   path: services/ui-auth
-  #   params:
-  #     AttachmentsBucketArn: ${uploads.AttachmentsBucketArn}
-  #     ApiGatewayRestApiName: ${app-api.ApiGatewayRestApiName}
-  #     ApplicationEndpointUrl: ${ui.ApplicationEndpointUrl}
+  # wave 3: depends on many
+  ui-auth:
+    path: services/ui-auth
+    params:
+      AttachmentsBucketArn: ${uploads.AttachmentsBucketArn}
+      ApiGatewayRestApiName: ${app-api.ApiGatewayRestApiName}
+      ApplicationEndpointUrl: ${ui.ApplicationEndpointUrl}
 
-  # # wave 4: depends on most
-  # ui-src:
-  #   path: services/ui-src
-  #   params:
-  #     ApiRegion: ${app-api.Region}
-  #     ApiGatewayRestApiUrl: ${app-api.ApiGatewayRestApiUrl}
-  #     CognitoRegion: ${ui-auth.Region}
-  #     IdentityPoolId: ${ui-auth.IdentityPoolId}
-  #     UserPoolId: ${ui-auth.UserPoolId}
-  #     UserPoolClientId: ${ui-auth.UserPoolClientId}
-  #     UserPoolClientDomain: ${ui-auth.UserPoolClientDomain}
-  #     AttachmentsBucketRegion: ${uploads.Region}
-  #     AttachmentsBucketName: ${uploads.AttachmentsBucketName}
-  #     S3BucketName: ${ui.S3BucketName}
-  #     CloudFrontDistributionId: ${ui.CloudFrontDistributionId}
-  #     ApplicationEndpointUrl: ${ui.ApplicationEndpointUrl}
+  # wave 4: depends on most
+  ui-src:
+    path: services/ui-src
+    params:
+      ApiRegion: ${app-api.Region}
+      ApiGatewayRestApiUrl: ${app-api.ApiGatewayRestApiUrl}
+      CognitoRegion: ${ui-auth.Region}
+      IdentityPoolId: ${ui-auth.IdentityPoolId}
+      UserPoolId: ${ui-auth.UserPoolId}
+      UserPoolClientId: ${ui-auth.UserPoolClientId}
+      UserPoolClientDomain: ${ui-auth.UserPoolClientDomain}
+      AttachmentsBucketRegion: ${uploads.Region}
+      AttachmentsBucketName: ${uploads.AttachmentsBucketName}
+      S3BucketName: ${ui.S3BucketName}
+      CloudFrontDistributionId: ${ui.CloudFrontDistributionId}
+      ApplicationEndpointUrl: ${ui.ApplicationEndpointUrl}
diff --git a/services/app-api/package.json b/services/app-api/package.json
@@ -25,7 +25,6 @@
     "aws-sdk-client-mock": "^3.0.1",
     "jest": "^27.4.7",
     "serverless-associate-waf": "^1.2.1",
-    "serverless-plugin-typescript": "^2.1.4",
     "ts-jest": "^27.1.3",
     "ts-node": "^10.7.0",
     "typescript": "^4.6.4"

diff --git a/services/app-api/serverless.yml b/services/app-api/serverless.yml
@@ -7,14 +7,12 @@ package:
   individually: true
 
 plugins:
-  # - serverless-plugin-typescript
   - serverless-associate-waf
   - "@enterprise-cmcs/serverless-waf-plugin"
   - serverless-offline-ssm
   - serverless-offline
   - serverless-stack-termination-protection
   - serverless-iam-helper
-  - serverless-s3-bucket-helper
   - serverless-dotenv-plugin
 
 custom:
@@ -81,7 +79,7 @@ provider:
     restApi: true
   iam:
     role:
-      path: ${ssm:/configuration/${self:custom.stage}/iam/path, ssm:/configuration/default/iam/path, "/"}
+      path: /delegatedadmin/developer/
       permissionsBoundary: ${ssm:/configuration/${self:custom.stage}/iam/permissionsBoundaryPolicy, ssm:/configuration/default/iam/permissionsBoundaryPolicy, ""}
       statements:
         - Effect: "Allow"