This repository was archived by the owner on Feb 27, 2026. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathset-codeartifact-auth-token.ts
More file actions
141 lines (121 loc) · 3.42 KB
/
set-codeartifact-auth-token.ts
File metadata and controls
141 lines (121 loc) · 3.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
#!/usr/bin/env node
import { execFile } from 'child_process'
import { parseArgs, promisify } from 'util'
import assert from 'assert'
import { Vercel } from '@vercel/sdk'
import { getBenchmarkProjects } from './util.ts'
import constants from './constants.json' with { type: 'json' }
const execFileAsync = promisify(execFile)
const { teamId } = constants
const VERCEL_TOKEN = process.env.VERCEL_TOKEN
assert(VERCEL_TOKEN, 'VERCEL_TOKEN is not set in .env')
const vercel = new Vercel({ bearerToken: VERCEL_TOKEN })
type AwsCodeArtifactConfig = {
domain: string
domainOwner: string
region: string
}
function getAwsCodeArtifactConfig(): AwsCodeArtifactConfig {
const awsRegistry = (constants as any).registries?.aws?.registry
assert(
typeof awsRegistry === 'string',
'constants.json registries.aws.registry is not configured',
)
const url = new URL(awsRegistry)
const hostMatch = url.hostname.match(
/^(.+)-(\d+)\.d\.codeartifact\.([^.]+)\.amazonaws\.com$/,
)
assert(
hostMatch,
`Unable to parse CodeArtifact settings from registry host: ${url.hostname}`,
)
const domain = hostMatch[1]
const domainOwner = hostMatch[2]
const region = hostMatch[3]
assert(domain && domainOwner && region, 'CodeArtifact host parse failed')
return { domain, domainOwner, region }
}
async function getFreshCodeArtifactToken(profile?: string) {
const { domain, domainOwner, region } = getAwsCodeArtifactConfig()
const args = [
'codeartifact',
'get-authorization-token',
'--domain',
domain,
'--domain-owner',
domainOwner,
'--region',
region,
'--query',
'authorizationToken',
'--output',
'text',
]
if (profile) {
args.push('--profile', profile)
}
const { stdout } = await execFileAsync('aws', args, { maxBuffer: 1024 * 1024 })
const token = stdout.trim()
assert(token && token !== 'None', 'AWS CLI returned an empty auth token')
return token
}
async function setCodeArtifactAuthToken({
limit = '100',
filter = [],
profile,
}: {
limit?: string
filter?: string[]
profile?: string
}) {
const authToken = await getFreshCodeArtifactToken(profile)
console.error('Fetched fresh CODEARTIFACT_AUTH_TOKEN from AWS CLI')
const projects = await getBenchmarkProjects(vercel, {
limit,
filters: filter,
})
assert(projects.length, 'No projects found')
console.error(
`Found ${projects.length} projects: ${projects.map((p) => p.name).join(', ')}`,
)
let success = 0
let failures = 0
for (const project of projects) {
try {
await vercel.projects.createProjectEnv({
idOrName: project.id,
teamId,
upsert: 'true',
requestBody: {
key: 'CODEARTIFACT_AUTH_TOKEN',
value: authToken,
type: 'plain',
target: ['production', 'preview', 'development'],
},
})
success++
console.error(`✓ ${project.name}`)
} catch (error) {
failures++
console.error(`✗ ${project.name}`)
console.error(error)
}
}
console.error(`Updated CODEARTIFACT_AUTH_TOKEN in ${success} projects`)
if (failures > 0) {
console.error(`Failed to update ${failures} projects`)
process.exitCode = 1
}
}
setCodeArtifactAuthToken(
parseArgs({
options: {
limit: { type: 'string' },
filter: { type: 'string', multiple: true },
profile: { type: 'string' },
},
}).values,
).catch((error) => {
console.error(error)
process.exit(1)
})