Merge pull request #1 from aws-samples/main

merging latest

Author: devops-arch-cloud

.github/ISSUE_TEMPLATE/new-serverless-pattern-submission.md

@@ -3,12 +3,19 @@ name: New serverless pattern submission
 about: Submit your a new pattern
 title: New pattern submission
 labels: ''
-assignees: jbesw
+assignees: 
 
 ---
 
 To submit a template to the Serverless Patterns Collection, submit an issue with the following information.
 
+**IMPORTANT**
+Patterns are intended to be primarily IaC-focused implementations of 2-4 AWS services, with minimum custom code. They should be commonly used combinations that help developers get started quickly. If you have a utility, demo, or application, submit these to the [Serverless Repos Collection](https://serverlessland.com/repos) instead.
+
+**ONLY SUBMIT ONE PATTERN CHANGE PER PR**. Multiple patterns or files spanning multiple pattern directories will be automatically rejected.
+
+Patterns may take up to 4-6 weeks to review, test, and merge but there is no SLA and can take significantly longer due to other work the team has.
+
 **To learn more about submitting a pattern, read the [publishing guidelines page](https://github.com/aws-samples/serverless-patterns/blob/main/PUBLISHING.md).**
 
 1. Use the model template located at https://github.com/aws-samples/serverless-patterns/tree/main/_pattern-model to set up a README, template and any associated code.
@@ -18,7 +25,6 @@ To submit a template to the Serverless Patterns Collection, submit an issue with
 Note the following information for the model:
 - Description (intro.text) should be a 300-500 word explanation of how the pattern works.
 - Resources should like to AWS documentation and AWS blogs related to the post (1-5 maximum).
-- Framework: currently, we support SAM or CDK.
 - Author bio may include a LinkedIn and/or Twitter reference and a 1-sentence bio.
 
 You must ensure that the sections of the model README.md are completed in full.

.github/dependabot.yml

@@ -0,0 +1,18 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  # Maintain dependencies for npm
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  # Maintain dependencies for PIP
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"      

.github/workflows/create_update_release.yaml

@@ -0,0 +1,138 @@
+name: Create and Update Releases
+permissions:
+  contents: write
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  get-release:
+    runs-on: ubuntu-latest
+    outputs: 
+      latest_release: ${{ steps.get_latest_release.outputs.latest_release }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Get the latest release tag
+        id: get_latest_release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          LATEST_RELEASE=$(gh release list --limit 1 --json tagName --jq '.[0].tagName' || echo "none")
+          echo "Latest release tag: $LATEST_RELEASE"
+          echo "::set-output name=latest_release::$LATEST_RELEASE"
+          echo "latest_release=${latest_release}" >> $GITHUB_ENV
+        continue-on-error: true
+
+  create-release:
+    needs: get-release
+    runs-on: ubuntu-latest
+    if: needs.get-release.outputs.latest_release == ''
+    steps:
+      - name: print latest release output
+        run: echo "Latest release ${{ needs.get-release.outputs.latest_release }}"
+
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Release doesn't exist so create one
+        id: create_release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release create v1.0.0 --notes "Initial release v1.0.0" --prerelease=false
+          echo "Release created"
+      
+      - name: Zip files of folders
+        id: zip_folders
+        run: |
+          mkdir -p temp
+          for folder in */; do
+            if [ -d "$folder" ]; then
+              folder_name=$(basename "$folder")
+              zip -r "temp/${folder_name}.zip" "$folder_name"
+            fi
+          done
+          echo "Zip files created"
+    
+      - name: upload files to the release
+        id: upload_files
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          for file in temp/*.zip; do
+            if [ -f "$file" ]; then
+              gh release upload v1.0.0 "$file" --clobber
+              echo "Uploaded $file, waiting to avoid rate limits..."
+              sleep 3
+            else
+              echo "File $file not found"
+            fi
+          done
+
+  update-release:
+    needs: get-release
+    runs-on: ubuntu-latest
+    if: needs.get-release.outputs.latest_release != ''
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      
+      - name: Fetch latest tags
+        run: |
+          git fetch --tags
+
+      - name: Get changed files
+        id: get_changes
+        run: |
+          if [ -n "${{ needs.get-release.outputs.latest_release }}" ]; then
+            git fetch origin refs/tags/${{ needs.get-release.outputs.latest_release }}:refs/tags/${{ needs.get-release.outputs.latest_release }}
+            changed_files=$(git diff --name-only ${{ needs.get-release.outputs.latest_release }} HEAD)
+            echo "Changed files: $changed_files"
+            echo "$changed_files" > changed_files.txt
+          else
+            echo "No latest release found"
+            echo "" > changed_files.txt
+          fi
+        
+      - name: Identify changed folders
+        id: identify_folders
+        run: |
+          if [ -s changed_files.txt ]; then
+            changed_folders=$(awk -F/ '{print $1}' changed_files.txt | sort | uniq)
+            echo "Changed folders: $changed_folders"
+            echo "$changed_folders" > changed_folders.txt
+          else
+            echo "No changed files"
+            echo "" > changed_folders.txt
+          fi
+      
+      - name: Archive changed folders
+        run: |
+          mkdir -p temp_archives
+          while IFS= read -r folder; do
+            if [ -d "$folder" ]; then
+              zip -r "temp_archives/$folder.zip" "$folder"
+              echo "Archived $folder"
+            else
+              echo "Folder $folder does not exist"
+            fi
+          done < changed_folders.txt
+      
+      - name: Upload archives to release
+        if: needs.get-release.outputs.latest_release != ''
+        env: 
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          while IFS= read -r folder; do
+            archive="temp_archives/$folder.zip"
+            if [ -f "$archive" ]; then
+              gh release upload ${{ needs.get-release.outputs.latest_release }} "$archive" --clobber
+              echo "Uploaded $archive, waiting to avoid rate limits..."
+            else
+              echo "Archive $archive not found"
+            fi
+          done < changed_folders.txt

.github/workflows/export-to-serverlessland-team.yml

@@ -0,0 +1,39 @@
+# Manual trigger that will Copy pattern to SLand
+name: Manual Copy to SLand-team-test
+
+on:
+  workflow_dispatch:
+    inputs:
+      fileName:
+        description: "new pattern filename"
+        required: true
+      dirName:
+        description: "new pattern dir"
+        required: true
+
+jobs:
+  copy:
+    runs-on: ubuntu-latest
+    env:
+      NODE_ENV: dev
+      fileName: ${{ inputs.fileName }}
+    steps:
+      - name: Check if user is a member of the team
+        uses: tspascoal/get-user-teams-membership@v2
+        id: checkUserMember
+        with:
+          username: ${{ github.actor }}
+          team: 'aws-serverless-da'
+          GITHUB_TOKEN: ${{ secrets.GET_USER_TEAMS_MEMBERSHIP }}
+      - name: Copycat
+        if: ${{ steps.checkUserMember.outputs.isTeamMember == 'true' }}
+        uses: andstor/copycat-action@v3
+        with:
+          personal_token: ${{ secrets.patterns_pat }}
+          dst_path: /submissions/patterns/
+          dst_owner: bls20AWS
+          dst_repo_name: serverless-land
+          dst_branch: master
+          src_branch: main
+          file_filter: "*.json"
+          src_path: /${{ inputs.dirName }}/${{ inputs.fileName }}

.github/workflows/export-to-serverlessland.yml

@@ -0,0 +1,32 @@
+# Manual trigger that will Copy pattern to SLand
+name: Manual Copy to SLand
+
+on:
+  workflow_dispatch:
+    inputs:
+      fileName:
+        description: "new pattern filename"
+        required: true
+      dirName:
+        description: "new pattern dir"
+        required: true
+
+jobs:
+  copy:
+    runs-on: ubuntu-latest
+    if: ${{ (github.actor == 'bls20aws') || (github.actor == 'singledigit')  || (github.actor == 'boyney123') || (github.actor == 'mavi888') || (github.actor == 'julianwood') }}
+    env:
+      NODE_ENV: dev
+      fileName: ${{ inputs.fileName }}
+    steps:
+      - name: Copycat
+        uses: andstor/copycat-action@v3
+        with:
+          personal_token: ${{ secrets.patterns_pat }}
+          dst_path: /submissions/patterns/
+          dst_owner: bls20AWS
+          dst_repo_name: serverless-land
+          dst_branch: master
+          src_branch: main
+          file_filter: "*.json"
+          src_path: /${{ inputs.dirName }}/${{ inputs.fileName }}

.github/workflows/lint.yml

@@ -14,7 +14,7 @@ jobs:
 
       - name: Get changed files using defaults
         id: changed-files
-        uses: tj-actions/changed-files@v19
+        uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275
         with:
           separator: ","
 

.github/workflows/manual-validate-for-pattern.yml

@@ -24,6 +24,14 @@ jobs:
       # run a custom script to get the SHA, and then finally checkout the PR branch
       - name: Checkout Repo
         uses: actions/checkout@v3
+      # Use the fork repo URL in subsequent steps
+      - name: Get repo URL
+        run: echo "REPO_NAME=${{ github.event.repository.name }}" >> $GITHUB_ENV
+      - name: Dump github context
+        run:   echo "$GITHUB_CONTEXT"
+        shell: bash
+        env:
+          GITHUB_CONTEXT: ${{ toJson(github) }}
       - name: Extract PR details
         id: extract_PR_details
         uses: actions/github-script@v6
@@ -44,5 +52,4 @@ jobs:
           MODIFIED_FILES: ${{ steps.extract_PR_details.outputs.files }}
           ADDED_FILES: "${{ steps.changed-files.outputs.added_files }}"
           PR_NUMBER: ${{ inputs.prNumber }}
-          ACTOR: ${{ steps.extract_PR_details.outputs.user }}
           TOKEN: "${{ secrets.GITHUB_TOKEN }}"           

.github/workflows/schema-validation.yml

@@ -1,4 +1,6 @@
 name: "Schema Validation"
+permissions:
+  contents: read
 
 on: [pull_request]
 
@@ -15,7 +17,7 @@ jobs:
 
       - name: Get changed files using defaults
         id: changed-files
-        uses: tj-actions/changed-files@v19
+        uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275
         with:
           separator: ","    
 

.gitignore

@@ -206,8 +206,8 @@ crash.log
 crash.*.log
 
 # Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version 
-# control as they are data points which are potentially sensitive and subject 
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
 # to change depending on the environment.
 *.tfvars
 *.tfvars.json
@@ -234,4 +234,7 @@ terraform.rc
 
 #Ignore Intellij files
 *.iml
-*.idea
+*.idea
+
+# This file gets generated as part of Maven shade plugin which can be ignored
+dependency-reduced-pom.xml