Open plaurent opened 3 years ago
The hack in question is currently found at https://github.com/DMGT-TECH/authenticated-cloud-docs/blob/main/.github/workflows/deploy-static-site.yaml#L44:
- name: Patch cloudfront-auth to allow non-interative (CLI) use
run: |
cd ./deployment/cloudfront-auth
sed -i"" "s/^prompt.start/prompt.override=require('minimist')(process.argv.slice(2), opts={boolean:true, string:['method', 'AUTHZ']});prompt.start/" build/build.js
Sidenote: the above hack depends on minimist
being available, which I'm not explicitly adding as a requirement to package.json (it is however a sub-dependency).
The main issue is that the cloudfront-auth repo code is interactive only, doesn't support non-interactive CLI usage or loading all settings from a preconfigured file.
The tool we are using to build the CloudFront authentication lambda (https://github.com/Widen/cloudfront-auth) - Connect to preview only supports interactive mode. Even with a saved out configuration file, it continues to interactively prompt — it just uses the saved configuration for the prompt defaults. This does not lend itself to automation. However, I was able to add a single line of code to enable command line-based automation for our use case. That's how this action is currently working -- it is patching in that line prior to run. But we're going to need something more robust/less hackish.
Options:
I noticed there's already a PR dated Mar 1 in Widen/cloudfront-auth to address our use case and more (https://github.com/Widen/cloudfront-auth/pull/84). But it's much more than a one-line change. If that gets merged that will resolve our issues. Just not sure when that'll happen.
Rob has suggested either: