@artsy/bucket-assets
Advanced tools
Uploads a folder of static assets to an s3 bucket with convenient assumptions.
Uploads a folder of static assets to an s3 bucket with convenient features. These include:
git rev-parse HEAD)Bucket Assets is used in deploys of Artsy apps, but may be useful for you too.
Run the CLI in your deployment process. You may omit these arguments if you use the defaults below.
bucket-assets \
--files **/public/** \
--secret s3-secret \
--key s3-key \
--bucket force-production \
--fingerprint true
Add the middleware to your app
var bucketAssets = require('bucket-assets');
app.use(bucketAssets({
// Glob that defaults to finding all files in "public" folders that
// are children of process.cwd() e.g. /public + /components/modal/public.
// Will always ignore public folders in node_modules.
files: __dirname + '/**/public/**',
// Defaults to "public". The name of the folder that is the root static
// directory so relative paths work the same locally as they do on the CDN.
root: 'public',
// Defaults to process.env.S3_KEY
key: 's3-key',
// Defaults to process.env.S3_SECRET
secret: 's3-secret',
// Defaults to process.env.S3_BUCKET
bucket: 'force-production',
// Defaults to process.env.CDN_URL
cdnUrl: '//xyz.cloudfront.net/',
// Defaults to true. Use `false` to not use fingerprinting.
fingerprint: true
}));
Use the view helper to point to the fingerprinted CDN assets in production or staging.
head
link( type='text/css', rel='stylesheet', href=asset('main.css') )
body
script( src=asset('main.js') )
Be sure to set env variables for production/staging if you're relying on the defaults
On your CI machine
S3_KEY=
S3_SECRET=
Run with deploy script
heroku config:set ASSET_MANIFEST=$(cat manifest.json)
Set once
heroku config:set CDN_URL=
Please fork the project and submit a pull request with tests. Install node modules npm install and run tests with npm test.
MIT
FAQs
Uploads a folder of static assets to an s3 bucket with convenient assumptions.
The npm package @artsy/bucket-assets receives a total of 4 weekly downloads. As such, @artsy/bucket-assets popularity was classified as not popular.
We found that @artsy/bucket-assets demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.