Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
aws-sg-container
Advanced tools
aws-sg-container - npm Package Compare versions
Comparing version 0.14.0 to 0.14.1
@@ -18,4 +18,2 @@ /* | ||
| var _ = require('lodash'); | ||
| var fs = require('fs'); | ||
| var executor = require('nscale-util').executor(); | ||
| var _ec2; | ||
@@ -25,35 +23,4 @@ var _config; | ||
| var GROUP_ID = '__GROUP_ID__'; | ||
| var PROTOCOL = '__PROTOCOL__'; | ||
| var PORT = '__PORT__'; | ||
| var CIDR = '__CIDR__'; | ||
| /** | ||
| * the aws function ec2.authorizeSecurityGroupIngress appears to just not work... | ||
| * this temporary hack creates a set of AWS command line instructions in a single | ||
| * bash script and executes them to set ingress rules on a given security group | ||
| */ | ||
| var hackIngress = function(groupId, ipPermissions, out, cb) { | ||
| var ingress = 'aws ec2 authorize-security-group-ingress --group-id __GROUP_ID__ --protocol __PROTOCOL__ --port __PORT__ --cidr __CIDR__\n'; | ||
| var script = ''; | ||
| var rule = ''; | ||
| script = 'export AWS_ACCESS_KEY_ID=' + _config.accessKeyId + '\n'; | ||
| script += 'export AWS_SECRET_ACCESS_KEY=' + _config.secretAccessKey + '\n'; | ||
| script += 'export AWS_DEFAULT_REGION=' + _config.region + '\n'; | ||
| _.each(ipPermissions, function(perm) { | ||
| rule = ingress.replace(GROUP_ID, groupId); | ||
| rule = rule.replace(PROTOCOL, perm.IpProtocol); | ||
| rule = rule.replace(PORT, perm.FromPort); | ||
| rule = rule.replace(CIDR, perm.IpRanges[0].CidrIp); | ||
| script += rule; | ||
| }); | ||
| fs.writeFileSync('/tmp/_hackingress.sh', script, 'utf8'); | ||
| executor.exec(_mode, 'sh /tmp/_hackingress.sh', '/tmp', out, cb); | ||
| }; | ||
| var handleGroup = function(system, container, out, cb) { | ||
@@ -90,7 +57,6 @@ var sg = container.specific; | ||
| if (sg.IpPermissions) { | ||
| setTimeout(function() { | ||
| hackIngress(resp.GroupId, sg.IpPermissions, out, function() { | ||
| cb(err, system); | ||
| }); | ||
| }, 10000); | ||
| var params = {GroupId : resp.GroupId, IpPermissions : sg.IpPermissions}; | ||
| _ec2.authorizeSecurityGroupIngress(params, function(err) { | ||
| cb(err, system); | ||
| }); | ||
| } | ||
@@ -97,0 +63,0 @@ }); |
@@ -14,3 +14,3 @@ { | ||
| ], | ||
| "version": "0.14.0", | ||
| "version": "0.14.1", | ||
| "license": "Artistic License 2.0", | ||
@@ -17,0 +17,0 @@ "author": "Peter Elger (http://nearform.com/)", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-15.36%
7024
- Lines of code
- decreased by-18.01%
132
No dependency changes