Merge branch 'master' into return-assets-object-node-module

.circleci/config.yml

@@ -1,11 +1,28 @@
-# Javascript Node CircleCI 2.0 configuration file
-#
-# Check https://circleci.com/docs/2.0/language-javascript/ for more details
-#
 version: 2.1
 
+orbs:
+  codecov: codecov/codecov@3
+
 jobs:
-  test:
+  e2e_test_as_node_module:
+    docker:
+      - image: cimg/node:current
+    working_directory: ~/repo
+    steps:
+      - checkout
+      - run: npm ci
+      - run: AUTH0_HTTP_RECORDINGS="lockdown" npm run test:e2e:node-module
+
+  e2e_test_as_cli:
+    docker:
+      - image: cimg/node:current
+    working_directory: ~/repo
+    steps:
+      - checkout
+      - run: npm ci
+      - run: npm run test:e2e:cli
+
+  unit_test:
     parameters:
       v:
         type: string
@@ -25,10 +42,11 @@ jobs:
           paths:
             - node_modules
       - run: npm run lint
-      - run: npm test
+      - run: npm run test:coverage
       - persist_to_workspace:
           root: ~/repo
           paths: .
+      - codecov/upload
 
   deploy:
     parameters:
@@ -47,32 +65,59 @@ jobs:
       - run:
           name: Publish package
           command: npm publish
+
+  does_typescript_compile: 
+    docker:
+      - image: cimg/node:current
+    working_directory: ~/repo
+    steps:
+      - checkout
+      - run: npm ci
+      - run: npx tsc --noEmit
+
 workflows:
   version: 2
-  test:
+
+  e2e_test:
     jobs:
-      - test:
-          name: test_lts
+      - e2e_test_as_node_module:
+          name: E2E tests as Node module
+      - e2e_test_as_cli:
+          name: E2E tests as CLI
+          filters:
+            branches:
+              only: master
+
+  unit_test:
+    jobs:
+      - does_typescript_compile:
+          name: Does Typescript compile?
+      - unit_test:
+          name: Unit tests with Node LTS
           v: "lts"
-      - test:
-          name: test_current
-          v: "18.0.0"
+      - unit_test:
+          name: Unit tests with Node current
+          v: "current"
+
   test_and_deploy:
     jobs:
-      - test:
-          name: test_lts
+      - unit_test:
+          name: Unit tests with Node LTS
           v: "lts"
           filters:
             branches:
               only: master
             tags:
               only: /^v.*/
       - deploy:
+          name: Publish to NPM
           v: "lts"
           requires:
-            - test_lts
+            - Unit tests with Node LTS
           filters:
             branches:
               ignore: /.*/
             tags:
               only: /^v.*/
+          context:
+            - publish-npm

.eslintignore

@@ -1,4 +1,5 @@
 examples/
+test/e2e/testdata/**/**
 local/
 node_modules/
 lib/

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: 🤔 Help & Questions
+    url: https://community.auth0.com/c/sdks/5
+    about: Ask general support or usage questions in the Auth0 Community forums
+  - name: 📖 Deploy CLI Documentation
+    url: https://github.com/auth0/auth0-deploy-cli#documentation
+    about: Check the Deploy CLI documentation for in-depth overview of all the available commands
+  - name: Take Our Survey!
+    url: https://www.surveymonkey.com/r/LZKMPFN
+    about: We're on a mission to make Auth0 Deploy CLI the best it can be, and we need YOUR help. We've put together a brief survey to understand how you use Deploy CLI, what you love about it, and where you think we can do better.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,50 @@
+name: 🚀 Feature Request
+description: Suggest an idea or a feature for this project
+labels: [ "feature request" ]
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this feature request!
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      options:
+        - label: I agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
+          required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the problem you'd like to have solved
+      description: A clear and concise description of what the problem is.
+      placeholder: My life would be a lot simpler if...
+    validations:
+      required: true
+
+  - type: textarea
+    id: ideal-solution
+    attributes:
+      label: Describe the ideal solution
+      description: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives-and-workarounds
+    attributes:
+      label: Alternatives and current workarounds
+      description: A clear and concise description of any alternatives you've considered or any workarounds that are currently in place.
+    validations:
+      required: false
+
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional context
+      description: Add any other context or screenshots about the feature request here.
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/report_a_bug.yml

@@ -0,0 +1,74 @@
+name: 🐛 Report a bug
+description: Have you found a bug or issue? Create a bug report for this tool
+labels: [ "bug" ]
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!
+
+  - type: markdown
+    attributes:
+      value: |
+        **Please do not report security vulnerabilities here**. The [Responsible Disclosure Program](https://auth0.com/responsible-disclosure-policy) details the procedure for disclosing security issues.
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      options:
+        - label: I have looked into the [README](https://github.com/auth0/auth0-deploy-cli#readme) and have not found a suitable solution or answer.
+          required: true
+        - label: I have looked into the [documentation](https://github.com/auth0/auth0-deploy-cli#documentation) and have not found a suitable solution or answer.
+          required: true
+        - label: I have searched the [issues](https://github.com/auth0/auth0-deploy-cli/issues) and have not found a suitable solution or answer.
+          required: true
+        - label: I have upgraded to the [latest version](https://github.com/auth0/auth0-deploy-cli/releases/latest) of this tool and the issue still persists.
+          required: true
+        - label: I have searched the [Auth0 Community](https://community.auth0.com/tag/auth0-deploy-cli) forums and have not found a suitable solution or answer.
+          required: true
+        - label: I agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
+          required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: Provide a clear and concise description of the issue.
+    validations:
+      required: true
+
+  - type: textarea
+    id: expectation
+    attributes:
+      label: Expectation
+      description: Tell us about the behavior you expected to see.
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Reproduction
+      description: Detail the steps taken to reproduce this error and, ideally, share a repo of a minimal reproducible example. State whether this issue can be reproduced consistently or if it is intermittent.
+      placeholder: |
+        1. Given...
+        2. When...
+        3. Then...
+    validations:
+      required: true
+
+  - type: input
+    id: environment-deploy-cli-version
+    attributes:
+      label: Deploy CLI version
+    validations:
+      required: true
+
+  - type: input
+    id: environment-node-version
+    attributes:
+      label: Node version
+    validations:
+      required: true

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,24 +1,42 @@
-## ✏️ Changes
+<!--
+❗ For general support or usage questions, use the Auth0 Community forums or raise a support ticket.
 
-> DESCRIPTION GOES HERE. Try to describe both what is changing and why this is important
-> - Make sure you run  when adding / updating a package
-> - What did you change from a design standpoint?
-> - What did you change in the code itself?
-> - If you are updating a dependency, explain why this is needed.
+By submitting a pull request to this repository, you agree to the terms within the Auth0 Code of Conduct: https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md.
+-->
 
-## 🔗 References
+### 🔧 Changes
 
-> Include at least one link to an explanation + requirements for this change, and more if at all possible. Typically this is a Jira/GitHub Issue, but could also be links to Zendesk tickets, RFCs, rollout plan or Slack conversations (for Slack conversations, make sure you provide a summary of the conversation under “Changes”).
+<!--
+Describe both what is changing and why this is important. Include:
 
-## 🎯 Testing
+- Types and methods added, deleted, deprecated, or changed
+- A summary of usage if this is a new feature or a change to a public API
+-->
 
-> Describe how this can be tested by reviewers. Please be specific about anything not tested and reasons why.
-> - Make sure you add unit and integration tests.
-> - If this is on a hot path, add load or performance tests
-> - Especially for dependency updates we also need to make sure that there is no impact on performance.
+### 📚 References
 
-✅🚫 This change has unit test coverage
+<!--
+Add relevant links supporting this change, such as:
 
-✅🚫 This change has integration test coverage
+- GitHub issue/PR number addressed or fixed
+- Auth0 Community post
+- StackOverflow answer
+- Related pull requests/issues from other repositories
 
-✅🚫 This change has been tested for performance
+If there are no references, simply delete this section.
+-->
+
+### 🔬 Testing
+
+<!--
+Describe how this can be tested by reviewers. Be specific about anything not tested and why. Include any manual steps for testing end-to-end, or for testing functionality not covered by unit tests.
+-->
+
+### 📝 Checklist
+
+- [ ] All new/changed/fixed functionality is covered by tests (or N/A)
+- [ ] I have added documentation for all new/changed functionality (or N/A)
+
+<!--
+❗ All the above items are required. Pull requests with an incomplete or missing checklist will be closed.
+-->

.github/dependabot.yml

@@ -0,0 +1,14 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major", "version-update:semver-patch"]

.github/workflows/semgrep.yml

@@ -0,0 +1,18 @@
+name: Semgrep
+
+on:
+  pull_request_target: {}
+  push:
+    branches: ["master", "main"]
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: ubuntu-latest
+    container:
+      image: returntocorp/semgrep
+    if: (github.actor != 'dependabot[bot]' && github.actor != 'snyk-bot')
+    steps:
+      - uses: actions/checkout@v3
+      - run: semgrep ci
+        env:
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}

.gitignore

@@ -4,8 +4,10 @@ local/
 node_modules/
 lib/
 /npm-debug.log
-config.json
+config*.json
 .env
 .idea
 .npmrc
 yarn-error.log
+*.pem
+*.pub

.prettierignore

@@ -7,4 +7,5 @@ lib
 node_modules
 examples
 test/**/*.json
-test/**/*.yaml
+test/**/*.yaml
+test/e2e/testdata