From 36bdd33d7931d0c00617a81a9b207c8c18f21f34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Stormacq?= Date: Tue, 8 Oct 2024 13:57:04 +0200 Subject: [PATCH 1/2] add docker fine grained permission to the plugin --- Examples/APIGateway/README.md | 2 +- Examples/HelloWorld/README.md | 2 +- Package.swift | 8 +++++++- Plugins/AWSLambdaPackager/Plugin.swift | 2 +- .../Resources/code/04-01-02-plugin-archive.sh | 2 +- .../Resources/code/04-01-03-plugin-archive.sh | 2 +- .../Resources/code/04-01-04-plugin-archive.sh | 2 +- .../Documentation.docc/quick-setup.md | 2 +- readme.md | 2 +- 9 files changed, 15 insertions(+), 9 deletions(-) diff --git a/Examples/APIGateway/README.md b/Examples/APIGateway/README.md index ca731ec6..f534f9ba 100644 --- a/Examples/APIGateway/README.md +++ b/Examples/APIGateway/README.md @@ -22,7 +22,7 @@ To build the package, type the following commands. ```bash swift build -swift package archive --disable-sandbox +swift package archive --allow-network-access docker ``` If there is no error, there is a ZIP file ready to deploy. diff --git a/Examples/HelloWorld/README.md b/Examples/HelloWorld/README.md index e3e2e08b..7709c3ef 100644 --- a/Examples/HelloWorld/README.md +++ b/Examples/HelloWorld/README.md @@ -18,7 +18,7 @@ To build & archive the package, type the following commands. ```bash swift build -swift package archive --disable-sandbox +swift package archive --allow-network-access docker ``` If there is no error, there is a ZIP file ready to deploy. diff --git a/Package.swift b/Package.swift index fe9533bd..129ac3bb 100644 --- a/Package.swift +++ b/Package.swift @@ -55,7 +55,13 @@ let package = Package( verb: "archive", description: "Archive the Lambda binary and prepare it for uploading to AWS. Requires docker on macOS or non Amazonlinux 2 distributions." - ) + ), +permissions: [ + .allowNetworkConnections( + scope: .docker, + reason: "This plugin uses Docker to create the AWS Lambda ZIP package." + ) + ] ) ), .testTarget( diff --git a/Plugins/AWSLambdaPackager/Plugin.swift b/Plugins/AWSLambdaPackager/Plugin.swift index 01c28d47..916e7bc7 100644 --- a/Plugins/AWSLambdaPackager/Plugin.swift +++ b/Plugins/AWSLambdaPackager/Plugin.swift @@ -287,7 +287,7 @@ struct AWSLambdaPackager: CommandPlugin { REQUIREMENTS: To use this plugin, you must have docker installed and started. - USAGE: swift package --disable-sandbox archive [--help] [--verbose] + USAGE: swift package --allow-network-access docker archive [--help] [--verbose] [--output-directory ] [--products ] [--configuration debug | release] diff --git a/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-02-plugin-archive.sh b/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-02-plugin-archive.sh index 41e7a628..e1b4aa05 100644 --- a/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-02-plugin-archive.sh +++ b/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-02-plugin-archive.sh @@ -1,2 +1,2 @@ -swift package --disable-sandbox plugin archive +swift package --allow-network-access docker plugin archive diff --git a/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-03-plugin-archive.sh b/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-03-plugin-archive.sh index 9878f478..37a5cd1b 100644 --- a/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-03-plugin-archive.sh +++ b/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-03-plugin-archive.sh @@ -1,4 +1,4 @@ -swift package --disable-sandbox plugin archive +swift package --allow-network-access docker archive ------------------------------------------------------------------------- building "squarenumberlambda" in docker diff --git a/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-04-plugin-archive.sh b/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-04-plugin-archive.sh index 7652bf1c..b35c9f65 100644 --- a/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-04-plugin-archive.sh +++ b/Sources/AWSLambdaRuntimeCore/Documentation.docc/Resources/code/04-01-04-plugin-archive.sh @@ -1,4 +1,4 @@ -swift package --disable-sandbox plugin archive +swift package --allow-network-access docker archive ------------------------------------------------------------------------- building "squarenumberlambda" in docker diff --git a/Sources/AWSLambdaRuntimeCore/Documentation.docc/quick-setup.md b/Sources/AWSLambdaRuntimeCore/Documentation.docc/quick-setup.md index 151fb8c3..60065baa 100644 --- a/Sources/AWSLambdaRuntimeCore/Documentation.docc/quick-setup.md +++ b/Sources/AWSLambdaRuntimeCore/Documentation.docc/quick-setup.md @@ -106,7 +106,7 @@ AWS Lambda runtime runs on Amazon Linux. You must compile your code for Amazon L > Be sure to have [Docker](https://docs.docker.com/desktop/install/mac-install/) installed for this step. ```sh -swift package --disable-sandbox plugin archive +swift package --allow-network-access docker archive ------------------------------------------------------------------------- building "squarenumberlambda" in docker diff --git a/readme.md b/readme.md index fd68681c..e33b5379 100644 --- a/readme.md +++ b/readme.md @@ -83,7 +83,7 @@ try await runtime.run() ```bash swift build -swift package archive --disable-sandbox +swift package archive --allow-network-access docker ``` If there is no error, there is a ZIP file ready to deploy. From 7b28a796f779978e10fd4e5e9e1d86748ae76d73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Stormacq?= Date: Tue, 8 Oct 2024 14:02:29 +0200 Subject: [PATCH 2/2] swift-format --- Package.swift | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Package.swift b/Package.swift index 129ac3bb..1c97e40d 100644 --- a/Package.swift +++ b/Package.swift @@ -56,12 +56,12 @@ let package = Package( description: "Archive the Lambda binary and prepare it for uploading to AWS. Requires docker on macOS or non Amazonlinux 2 distributions." ), -permissions: [ + permissions: [ .allowNetworkConnections( scope: .docker, reason: "This plugin uses Docker to create the AWS Lambda ZIP package." ) - ] + ] ) ), .testTarget(