Merge pull request #1536 from salesforcecli/d/W-20084586-2

chore: updating to v3 of s3 API @W-20084586@

Author: iowillhoit

.eslintrc.cjs

@@ -9,5 +9,13 @@ module.exports = {
   rules: {
     'no-shadow': 'off',
     '@typescript-eslint/no-shadow': ['error'],
+    '@typescript-eslint/no-unused-vars': [
+      'error',
+      {
+        argsIgnorePattern: '^_',
+        varsIgnorePattern: '^_',
+        caughtErrorsIgnorePattern: '^_',
+      },
+    ],
   },
 };

package.json

@@ -9,6 +9,7 @@
     "sf-release": "bin/run.js"
   },
   "dependencies": {
+    "@aws-sdk/client-s3": "^3.929.0",
     "@oclif/core": "^4.8.0",
     "@octokit/core": "^6.1.6",
     "@octokit/plugin-paginate-rest": "^11.6.0",
@@ -20,7 +21,8 @@
     "@salesforce/plugin-trust": "^3.7.89",
     "@salesforce/sf-plugins-core": "^12.2.5",
     "@salesforce/ts-types": "^2.0.10",
-    "aws-sdk": "^2.1692.0",
+    "@smithy/node-http-handler": "^4.4.5",
+    "@smithy/types": "^4.8.1",
     "chalk": "^5.6.0",
     "commit-and-tag-version": "^12.6.0",
     "fast-glob": "^3.3.3",
@@ -38,7 +40,7 @@
     "@salesforce/ts-sinon": "^1.4.31",
     "@types/semver": "^7.7.0",
     "@types/shelljs": "^0.8.17",
-    "aws-sdk-mock": "^5.9.0",
+    "aws-sdk-client-mock": "^4.1.0",
     "eslint-plugin-sf-plugin": "^1.20.33",
     "oclif": "^4.22.44",
     "ts-node": "^10.9.2",

src/amazonS3.ts

@@ -11,17 +11,14 @@ import { ux } from '@oclif/core';
 import got from 'got';
 import { SfError } from '@salesforce/core';
 import chalk from 'chalk';
-import AWS from 'aws-sdk';
-import { S3, WebIdentityCredentials } from 'aws-sdk';
-import { CredentialsOptions } from 'aws-sdk/lib/credentials.js';
+import { _Object, ListObjectsV2CommandOutput, S3, GetObjectRequest, GetObjectOutput } from '@aws-sdk/client-s3';
+import { NodeHttpHandler } from '@smithy/node-http-handler';
+import { AwsCredentialIdentity } from '@smithy/types';
 import { isString } from '@salesforce/ts-types';
 
-import { GetObjectRequest, GetObjectOutput } from 'aws-sdk/clients/s3.js';
 import { Channel, CLI, S3Manifest, ServiceAvailability } from './types.js';
 import { api } from './codeSigning/packAndSign.js';
 
-import ClientConfiguration = WebIdentityCredentials.ClientConfiguration;
-
 const BASE_URL = 'https://developer.salesforce.com';
 const BUCKET = 'dfc-data-production';
 
@@ -32,7 +29,7 @@ type AmazonS3Options = {
   cli: CLI;
   channel?: Channel;
   baseUrl?: string;
-  credentials?: CredentialsOptions;
+  credentials?: AwsCredentialIdentity;
   baseKey?: string;
 };
 
@@ -41,14 +38,15 @@ export class AmazonS3 {
 
   public directory: string;
   private s3: S3;
-  private baseKey: string;
+  private readonly baseKey: string;
 
   public constructor(private options: AmazonS3Options) {
     this.directory = `https://developer.salesforce.com/media/salesforce-cli/${this.options.cli ?? ''}`;
     this.baseKey = this.directory.replace(BASE_URL, '').replace(/^\//, '');
-    this.s3 = new AWS.S3({
+    this.s3 = new S3({
+      region: 'us-east-1',
       ...resolveCredentials(options.credentials),
-      ...buildHttpOptions(),
+      requestHandler: buildRequestHandler(),
     });
   }
 
@@ -65,36 +63,31 @@ export class AmazonS3 {
   }
 
   public async getObject(options: GetObjectOption): Promise<GetObjectOutput> {
-    const object = (await this.s3
-      .getObject({
-        ...options,
-        Key: options.Key.replace(BASE_URL, '').replace(/^\//, ''),
-        ...{ Bucket: this.options.bucket ?? BUCKET },
-      })
-      .promise()) as GetObjectOutput;
-    return object;
+    return this.s3.getObject({
+      ...options,
+      Key: options.Key?.replace(BASE_URL, '').replace(/^\//, ''),
+      ...{ Bucket: this.options.bucket ?? BUCKET },
+    });
   }
 
   // Paginates listObjectV2 and returns both Contents and CommonPrefixes
-  public async listAllObjects(key: string): Promise<{ contents: S3.ObjectList; commonPrefixes: string[] }> {
+  public async listAllObjects(key: string): Promise<{ contents: _Object[]; commonPrefixes: string[] }> {
     const prefix = key.startsWith(this.baseKey) ? key : `${this.baseKey}/${key}/`;
     const bucket = this.options.bucket ?? BUCKET;
     let continuationToken;
-    const allContents: S3.ObjectList = [];
+    const allContents: _Object[] = [];
     const allCommonPrefixes: string[] = [];
 
     // Use maximum iteration to ensure termination
     const MAX_ITERATIONS = 100;
     for (let i = 1; i <= MAX_ITERATIONS; i++) {
       // eslint-disable-next-line no-await-in-loop
-      const response = await this.s3
-        .listObjectsV2({
-          Bucket: bucket,
-          Delimiter: '/',
-          Prefix: prefix,
-          ContinuationToken: continuationToken,
-        })
-        .promise();
+      const response: ListObjectsV2CommandOutput = await this.s3.listObjectsV2({
+        Bucket: bucket,
+        Delimiter: '/',
+        Prefix: prefix,
+        ContinuationToken: continuationToken,
+      });
 
       if (response.Contents) {
         allContents.push(...response.Contents);
@@ -117,7 +110,7 @@ export class AmazonS3 {
     return result.commonPrefixes;
   }
 
-  public async listKeyContents(key: string): Promise<S3.ObjectList> {
+  public async listKeyContents(key: string): Promise<_Object[]> {
     const result = await this.listAllObjects(key);
     return result.contents;
   }
@@ -157,8 +150,8 @@ const getFileAtUrl = async (url: string): Promise<string> => {
 };
 
 const resolveCredentials = (
-  credentialOptions?: CredentialsOptions
-): { credentials: CredentialsOptions } | Record<string, string> => {
+  credentialOptions?: AwsCredentialIdentity
+): { credentials: AwsCredentialIdentity } | Record<string, string> => {
   if (credentialOptions) {
     return { credentials: credentialOptions };
   }
@@ -174,7 +167,13 @@ const fileIsAvailable = async (url: string): Promise<ServiceAvailability> => {
   return { service: 'file', name: url, available: statusCode >= 200 && statusCode < 300 };
 };
 
-const buildHttpOptions = (): { httpOptions: ClientConfiguration['httpOptions'] } | Record<string, never> => {
+const buildRequestHandler = (): NodeHttpHandler => {
   const agent = api.getAgentForUri('https://s3.amazonaws.com');
-  return agent && agent.http ? { httpOptions: { agent: agent.http } } : {};
+  const options =
+    agent && agent.http
+      ? {
+          httpAgent: agent.http,
+        }
+      : {};
+  return new NodeHttpHandler(options);
 };

src/codeSigning/SimplifiedSigning.ts

@@ -23,9 +23,9 @@
  */
 import { generateKeyPair, createSign, createVerify } from 'node:crypto';
 import { createReadStream } from 'node:fs';
-import { S3 } from 'aws-sdk';
-import { putObject } from '../codeSigning/upload.js';
+import { PutObjectCommandOutput } from '@aws-sdk/client-s3';
 import { PackageJsonSfdxProperty } from '../package.js';
+import { putObject } from './upload.js';
 const CRYPTO_LEVEL = 'RSA-SHA256';
 const BUCKET = 'dfc-data-production';
 export const BASE_URL = 'https://developer.salesforce.com';
@@ -98,7 +98,7 @@ export const signVerifyUpload = async (signingRequest: SigningRequest): Promise<
 /**
  * Save the security items (publicKey and .sig file) to AWS based on the generates filenames
  */
-const upload = async (input: SigningResponse): Promise<S3.PutObjectOutput[]> =>
+const upload = async (input: SigningResponse): Promise<PutObjectCommandOutput[]> =>
   Promise.all([
     // signature file
     putObject(BUCKET, input.packageJsonSfdxProperty.signatureUrl.replace(`${BASE_URL}/`, ''), input.signatureContents),

src/codeSigning/upload.ts

@@ -4,23 +4,19 @@
  * Licensed under the BSD 3-Clause license.
  * For full license text, see LICENSE.txt file in the repo root or https://opensource.org/licenses/BSD-3-Clause
  */
-
-import AWS from 'aws-sdk';
+import { PutObjectCommand, PutObjectCommandOutput, S3 } from '@aws-sdk/client-s3';
+import { NodeHttpHandler, NodeHttpHandlerOptions } from '@smithy/node-http-handler';
 import { Agents } from 'got';
-import { WebIdentityCredentials } from 'aws-sdk';
 import { api } from './packAndSign.js';
-import ClientConfiguration = WebIdentityCredentials.ClientConfiguration;
 
-export async function putObject(bucket: string, key: string, body: string): Promise<AWS.S3.PutObjectOutput> {
-  return new Promise((resolve, reject) => {
-    const agent = api.getAgentForUri('https://s3.amazonaws.com') as Agents;
-    const s3 = new AWS.S3({
-      httpOptions: { agent: agent.http },
-      httpsOptions: { agent: agent.https },
-    } as ClientConfiguration);
-    s3.putObject({ Bucket: bucket, Key: key, Body: body }, (err, resp) => {
-      if (err) reject(err);
-      if (resp) resolve(resp);
-    });
+export async function putObject(bucket: string, key: string, body: string): Promise<PutObjectCommandOutput> {
+  const agent = api.getAgentForUri('https://s3.amazonaws.com') as Agents;
+  const s3 = new S3({
+    region: 'us-east-1',
+    requestHandler: new NodeHttpHandler({
+      httpAgent: agent.http,
+      httpsAgent: agent.https,
+    } as NodeHttpHandlerOptions),
   });
+  return s3.send(new PutObjectCommand({ Bucket: bucket, Key: key, Body: body }));
 }

test/codeSigning/upload.test.ts

@@ -4,28 +4,29 @@
  * Licensed under the BSD 3-Clause license.
  * For full license text, see LICENSE.txt file in the repo root or https://opensource.org/licenses/BSD-3-Clause
  */
-import AWS from 'aws-sdk';
-import AWSMock from 'aws-sdk-mock';
+import { CreateMultipartUploadCommand, UploadPartCommand, S3, PutObjectCommand } from '@aws-sdk/client-s3';
+import { AwsClientStub, mockClient } from 'aws-sdk-client-mock';
 import { expect } from 'chai';
 import { TestContext } from '@salesforce/core/testSetup';
 import { putObject } from '../../src/codeSigning/upload.js';
 
 describe('Upload', () => {
   const $$ = new TestContext();
+  let clientMock: AwsClientStub<S3>;
 
   beforeEach(() => {
-    AWSMock.setSDKInstance(AWS);
+    clientMock = mockClient(S3);
+    clientMock.on(PutObjectCommand).resolves({ ETag: '12345' });
+    clientMock.on(CreateMultipartUploadCommand).resolves({ UploadId: '1' });
+    clientMock.on(UploadPartCommand).resolves({ ETag: '12345' });
   });
 
   afterEach(() => {
     $$.SANDBOX.restore();
-    AWSMock.restore('S3');
+    clientMock.restore();
   });
 
   it('should upload an object to S3', async () => {
-    AWSMock.mock('S3', 'putObject', (params, callback) => {
-      callback(undefined, { ETag: '12345' });
-    });
     const response = await putObject('my-plugin-1.0.0.sig', 'my-bucket', 'media/signatures');
     expect(response).to.deep.equal({ ETag: '12345' });
   });