An ember-cli-deploy plugin to upload files to S3
This plugin uploads one or more files to an Amazon S3 bucket. It could be used to upload the assets (js, css, images etc) or indeed the application's index.html.
A plugin is an addon that can be executed as a part of the ember-cli-deploy pipeline. A plugin will implement one or more of the ember-cli-deploy's pipeline hooks.
For more information on what plugins are and how they work, please refer to the Plugin Documentation.
To get up and running quickly, do the following:
-
Ensure ember-cli-deploy-build is installed and configured.
-
Install this plugin
$ ember install ember-cli-deploy-s3
- Place the following configuration into
config/deploy.js
ENV.s3 = {
accessKeyId: '<your-aws-access-key>',
secretAccessKey: '<your-aws-secret>',
bucket: '<your-s3-bucket>',
region: '<the-region-your-bucket-is-in>'
}
- Run the pipeline
$ ember deploy
Run the following command in your terminal:
ember install ember-cli-deploy-s3
For detailed information on what plugin hooks are and how they work, please refer to the Plugin Documentation.
configure
upload
For detailed information on how configuration of plugins works, please refer to the Plugin Documentation.
WARNING: Don't share a configuration object between ember-cli-deploy-s3-index and this plugin. The way these two plugins read their configuration has side effects which will unfortunately break your deploy if you share one configuration object between the two.
The AWS access key for the user that has the ability to upload to the bucket
. If this is left undefined,
the normal AWS SDK credential resolution will take place.
Default: undefined
The AWS secret for the user that has the ability to upload to the bucket
. This must be defined when accessKeyId
is defined.
Default: undefined
The AWS session token for the user that has the ability to upload to the bucket
. This may be required if you are using the AWS Security Token Service.
This requires both accessKeyId
and secretAccessKey
to be defined.
Default: undefined
The AWS profile as definied in ~/.aws/credentials
. If this is left undefined,
the normal AWS SDK credential resolution will take place.
Default: undefined
The AWS bucket that the files will be uploaded to.
Default: undefined
The region the AWS bucket
is located in.
Default: undefined
AWS (or AWS compatible endpoint) to use. E.g. with DigitalOcean Spaces, Microsoft Azure Blob Storage, or Openstack Swift
If endpoint
set the region
option will be ignored.
Default: [region].s3.amazonaws.com
The ACL to apply to the objects.
Default: public-read
A directory within the bucket
that the files should be uploaded in to. It should not have a leading or trailing slash.
Default: ''
Files that match this pattern will be uploaded to S3. The file pattern must be relative to distDir
. For an advanced usage, you may want to check out isaacs/minimatch's documentation.
Default: '**/*.{js,css,png,gif,ico,jpg,webp,map,xml,txt,svg,swf,eot,ttf,woff,woff2,otf,wasm,json}'
Files matching this pattern will not be uploaded even if they match filePattern.
Default: null
The root directory where the files matching filePattern
will be searched for. By default, this option will use the distDir
property of the deployment context, provided by ember-cli-deploy-build.
Default: context.distDir
The list of built project files. This option should be relative to distDir
and should include the files that match filePattern
. By default, this option will use the distFiles
property of the deployment context, provided by ember-cli-deploy-build.
Default: context.distFiles
This is a boolean that can be set to true
to include hidden folders
(that are prefixed with a .
) as folders that can be uploaded to S3.
Default: false
The list of files that have been gziped. This option should be relative to distDir
. By default, this option will use the gzippedFiles
property of the deployment context, provided by ember-cli-deploy-gzip.
This option will be used to determine which files in distDir
, that match filePattern
, require the gzip content encoding when uploading.
Default: context.gzippedFiles
The path to a manifest that specifies the list of files that are to be uploaded to S3.
This manifest file will be used to work out which files don't exist on S3 and, therefore, which files should be uploaded. By default, this option will use the manifestPath
property of the deployment context, provided by ember-cli-deploy-manifest.
Default: context.manifestPath
The client used to upload files to S3. This allows the user the ability to use their own client for uploading instead of the one provided by this plugin.
The client specified MUST implement a function called upload
.
Default: the upload client provided by ember-cli-deploy-s3
The underlying S3 library used to upload the files to S3. This allows the user to use the default upload client provided by this plugin but switch out the underlying library that is used to actually send the files.
The client specified MUST implement functions called getObject
and putObject
.
Default: the default S3 library is aws-sdk
Sets the Cache-Control
header on the uploaded files.
Default: max-age=63072000, public, immutable
Sets the Expires
header on the uploaded files.
Default: Mon Dec 31 2029 21:00:00 GMT-0300 (CLST)
Sets the default mime type, used when it cannot be determined from the file extension.
Default: application/octet-stream
The network proxy url used when sending requests to S3.
Default: undefined
The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms). Possible values include:
- "AES256"
- "aws:kms"
S3 putObject
requests will be performed in batchSize
increments if set to a value other than 0.
Useful when deploying applications to fake-s3, or applications large enough to trigger S3 rate limits (very uncommon).
Default: 0
signatureVersion
allows for setting the Signature Version. In the Asia Pacific (Mumbai), Asia Pacific (Seoul), EU (Frankfurt) and China (Beijing) regions, Amazon S3 supports only Signature Version 4. In all other regions, Amazon S3 supports both Signature Version 4 and Signature Version 2.
Example value: 'v4'
Default: undefined
The following properties are expected to be present on the deployment context
object:
distDir
(provided by ember-cli-deploy-build)distFiles
(provided by ember-cli-deploy-build)gzippedFiles
(provided by ember-cli-deploy-gzip)manifestPath
(provided by ember-cli-deploy-manifest)
The environment in which the ember deploy
command is run needs to have an AWS account with a policy that allows writing to the S3 bucket.
It's common for a development machine to be set up with the developer's personal AWS credentials, which likely have the ability to administer the entire AWS account. This will allow deployment to work from the development machine, but it is not a good idea to copy your personal credentials to production.
The best way to set up non-development deployment is to create an IAM user to be the "deployer", and place its security credentials (Access Key ID and Access Secret) in the environment on the machine or CI environment where deployment takes place. (The easiest way to do this in CI is to set environment variables AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
.)
A bare minimum policy should have the following permissions:
{
"Statement": [
{
"Sid": "Stmt1EmberCLIS3DeployPolicy",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectACL"
],
"Resource": [
"arn:aws:s3:::your-s3-bucket-name/*"
]
}
]
}
Replace your-s3-bucket-name
with the name of the actual bucket you are deploying to.
Also, remember that "PutObject" permission will effectively overwrite any existing files with the same name unless you use a fingerprinting or a manifest plugin.
If you want the contents of the S3 bucket to be accessible to the world, the following policy can be placed directly in the S3 bucket policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadForGetBucketObjects",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::your-s3-bucket-name/*"
}
]
}
Replace your-s3-bucket-name
with the name of the actual bucket you are deploying to.
To properly serve certain assets (i.e. webfonts) a basic CORS configuration is needed
[
{
"AllowedHeaders": [],
"AllowedMethods": [
"GET",
"HEAD"
],
"AllowedOrigins": [
"http://www.your-site.com",
"https://www.your-site.com"
],
"ExposeHeaders": []
}
]
Replace www.your-site.com with your domain.
Some more info: Amazon CORS guide, Stackoverflow
yarn test
Since this is a node-only ember-cli addon, this package does not include many files and dependencies which are part of ember-cli's typical ember build
and ember test
processes.