Reformat templates using prettier (#64)

* Reformat templates using prettier
* Add prettier config
* Reformat witch

Author: ConnorKirk

.pre-commit-config.yaml

@@ -30,3 +30,8 @@ repos:
         name: AWS CloudFormation Linter
         files: \.(template)$
         args: [--ignore-checks=W3002]
+
+  - repo: https://github.com/pre-commit/mirrors-prettier
+    rev: v3.0.1
+    hooks:
+      - id: prettier

.prettierrc

@@ -0,0 +1,5 @@
+{
+  "tabWidth": 2,
+  "useTabs": false,
+  "singleQuote": true
+}

source/witch/witch.js

@@ -1,25 +1,25 @@
-const aws = require("aws-sdk");
-const fs = require("fs");
-const path = require("path");
-const mime = require("mime-types");
-const https = require("https");
-const url = require("url");
+const aws = require('aws-sdk');
+const fs = require('fs');
+const path = require('path');
+const mime = require('mime-types');
+const https = require('https');
+const url = require('url');
 
 const s3 = new aws.S3();
 
-const SUCCESS = "SUCCESS";
-const FAILED = "FAILED";
+const SUCCESS = 'SUCCESS';
+const FAILED = 'FAILED';
 
 const { BUCKET } = process.env;
 
 exports.staticHandler = function (event, context) {
-  if (event.RequestType !== "Create" && event.RequestType !== "Update") {
+  if (event.RequestType !== 'Create' && event.RequestType !== 'Update') {
     return respond(event, context, SUCCESS, {});
   }
 
   Promise.all(
-    walkSync("./").map((file) => {
-      const fileType = mime.lookup(file) || "application/octet-stream";
+    walkSync('./').map((file) => {
+      const fileType = mime.lookup(file) || 'application/octet-stream';
 
       console.log(`${file} -> ${fileType}`);
 
@@ -29,10 +29,10 @@ exports.staticHandler = function (event, context) {
           Bucket: BUCKET,
           ContentType: fileType,
           Key: file,
-          ACL: "private",
+          ACL: 'private',
         })
         .promise();
-    })
+    }),
   )
     .then((msg) => {
       respond(event, context, SUCCESS, {});
@@ -63,12 +63,12 @@ function respond(
   responseStatus,
   responseData,
   physicalResourceId,
-  noEcho
+  noEcho,
 ) {
   const responseBody = JSON.stringify({
     Status: responseStatus,
     Reason:
-      "See the details in CloudWatch Log Stream: " + context.logStreamName,
+      'See the details in CloudWatch Log Stream: ' + context.logStreamName,
     PhysicalResourceId: physicalResourceId || context.logStreamName,
     StackId: event.StackId,
     RequestId: event.RequestId,
@@ -77,28 +77,28 @@ function respond(
     Data: responseData,
   });
 
-  console.log("Response body:\n", responseBody);
+  console.log('Response body:\n', responseBody);
 
   const { pathname, hostname, search } = new url.URL(event.ResponseURL);
   const options = {
     hostname,
     port: 443,
     path: pathname + search,
-    method: "PUT",
+    method: 'PUT',
     headers: {
-      "content-type": "",
-      "content-length": responseBody.length,
+      'content-type': '',
+      'content-length': responseBody.length,
     },
   };
 
   const request = https.request(options, function (response) {
-    console.log("Status code: " + response.statusCode);
-    console.log("Status message: " + response.statusMessage);
+    console.log('Status code: ' + response.statusCode);
+    console.log('Status message: ' + response.statusMessage);
     context.done();
   });
 
-  request.on("error", function (error) {
-    console.log("send(..) failed executing https.request(..): " + error);
+  request.on('error', function (error) {
+    console.log('send(..) failed executing https.request(..): ' + error);
     context.done();
   });
 

templates/acm-certificate.yaml

@@ -12,7 +12,7 @@ Parameters:
     Type: String
 
 Conditions:
-  CreateApexConfig:  !Equals
+  CreateApexConfig: !Equals
     - !Ref CreateApex
     - 'yes'
 
@@ -30,10 +30,10 @@ Resources:
         - DomainName: !Sub '${SubDomain}.${DomainName}'
           HostedZoneId: !Ref HostedZoneId
         - Fn::If:
-          - CreateApexConfig
-          - DomainName: !Ref DomainName
-            HostedZoneId: !Ref HostedZoneId
-          - Ref: AWS::NoValue
+            - CreateApexConfig
+            - DomainName: !Ref DomainName
+              HostedZoneId: !Ref HostedZoneId
+            - Ref: AWS::NoValue
       ValidationMethod: DNS
 
 Outputs:

templates/cloudfront-site.yaml

@@ -27,11 +27,11 @@ Parameters:
   S3BucketRootArn:
     Description: Content Bucket locator
     Type: String
-  CreateApex: 
+  CreateApex:
     Type: String
 
 Conditions:
-  CreateApexConfig:  !Equals
+  CreateApexConfig: !Equals
     - !Ref CreateApex
     - 'yes'
 
@@ -56,7 +56,7 @@ Resources:
       DistributionConfig:
         Aliases:
           - !Sub '${SubDomain}.${DomainName}'
-          - !If [ CreateApexConfig, !Ref DomainName, !Ref 'AWS::NoValue' ]
+          - !If [CreateApexConfig, !Ref DomainName, !Ref 'AWS::NoValue']
         DefaultCacheBehavior:
           Compress: true
           DefaultTTL: 86400
@@ -87,8 +87,7 @@ Resources:
           - DomainName: !Ref 'S3BucketRootName'
             Id: !Sub 'S3-${AWS::StackName}-root'
             S3OriginConfig:
-              OriginAccessIdentity:
-                !Join ['', ['origin-access-identity/cloudfront/', !Ref CloudFrontOriginAccessIdentity]]
+              OriginAccessIdentity: !Sub 'origin-access-identity/cloudfront/${CloudFrontOriginAccessIdentity}'
         PriceClass: 'PriceClass_All'
         ViewerCertificate:
           AcmCertificateArn: !Ref 'CertificateArn'
@@ -103,60 +102,60 @@ Resources:
     Properties:
       CloudFrontOriginAccessIdentityConfig:
         Comment: !Sub 'CloudFront OAI for ${SubDomain}.${DomainName}'
-        
+
   Route53RecordSetGroup:
     Type: AWS::Route53::RecordSetGroup
     Properties:
       HostedZoneName: !Sub '${DomainName}.'
       RecordSets:
-      - Name: !Sub '${SubDomain}.${DomainName}'
-        Type: 'A'
-        AliasTarget:
-          DNSName: !GetAtt 'CloudFrontDistribution.DomainName'
-          EvaluateTargetHealth: false
-          # The  following HosteZoneId is always used for alias records pointing to CF.
-          HostedZoneId: 'Z2FDTNDATAQYW2'
+        - Name: !Sub '${SubDomain}.${DomainName}'
+          Type: 'A'
+          AliasTarget:
+            DNSName: !GetAtt 'CloudFrontDistribution.DomainName'
+            EvaluateTargetHealth: false
+            # The  following HosteZoneId is always used for alias records pointing to CF.
+            HostedZoneId: 'Z2FDTNDATAQYW2'
 
   ApexRoute53RecordSetGroup:
     Condition: CreateApexConfig
     Type: AWS::Route53::RecordSetGroup
     Properties:
       HostedZoneName: !Sub '${DomainName}.'
       RecordSets:
-      - Name: !Ref 'DomainName'
-        Type: 'A'
-        AliasTarget:
-          DNSName: !GetAtt 'CloudFrontDistribution.DomainName'
-          EvaluateTargetHealth: false
-          # The  following HosteZoneId is always used for alias records pointing to CF.
-          HostedZoneId: 'Z2FDTNDATAQYW2'
+        - Name: !Ref 'DomainName'
+          Type: 'A'
+          AliasTarget:
+            DNSName: !GetAtt 'CloudFrontDistribution.DomainName'
+            EvaluateTargetHealth: false
+            # The  following HosteZoneId is always used for alias records pointing to CF.
+            HostedZoneId: 'Z2FDTNDATAQYW2'
 
   ResponseHeadersPolicy:
-      Type: AWS::CloudFront::ResponseHeadersPolicy
-      Properties: 
-        ResponseHeadersPolicyConfig: 
-          Name: !Sub "${AWS::StackName}-static-site-security-headers"
-          SecurityHeadersConfig: 
-            StrictTransportSecurity: 
-              AccessControlMaxAgeSec: 63072000
-              IncludeSubdomains: true
-              Override: true
-              Preload: true
-            ContentSecurityPolicy: 
-              ContentSecurityPolicy: "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'"
-              Override: true
-            ContentTypeOptions: 
-              Override: true
-            FrameOptions:
-              FrameOption: DENY
-              Override: true
-            ReferrerPolicy: 
-              ReferrerPolicy: "same-origin"
-              Override: true
-            XSSProtection: 
-              ModeBlock: true
-              Override: true
-              Protection: true
+    Type: AWS::CloudFront::ResponseHeadersPolicy
+    Properties:
+      ResponseHeadersPolicyConfig:
+        Name: !Sub '${AWS::StackName}-static-site-security-headers'
+        SecurityHeadersConfig:
+          StrictTransportSecurity:
+            AccessControlMaxAgeSec: 63072000
+            IncludeSubdomains: true
+            Override: true
+            Preload: true
+          ContentSecurityPolicy:
+            ContentSecurityPolicy: "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'"
+            Override: true
+          ContentTypeOptions:
+            Override: true
+          FrameOptions:
+            FrameOption: DENY
+            Override: true
+          ReferrerPolicy:
+            ReferrerPolicy: 'same-origin'
+            Override: true
+          XSSProtection:
+            ModeBlock: true
+            Override: true
+            Protection: true
 
 Outputs:
   CloudFrontDistribution:

templates/custom-resource.yaml

@@ -3,9 +3,8 @@ Description: ACFS3 - Cert Provider with DNS validation
 Transform: AWS::Serverless-2016-10-31
 
 Resources:
-
   CopyCustomResource:
-    Type: "AWS::CloudFormation::CustomResource"
+    Type: 'AWS::CloudFormation::CustomResource'
     Properties:
       ServiceToken: !GetAtt CopyFunction.Arn
 
@@ -40,14 +39,14 @@ Resources:
           Value: ACFS3
 
   CopyLayerVersion:
-    Type: "AWS::Serverless::LayerVersion"
+    Type: 'AWS::Serverless::LayerVersion'
     Properties:
       ContentUri: ../witch.zip
       CompatibleRuntimes:
         - nodejs16.x
 
   CopyRole:
-    Type: "AWS::IAM::Role"
+    Type: 'AWS::IAM::Role'
     Properties:
       AssumeRolePolicyDocument:
         Statement:
@@ -59,23 +58,23 @@ Resources:
       ManagedPolicyArns:
         - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
       Policies:
-      - PolicyName: S3CopyPolicy
-        PolicyDocument:
-          Version: '2012-10-17'
-          Statement:
-          - Effect: Allow
-            Action:
-            - s3:GetObject
-            - s3:ListBucket
-            - s3:PutObject
-            - s3:PutObjectAcl
-            Resource:
-              - !Sub
-                - arn:aws:s3:::${TargetBucket}/*
-                - TargetBucket: !Ref S3BucketRoot
-              - !Sub
-                - arn:aws:s3:::${TargetBucket}
-                - TargetBucket: !Ref S3BucketRoot
+        - PolicyName: S3CopyPolicy
+          PolicyDocument:
+            Version: '2012-10-17'
+            Statement:
+              - Effect: Allow
+                Action:
+                  - s3:GetObject
+                  - s3:ListBucket
+                  - s3:PutObject
+                  - s3:PutObjectAcl
+                Resource:
+                  - !Sub
+                    - arn:aws:s3:::${TargetBucket}/*
+                    - TargetBucket: !Ref S3BucketRoot
+                  - !Sub
+                    - arn:aws:s3:::${TargetBucket}
+                    - TargetBucket: !Ref S3BucketRoot
 
   CopyFunction:
     Type: AWS::Serverless::Function

templates/main.yaml

@@ -42,7 +42,7 @@ Parameters:
     Description: Create an Apex Alias in CloudFront distribution - yes/no
     Type: String
     Default: 'no'
-    AllowedValues: ['yes','no']
+    AllowedValues: ['yes', 'no']
 
 Resources:
   CustomResourceStack: