serverless-dynamodb-local 正在参加 2021 年度 OSC 中国开源项目评选,请投票支持!
serverless-dynamodb-local 在 2021 年度 OSC 中国开源项目评选 中已获得 {{ projectVoteCount }} 票,请投票支持!
2021 年度 OSC 中国开源项目评选 正在火热进行中,快来投票支持你喜欢的开源项目!
2021 年度 OSC 中国开源项目评选 >>> 中场回顾
serverless-dynamodb-local 获得 2021 年度 OSC 中国开源项目评选「最佳人气项目」 !
授权协议 MIT License
开发语言 JavaScript
操作系统 跨平台
软件类型 开源软件
所属分类 云计算Serverless 系统
开源组织
地区 不详
投 递 者 首席测试
适用人群 未知
收录时间 2021-12-02

软件简介

serverless-dynamodb-local

Join the chat at https://gitter.im/99xt/serverless-dynamodb-local npm version License: MIT

This Plugin Requires

  • serverless@^1
  • Java Runtime Engine (JRE) version 6.x or newer

Features

  • Install DynamoDB Local
  • Start DynamoDB Local with all the parameters supported (e.g port, inMemory, sharedDb)
  • Table Creation for DynamoDB Local

Install Plugin

npm install --save serverless-dynamodb-local

Then in serverless.yml add following entry to the plugins array: serverless-dynamodb-local

plugins:
  - serverless-dynamodb-local

Using the Plugin

  1. Install DynamoDB Local sls dynamodb install

  2. Add DynamoDB Resource definitions to your Serverless configuration, as defined here: https://serverless.com/framework/docs/providers/aws/guide/resources/#configuration

  3. Start DynamoDB Local and migrate (DynamoDB will process incoming requests until you stop it. To stop DynamoDB, type Ctrl+C in the command prompt window). Make sure above command is executed before this. sls dynamodb start --migrate

Note: Read the detailed section for more information on advanced options and configurations. Open a browser and go to the url http://localhost:8000/shell to access the web shell for dynamodb local.

Install: sls dynamodb install

To remove the installed dynamodb local, run: sls dynamodb remove Note: This is useful if the sls dynamodb install failed in between to completely remove and install a new copy of DynamoDB local.

Start: sls dynamodb start

All CLI options are optional:

--port  		  -p  Port to listen on. Default: 8000
--cors                    -c  Enable CORS support (cross-origin resource sharing) for JavaScript. You must provide a comma-separated "allow" list of specific domains. The default setting for -cors is an asterisk (*), which allows public access.
--inMemory                -i  DynamoDB; will run in memory, instead of using a database file. When you stop DynamoDB;, none of the data will be saved. Note that you cannot specify both -dbPath and -inMemory at once.
--dbPath                  -d  The directory where DynamoDB will write its database file. If you do not specify this option, the file will be written to the current directory. Note that you cannot specify both -dbPath and -inMemory at once. For the path, current working directory is <projectroot>/node_modules/serverless-dynamodb-local/dynamob. For example to create <projectroot>/node_modules/serverless-dynamodb-local/dynamob/<mypath> you should specify -d <mypath>/ or --dbPath <mypath>/ with a forwardslash at the end.
--sharedDb                -h  DynamoDB will use a single database file, instead of using separate files for each credential and region. If you specify -sharedDb, all DynamoDB clients will interact with the same set of tables regardless of their region and credential configuration.
--delayTransientStatuses  -t  Causes DynamoDB to introduce delays for certain operations. DynamoDB can perform some tasks almost instantaneously, such as create/update/delete operations on tables and indexes; however, the actual DynamoDB service requires more time for these tasks. Setting this parameter helps DynamoDB simulate the behavior of the Amazon DynamoDB web service more closely. (Currently, this parameter introduces delays only for global secondary indexes that are in either CREATING or DELETING status.)
--optimizeDbBeforeStartup -o  Optimizes the underlying database tables before starting up DynamoDB on your computer. You must also specify -dbPath when you use this parameter.
--migration               -m  After starting dynamodb local, run dynamodb migrations.
--heapInitial                 The initial heap size
--heapMax                     The maximum heap size
--migrate                 -m  After starting DynamoDB local, create DynamoDB tables from the Serverless configuration.
--seed                    -s  After starting and migrating dynamodb local, injects seed data into your tables. The --seed option determines which data categories to onload.
--convertEmptyValues      -e  Set to true if you would like the document client to convert empty values (0-length strings, binary buffers, and sets) to be converted to NULL types when persisting to DynamoDB.

All the above options can be added to serverless.yml to set default configuration: e.g.

custom:
  dynamodb:
  # If you only want to use DynamoDB Local in some stages, declare them here
    stages:
      - dev
    start:
      port: 8000
      inMemory: true
      heapInitial: 200m
      heapMax: 1g
      migrate: true
      seed: true
      convertEmptyValues: true
    # Uncomment only if you already have a DynamoDB running locally
    # noStart: true

Migrations: sls dynamodb migrate

Configuration

In serverless.yml add following to execute all the migration upon DynamoDB Local Start

custom:
  dynamodb:
    start:
      migrate: true

AWS::DynamoDB::Table Resource Template for serverless.yml

resources:
  Resources:
    usersTable:
      Type: AWS::DynamoDB::Table
      Properties:
        TableName: usersTable
        AttributeDefinitions:
          - AttributeName: email
            AttributeType: S
        KeySchema:
          - AttributeName: email
            KeyType: HASH
        ProvisionedThroughput:
          ReadCapacityUnits: 1
          WriteCapacityUnits: 1

Note: DynamoDB local doesn't support TTL specification, therefore plugin will simply ignore ttl configuration from Cloudformation template.

Seeding: sls dynamodb seed

Configuration

In serverless.yml seeding categories are defined under dynamodb.seed.

If dynamodb.start.seed is true, then seeding is performed after table migrations.

If you wish to use raw AWS AttributeValues to specify your seed data instead of Javascript types then simply change the variable of any such json files from sources: to rawsources:.

custom:
  dynamodb:
    start:
      seed: true

    seed:
      domain:
        sources:
          - table: domain-widgets
            sources: [./domainWidgets.json]
          - table: domain-fidgets
            sources: [./domainFidgets.json]
      test:
        sources:
          - table: users
            rawsources: [./fake-test-users.json]
          - table: subscriptions
            sources: [./fake-test-subscriptions.json]
> sls dynamodb seed --seed=domain,test
> sls dynamodb start --seed=domain,test

If seed config is set to true, your configuration will be seeded automatically on startup. You can also put the seed to false to prevent initial seeding to use manual seeding via cli.

[
  {
    "id": "John",
    "name": "Doe",
  },
]

Using DynamoDB Local in your code

You need to add the following parameters to the AWS NODE SDK dynamodb constructor

e.g. for dynamodb document client sdk

var AWS = require('aws-sdk');
new AWS.DynamoDB.DocumentClient({
    region: 'localhost',
    endpoint: 'http://localhost:8000',
    accessKeyId: 'DEFAULT_ACCESS_KEY',  // needed if you don't have aws credentials at all in env
    secretAccessKey: 'DEFAULT_SECRET' // needed if you don't have aws credentials at all in env
})

e.g. for dynamodb document client sdk

new AWS.DynamoDB({
    region: 'localhost',
    endpoint: 'http://localhost:8000',
    accessKeyId: 'DEFAULT_ACCESS_KEY',  // needed if you don't have aws credentials at all in env
    secretAccessKey: 'DEFAULT_SECRET' // needed if you don't have aws credentials at all in env

})

Using with serverless-offline plugin

When using this plugin with serverless-offline, it is difficult to use above syntax since the code should use DynamoDB Local for development, and use DynamoDB Online after provisioning in AWS. Therefore we suggest you to use serverless-dynamodb-client plugin in your code.

The serverless dynamodb start command can be triggered automatically when using serverless-offline plugin. Please note that you still need to install DynamoDB Local first.

Add both plugins to your serverless.yml file:

plugins:
  - serverless-dynamodb-local
  - serverless-offline

Make sure that serverless-dynamodb-local is above serverless-offline so it will be loaded earlier.

Now your local DynamoDB database will be automatically started before running serverless offline.

Using with serverless-offline and serverless-webpack plugin

Run serverless offline start. In comparison with serverless offline, the start command will fire an init and a end lifecycle hook which is needed for serverless-offline and serverless-dynamodb-local to switch off both ressources.

Add plugins to your serverless.yml file:

plugins:
  - serverless-webpack
  - serverless-dynamodb-local
  - serverless-offline #serverless-offline needs to be last in the list

Reference Project

Links

License

MIT

展开阅读全文

代码

评论

点击引领话题📣
暂无内容
发表了博客
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
发表了问答
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
pathval 输入验证错误漏洞
原型污染
pathval是Chai.js团队的一个用于基于 String 字符串来检索和设置对象的 Npm 代码库 pathval 1.1.1之前版本存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
CVE-2020-7751 MPS-2020-15246
2022-08-08 20:37
yargs-parser 输入验证错误漏洞
输入验证不恰当
yargs-parser是一款选项解析器。 yargs-parser 13.1.2之前版本、14.0.0及之后版本(15.0.1版本已修复)和16.0.0及之后版本(18.1.1版本已修复)中存在输入验证错误漏洞。攻击者可借助‘__proto__’payload利用该漏洞添加或修改Object.prototype属性。
CVE-2020-7608 MPS-2020-4006
2022-08-08 20:37
lodash 命令注入漏洞
代码注入
lodash是一个提供模块化、性能和附加功能的现代 JavaScript 实用程序库。 4.17.21 之前的 Lodash 版本容易通过模板函数进行命令注入。
CVE-2021-23337 MPS-2021-2638
2022-08-08 20:37
Npm Node-tar 后置链接漏洞
node-tar是一款用于文件压缩/解压缩的软件包。 Npm Node-tar 中存在后置链接漏洞,该漏洞源于产品未对特殊字符做有效验证。攻击者可通过该漏洞在其他路径创建恶意文件。
CVE-2021-37701 MPS-2021-28486
2022-08-08 20:37
lodash 存在拒绝服务漏洞
拒绝服务
lodash 是一个现代 JavaScript 实用程序库,提供模块化、性能和附加功能。此软件包的受影响版本容易通过 setWith 和 set 函数受到原型污染。
MPS-2022-13842
2022-08-08 20:37
tar 存在拒绝服务漏洞
拒绝服务
tar 是用于 Node.js 的全功能 Tar。此软件包的受影响版本容易受到正则表达式拒绝服务 (ReDoS) 的攻击。
MPS-2022-14081
2022-08-08 20:37
lodash输入验证错误漏洞
原型污染
lodash是一款开源的JavaScript实用程序库。 lodash 4.17.15及之前版本中存在输入验证错误漏洞。远程攻击者可借助'merge'、'mergeWith'和'defaultsDeep'函数利用该漏洞在系统上执行任意代码。
CVE-2020-8203 MPS-2020-15679
2022-08-08 20:37
Amazon Aws-sdk-js 安全漏洞
Amazon Aws-sdk-js是美国亚马逊(Amazon)公司的一个基于Javascript用于为nodejs应用提供AWS服务支持的开发包。 Amazon Aws-sdk-js before 1.0.0-rc.9 存在安全漏洞,攻击者可利用该漏洞向应用程序提交恶意的INI文件,根据上下文进一步加以利用。
CVE-2020-28472 MPS-2021-0649
2022-08-08 20:37
flat 存在拒绝服务漏洞
拒绝服务
flat 是一个使用嵌套的 Javascript 对象并将其展平,或使用分隔键取消展平对象此包的受影响版本容易受到原型污染。
MPS-2022-13681
2022-08-08 20:37
node-tar 路径遍历漏洞
路径遍历
node-tar是一款用于文件压缩/解压缩的软件包。 npm node-tar 存在路径遍历漏洞,该漏洞源于4.4.18、5.0.10和6.1.9之前的npm包“tar”(又名node-tar)存在任意文件创建覆盖和任意代码执行漏洞。攻击者可利用该漏洞访问受限目录之外的位置。
CVE-2021-37713 MPS-2021-28489
2022-08-08 20:37
lodash 存在拒绝服务漏洞
拒绝服务
lodash 是一个现代 JavaScript 实用程序库,提供模块化、性能和附加功能。由于对 CVE-2020-8203 的修复不完整,此软件包的受影响版本容易受到 zipObjectDeep 中的原型污染。
MPS-2022-13841
2022-08-08 20:37
Yargs Y18n 输入验证错误漏洞
动态确定对象属性修改的控制不恰当
Yargs Y18n是Yargs个人开发者的一个类似I18n的由Js编写的代码库。 y18n before 3.2.2, 4.0.1 and 5.0.5版本存在输入验证错误漏洞,该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
CVE-2020-7774 MPS-2020-17543
2022-08-08 20:37
minimist 输入验证错误漏洞
原型污染
minimist是一款命令行参数解析工具。 minimist 1.2.2之前版本存在输入验证错误漏洞。攻击者可借助‘constructor’和‘__proto__’ payload利用该漏洞添加或修改Object.prototype的属性。
CVE-2020-7598 MPS-2020-3516
2022-08-08 20:37
Npm Node-tar 后置链接漏洞
node-tar是一款用于文件压缩/解压缩的软件包。 Npm Node-tar 中存在后置链接漏洞,该漏洞源于产品未对特殊字符做有效验证。攻击者可通过该漏洞在其他路径创建恶意文件。
CVE-2021-37712 MPS-2021-28488
2022-08-08 20:37
没有更多内容
加载失败,请刷新页面
点击加载更多
加载中
下一页
0 评论
0 收藏
分享
OSCHINA
登录后可查看更多优质内容
返回顶部
顶部