aptible-cli 0.24.10 → 0.26.1

data/lib/aptible/cli/subcommands/db.rb

@@ -27,6 +27,21 @@ module Aptible
                   accounts = scoped_environments(options)
                   acc_map = environment_map(accounts)
 
+                  # the below is done because an rds resource can belong to
+                  # multiple accounts or none. we go through and iterate
+                  # through all external_aws_resources and print them based
+                  # on connections. To avoid repeated API calls, we keep
+                  # them in these maps and only fetch relations when
+                  # necessary.
+                  rds_map = {}
+                  accts_rds_map = {}
+                  begin
+                    rds_map, accts_rds_map = fetch_rds_databases_with_accounts
+                  rescue StandardError => e
+                    CLI.logger.warn 'Unable to fetch RDS databases: ' \
+                                    "#{e.message}"
+                  end
+
                   if Renderer.format == 'json'
                     accounts.each do |account|
                       account.each_database do |db|
@@ -34,12 +49,23 @@ module Aptible
                           ResourceFormatter.inject_database(n, db, account)
                         end
                       end
+                      next unless accts_rds_map.key? account.id
+
+                      accts_rds_map[account.id].each do |rds_db|
+                        rds_map.delete(rds_db.id)
+                        node.object do |n|
+                          ResourceFormatter.inject_database_minimal(
+                            n,
+                            rds_db,
+                            account
+                          )
+                        end
+                      end
                     end
                   else
                     databases_all.each do |db|
                       account = acc_map[db.links.account.href]
                       next if account.nil?
-
                       node.object do |n|
                         ResourceFormatter.inject_database_minimal(
                           n,
@@ -48,6 +74,34 @@ module Aptible
                         )
                       end
                     end
+                    accounts.each do |account|
+                      next unless accts_rds_map.key? account.id
+
+                      accts_rds_map[account.id].each do |rds_db|
+                        rds_map.delete(rds_db.id)
+                        node.object do |n|
+                          ResourceFormatter.inject_database_minimal(
+                            n,
+                            rds_db,
+                            account
+                          )
+                        end
+                      end
+                    end
+                  end
+
+                  # Render unattached RDS databases, but exclude
+                  # if environment filter set
+                  unless options[:environment]
+                    rds_map.each_value do |db|
+                      node.object do |n|
+                        ResourceFormatter.inject_database_minimal(
+                          n,
+                          db,
+                          rds_shell_account
+                        )
+                      end
+                    end
                   end
                 end
               end
@@ -232,9 +286,13 @@ module Aptible
             define_method 'db:dump' do |handle, *dump_options|
               telemetry(__method__, options.merge(handle: handle))
 
+              filename = "#{handle}.dump"
+              if aws_rds_db?(handle)
+                return use_rds_dump(handle, filename, dump_options)
+              end
+
               database = ensure_database(options.merge(db: handle))
               with_postgres_tunnel(database) do |url|
-                filename = "#{handle}.dump"
                 CLI.logger.info "Dumping to #{filename}"
                 `pg_dump #{url} #{dump_options.shelljoin} > #{filename}`
                 exit $CHILD_STATUS.exitstatus unless $CHILD_STATUS.success?
@@ -252,6 +310,10 @@ module Aptible
               )
               telemetry(__method__, opts)
 
+              if aws_rds_db?(handle)
+                return use_rds_execute(handle, sql_path, options)
+              end
+
               database = ensure_database(options.merge(db: handle))
               with_postgres_tunnel(database) do |url|
                 CLI.logger.info "Executing #{sql_path} against #{handle}"
@@ -269,8 +331,10 @@ module Aptible
               telemetry(__method__, options.merge(handle: handle))
 
               desired_port = Integer(options[:port] || 0)
-              database = ensure_database(options.merge(db: handle))
 
+              return use_rds_tunnel(handle, desired_port) if aws_rds_db?(handle)
+
+              database = ensure_database(options.merge(db: handle))
               credential = find_credential(database, options[:type])
 
               m = "Creating #{credential.type} tunnel to #{database.handle}..."

data/lib/aptible/cli/subcommands/deploy.rb

@@ -2,9 +2,8 @@ module Aptible
   module CLI
     module Subcommands
       module Deploy
-        DOCKER_IMAGE_DEPLOY_ARGS = Hash[%w(
+        DEPRECATED_ENV = Hash[%w(
           APTIBLE_DOCKER_IMAGE
-          APTIBLE_PRIVATE_REGISTRY_EMAIL
           APTIBLE_PRIVATE_REGISTRY_USERNAME
           APTIBLE_PRIVATE_REGISTRY_PASSWORD
         ).map do |var|
@@ -40,11 +39,23 @@ module Aptible
                                        desc: 'This option only affects new ' \
                                              'services, not existing ones. ' \
                                              'Examples: m c r'
-            DOCKER_IMAGE_DEPLOY_ARGS.each_pair do |opt, var|
-              option opt,
-                     type: :string, banner: var,
-                     desc: "Shorthand for #{var}=..."
-            end
+
+            option :docker_image,
+                   type: :string,
+                   desc: 'The docker image to deploy. If none specified, ' \
+                         'the currently deployed image will be pulled again'
+            option :private_registry_username,
+                   type: :string,
+                   desc: 'Username for Docker images located in a private ' \
+                        'repository'
+            option :private_registry_password,
+                   type: :string,
+                   desc: 'Password for Docker images located in a private ' \
+                         'repository'
+            option :private_registry_email,
+                   type: :string,
+                   desc: 'This parameter is deprecated'
+
             app_options
             def deploy(*args)
               telemetry(__method__, options)
@@ -62,20 +73,43 @@ module Aptible
 
               env = extract_env(args)
 
-              DOCKER_IMAGE_DEPLOY_ARGS.each_pair do |opt, var|
+              DEPRECATED_ENV.each_pair do |opt, var|
                 val = options[opt]
+                dasherized = "--#{opt.to_s.tr('_', '-')}"
+                if env[var]
+                  m = "WARNING: The environment variable #{var} " \
+                      'will be deprecated. Use the option ' \
+                      "#{dasherized}, instead."
+                  CLI.logger.warn m
+                end
                 next unless val
                 if env[var] && env[var] != val
-                  dasherized = "--#{opt.to_s.tr('_', '-')}"
                   raise Thor::Error, "The options #{dasherized} and #{var} " \
                                      'cannot be set to different values'
                 end
-                env[var] = val
+              end
+
+              settings = {}
+              sensitive_settings = {}
+
+              if options[:docker_image]
+                settings['APTIBLE_DOCKER_IMAGE'] = options[:docker_image]
+              end
+
+              if options[:private_registry_username]
+                sensitive_settings['APTIBLE_PRIVATE_REGISTRY_USERNAME'] =
+                  options[:private_registry_username]
+              end
+              if options[:private_registry_password]
+                sensitive_settings['APTIBLE_PRIVATE_REGISTRY_PASSWORD'] =
+                  options[:private_registry_password]
               end
 
               opts = {
                 type: 'deploy',
                 env: env,
+                settings: settings,
+                sensitive_settings: sensitive_settings,
                 git_ref: git_ref,
                 container_count: options[:container_count],
                 container_size: options[:container_size],
@@ -84,7 +118,7 @@ module Aptible
 
               allow_it = [
                 opts[:git_ref],
-                opts[:env].try(:[], 'APTIBLE_DOCKER_IMAGE'),
+                opts[:settings].try(:[], 'APTIBLE_DOCKER_IMAGE'),
                 app.status == 'provisioned'
               ].any? { |x| x }
 

data/lib/aptible/cli/subcommands/endpoints.rb

@@ -160,7 +160,6 @@ module Aptible
               port!
               tls!
               alb!
-              shared!
             end
 
             desc 'endpoints:https:create [--app APP] SERVICE',
@@ -180,7 +179,6 @@ module Aptible
               port!
               tls!
               alb!
-              shared!
             end
 
             desc 'endpoints:https:modify [--app APP] ENDPOINT_HOSTNAME',

data/lib/aptible/cli/subcommands/organizations.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module Aptible
+  module CLI
+    module Subcommands
+      module Organizations
+        def self.included(thor)
+          thor.class_eval do
+            include Helpers::Token
+            include Helpers::Telemetry
+
+            desc 'organizations', 'List all organizations'
+            def organizations
+              telemetry(__method__, options)
+
+              user_orgs_and_roles = {}
+              begin
+                roles = whoami.roles_with_organizations
+              rescue HyperResource::ClientError => e
+                raise Thor::Error, e.message
+              end
+              roles.each do |role|
+                user_orgs_and_roles[role.organization.id] ||= {
+                  'org' => role.organization,
+                  'roles' => []
+                }
+                user_orgs_and_roles[role.organization.id]['roles'] << role
+              end
+              Formatter.render(Renderer.current) do |root|
+                root.list do |list|
+                  user_orgs_and_roles.each do |org_id, org_and_role|
+                    org = org_and_role['org']
+                    roles = org_and_role['roles']
+                    list.object do |node|
+                      node.value('id', org_id)
+                      node.value('name', org.name)
+                      node.list('roles') do |roles_list|
+                        roles.each do |role|
+                          roles_list.object do |role_node|
+                            role_node.value('id', role.id)
+                            role_node.value('name', role.name)
+                          end
+                        end
+                      end
+                    end
+                  end
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aptible/cli/subcommands/services.rb

@@ -28,16 +28,22 @@ module Aptible
             desc 'services:settings SERVICE'\
                    ' [--force-zero-downtime|--no-force-zero-downtime]'\
                    ' [--simple-health-check|--no-simple-health-check]'\
+                   ' [--restart-free-scaling|--no-restart-free-scaling]'\
                    ' [--stop-timeout SECONDS]',
                  'Modifies the deployment settings for a service'
             app_options
             option :force_zero_downtime,
-                   type: :boolean, default: false,
+                   type: :boolean,
                    desc: 'Force zero downtime deployments.'\
                    ' Has no effect if service has an associated Endpoint'
             option :simple_health_check,
-                   type: :boolean, default: false,
+                   type: :boolean,
                    desc: 'Use a simple uptime healthcheck during deployments'
+            option :restart_free_scaling,
+                   type: :boolean,
+                   desc: 'When enabled, scaling operations that only change '\
+                         'the number of containers will not restart existing '\
+                         'containers'
             option :stop_timeout,
                    type: :numeric,
                    desc: 'The number of seconds to wait for the service '\
@@ -46,13 +52,19 @@ module Aptible
               telemetry(__method__, options.merge(service: service))
 
               service = ensure_service(options, service)
+
               updates = {}
-              updates[:force_zero_downtime] =
-                options[:force_zero_downtime] if options[:force_zero_downtime]
-              updates[:naive_health_check] =
-                options[:simple_health_check] if options[:simple_health_check]
-              updates[:stop_timeout] =
-                options[:stop_timeout] if options[:stop_timeout]
+              vars = [
+                :force_zero_downtime, :simple_health_check,
+                :restart_free_scaling, :stop_timeout
+              ]
+              vars.each { |v| updates[v] = options[v] unless options[v].nil? }
+              # The var we use with users is different than what the API
+              # expects, so we have to map it.
+              unless updates[:simple_health_check].nil?
+                updates[:naive_health_check] = \
+                  updates.delete(:simple_health_check)
+              end
 
               service.update!(**updates) if updates.any?
             end

data/lib/aptible/cli/version.rb

@@ -1,5 +1,5 @@
 module Aptible
   module CLI
-    VERSION = '0.24.10'.freeze
+    VERSION = '0.26.1'.freeze
   end
 end

data/spec/aptible/cli/helpers/database_spec.rb

@@ -33,4 +33,122 @@ describe Aptible::CLI::Helpers::Database do
       expect(subject.validate_image_type(pg.type)).to be(true)
     end
   end
+
+  describe '#derive_account_from_conns' do
+    let(:stack) { Fabricate(:stack) }
+    let(:account1) { Fabricate(:account, handle: 'account1', stack: stack) }
+    let(:account2) { Fabricate(:account, handle: 'account2', stack: stack) }
+    let(:app1) { Fabricate(:app, account: account1) }
+    let(:app2) { Fabricate(:app, account: account2) }
+
+    let(:raw_rds_resource) do
+      Fabricate(:external_aws_resource, resource_type: 'aws_rds_db_instance')
+    end
+
+    let(:rds_db) do
+      Aptible::CLI::Helpers::Database::RdsDatabase.new(
+        'aws:rds::test-db',
+        raw_rds_resource.id,
+        raw_rds_resource.created_at,
+        raw_rds_resource
+      )
+    end
+
+    let(:conn1) do
+      double('connection1', present?: true, app: app1)
+    end
+
+    let(:conn2) do
+      double('connection2', present?: true, app: app2)
+    end
+
+    before do
+      allow(app1).to receive(:account).and_return(account1)
+      allow(app2).to receive(:account).and_return(account2)
+    end
+
+    context 'when connections are empty' do
+      it 'returns nil' do
+        raw_rds_resource.instance_variable_set(
+          :@app_external_aws_rds_connections,
+          []
+        )
+
+        result = subject.derive_account_from_conns(rds_db)
+        expect(result).to be_nil
+      end
+    end
+
+    context 'when no preferred account is specified' do
+      it 'returns the account from the first connection' do
+        raw_rds_resource.instance_variable_set(
+          :@app_external_aws_rds_connections,
+          [conn1, conn2]
+        )
+
+        result = subject.derive_account_from_conns(rds_db)
+        expect(result).to eq(account1)
+      end
+
+      it 'handles a single connection' do
+        raw_rds_resource.instance_variable_set(
+          :@app_external_aws_rds_connections,
+          [conn2]
+        )
+
+        result = subject.derive_account_from_conns(rds_db)
+        expect(result).to eq(account2)
+      end
+    end
+
+    context 'when a preferred account is specified' do
+      it 'returns the matching account when found' do
+        raw_rds_resource.instance_variable_set(
+          :@app_external_aws_rds_connections,
+          [conn1, conn2]
+        )
+
+        result = subject.derive_account_from_conns(rds_db, account2)
+        expect(result).to eq(account2)
+      end
+
+      it 'returns nil when no matching connection is found' do
+        account3 = Fabricate(:account, handle: 'account3', stack: stack)
+        raw_rds_resource.instance_variable_set(
+          :@app_external_aws_rds_connections,
+          [conn1, conn2]
+        )
+
+        result = subject.derive_account_from_conns(rds_db, account3)
+        expect(result).to be_nil
+      end
+
+      it 'skips connections where conn.present? is false' do
+        conn_not_present = double('connection_not_present', present?: false)
+        raw_rds_resource.instance_variable_set(
+          :@app_external_aws_rds_connections,
+          [conn_not_present, conn2]
+        )
+
+        result = subject.derive_account_from_conns(rds_db, account2)
+        expect(result).to eq(account2)
+      end
+
+      it 'returns the first matching account when multiple matches exist' do
+        app1_duplicate = Fabricate(:app, account: account1)
+        allow(app1_duplicate).to receive(:account).and_return(account1)
+        conn1_duplicate = double('connection1_dup',
+                                 present?: true,
+                                 app: app1_duplicate)
+
+        raw_rds_resource.instance_variable_set(
+          :@app_external_aws_rds_connections,
+          [conn1, conn1_duplicate]
+        )
+
+        result = subject.derive_account_from_conns(rds_db, account1)
+        expect(result).to eq(account1)
+      end
+    end
+  end
 end

data/spec/aptible/cli/helpers/token_spec.rb

@@ -7,6 +7,10 @@ describe Aptible::CLI::Helpers::Token do
 
   subject { Class.new.send(:include, described_class).new }
 
+  let(:token) { 'test-token' }
+  let(:user) { double('user', id: 'user-id', email: 'test@example.com') }
+  let(:auth_token) { double('auth_token', user: user) }
+
   describe '#save_token / #fetch_token' do
     it 'reads back a token it saved' do
       subject.save_token('foo')
@@ -38,4 +42,70 @@ describe Aptible::CLI::Helpers::Token do
       end
     end
   end
+
+  describe '#current_token' do
+    before do
+      subject.save_token(token)
+    end
+
+    it 'returns the current auth token' do
+      expect(Aptible::Auth::Token).to receive(:current_token)
+        .with(token: token)
+        .and_return(auth_token)
+
+      expect(subject.current_token).to eq(auth_token)
+    end
+
+    it 'raises Thor::Error on 401 unauthorized' do
+      response = Faraday::Response.new(status: 401)
+      error = HyperResource::ClientError.new(
+        '401 (invalid_token) Invalid Token', response: response
+      )
+      expect(Aptible::Auth::Token).to receive(:current_token)
+        .with(token: token)
+        .and_raise(error)
+
+      expect { subject.current_token }
+        .to raise_error(Thor::Error, /Invalid Token/)
+    end
+
+    it 'raises Thor::Error on 403 forbidden' do
+      response = Faraday::Response.new(status: 403)
+      error = HyperResource::ClientError.new('403 (forbidden) Access denied',
+                                             response: response)
+      expect(Aptible::Auth::Token).to receive(:current_token)
+        .with(token: token)
+        .and_raise(error)
+
+      expect { subject.current_token }
+        .to raise_error(Thor::Error, /Access denied/)
+    end
+  end
+
+  describe '#whoami' do
+    before do
+      subject.save_token(token)
+    end
+
+    it 'returns the current user' do
+      expect(Aptible::Auth::Token).to receive(:current_token)
+        .with(token: token)
+        .and_return(auth_token)
+
+      expect(subject.whoami).to eq(user)
+    end
+
+    it 'raises Thor::Error on API error' do
+      response = Faraday::Response.new(status: 401)
+      error = HyperResource::ClientError.new(
+        '401 (invalid_token) Invalid Token', response: response
+      )
+      expect(Aptible::Auth::Token).to receive(:current_token)
+        .with(token: token)
+        .and_raise(error)
+
+      expect { subject.whoami }
+        .to raise_error(Thor::Error, /Invalid Token/)
+    end
+  end
 end