RubyGems - awful - Versions diffs - 0.0.173 → 0.0.174 - Mend

awful 0.0.173 → 0.0.174

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/awful/security_group.rb +75 -23
data/lib/awful/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c0e7ce04e338786aaff27a8aff634b4b2359d6b0
-  data.tar.gz: 227b9e77e562cd83ba2e42da2a6fcb4fe2968785
+  metadata.gz: 6f7761e2b6a9222e092a65157fc986f451228822
+  data.tar.gz: b04a5adbbabc50bbe3d84b0b78148585d28d5255
 SHA512:
-  metadata.gz: 23e28b5ed32c58399acc4d8039c5d5db9386fd309e010f99d6710f0a9ac42962bd617f1c1954106f7df7ea00d9656847fb73b86a04199f0d838c9ce3bf02559a
-  data.tar.gz: e7b2df9a0151c931b3a066fae151dd9e6b603249279d03e5861d8d89adc5d39a667f73387e0a323693af9f3569641411e7904bd83347a54eb8952f58d11ec615
+  metadata.gz: e7dd7b3696bd83ae497ca9b4c960ab49da92d7fc7a889be76caaa6d06c4d44534fa74c976d3c86ace5b4186aa3fb96a3b312edab833f1acd0f19cafe39ea5911
+  data.tar.gz: 2efeddbe73e96d82d2a83fa878aa6c2d75eada26d20385704ce67c013dc18a28316c01b81436ae6a8f970c3ce05207b968abd68ef685b21af334990dbfe1aec7

data/lib/awful/security_group.rb CHANGED

@@ -1,3 +1,5 @@
+require 'open-uri'
 module Awful
   module Short
     def sg(*args)
@@ -54,6 +56,20 @@ module Awful
         end
       end
+      ## get security group by name or id
+      def get_id(name)
+        if name.match(/^sg-[\d[a-f]]{8}$/)
+          name
+        else
+          ec2.describe_security_groups(filters: [{name: 'group-name', values: [name]}]).security_groups.first.group_id
+        end
+      end
+      ## lookup my IP as a CIDR
+      def get_my_ip
+        open('http://v4.ident.me/').read + '/32'
+      end
     end
     desc 'dump NAME', 'dump security group with NAME [or ID] as yaml'
@@ -80,32 +96,68 @@ module Awful
       end
     end
-    desc 'revoke ID [IP_PERMISSIONS]', 'revoke rules from security group'
-    method_option :source_security_group_name,     type: :string, default: nil, desc: 'ip permission'
-    method_option :source_security_group_owner_id, type: :string, default: nil, desc: 'ip permission'
-    method_option :ip_protocol,                    type: :string, default: nil, desc: 'ip permission'
-    method_option :from_port,                      type: :string, default: nil, desc: 'ip permission'
-    method_option :to_port,                        type: :string, default: nil, desc: 'ip permission'
-    method_option :cidr_ip,                        type: :string, default: nil, desc: 'ip permission'
-    def revoke(id, *ip_permissions)
-      ## invoked from code, process ip_permissions objects as args
-      perms = ip_permissions.map do |p|
-        p.to_hash.tap do |h|
-          h.each do |k,v|
-            h[k] = nil if (v.respond_to?(:empty?) && v.empty?) # no empty arrays, e.g. user_group_id_pairs, prefix_list_ids
-          end
-        end
-      end
+    desc 'authorize NAME|ID', 'authorize ingress for a security group'
+    method_option :port,     aliases: '-p', type: :numeric, default: 22,    desc: 'port to allow'
+    method_option :from_port,               type: :numeric, default: nil,   desc: 'start of port range'
+    method_option :to_port,                 type: :numeric, default: nil,   desc: 'end of port range'
+    method_option :protocol, aliases: '-P', type: :string,  default: 'tcp', desc: 'protocol to auth'
+    method_option :cidr,     aliases: '-c', type: :string,  default: nil,   desc: 'CIDR range to allow'
+    def authorize(name)
+      ec2.authorize_security_group_ingress(
+        group_id:    get_id(name),
+        ip_protocol: options[:protocol],
+        from_port:   options[:from_port] || options[:port],
+        to_port:     options[:to_port]   || options[:port],
+        cidr_ip:     options[:cidr] || get_my_ip,
+      )
+    rescue Aws::EC2::Errors::InvalidPermissionDuplicate => e
+      warn(e.message)
+    end
-      perms = nil if perms.empty?
+    desc 'revoke NAME|ID', 'revoke ingress for a security group'
+    method_option :port,     aliases: '-p', type: :numeric, default: 22,    desc: 'port to allow'
+    method_option :from_port,               type: :numeric, default: nil,   desc: 'start of port range'
+    method_option :to_port,                 type: :numeric, default: nil,   desc: 'end of port range'
+    method_option :protocol, aliases: '-P', type: :string,  default: 'tcp', desc: 'protocol to revoke'
+    method_option :cidr,     aliases: '-c', type: :string,  default: nil,   desc: 'CIDR range to revoke'
+    def revoke(name)
+      ec2.revoke_security_group_ingress(
+        group_id:    get_id(name),
+        ip_protocol: options[:protocol],
+        from_port:   options[:from_port] || options[:port],
+        to_port:     options[:to_port]   || options[:port],
+        cidr_ip:     options[:cidr] || get_my_ip,
+      )
+    rescue Aws::EC2::Errors::InvalidPermissionNotFound => e
+      warn(e.message)
+    end
-      ## can set these on command-line
-      params = %i[source_security_group_name source_security_group_owner_id ip_protocol from_port to_port cidr_ip].each_with_object({}) do |k,h|
-        h[k] = options[k]
-      end
+    # desc 'revoke ID [IP_PERMISSIONS]', 'revoke rules from security group'
+    # method_option :source_security_group_name,     type: :string, default: nil, desc: 'ip permission'
+    # method_option :source_security_group_owner_id, type: :string, default: nil, desc: 'ip permission'
+    # method_option :ip_protocol,                    type: :string, default: nil, desc: 'ip permission'
+    # method_option :from_port,                      type: :string, default: nil, desc: 'ip permission'
+    # method_option :to_port,                        type: :string, default: nil, desc: 'ip permission'
+    # method_option :cidr_ip,                        type: :string, default: nil, desc: 'ip permission'
+    # def revoke(id, *ip_permissions)
+    #   ## invoked from code, process ip_permissions objects as args
+    #   perms = ip_permissions.map do |p|
+    #     p.to_hash.tap do |h|
+    #       h.each do |k,v|
+    #         h[k] = nil if (v.respond_to?(:empty?) && v.empty?) # no empty arrays, e.g. user_group_id_pairs, prefix_list_ids
+    #       end
+    #     end
+    #   end
-      ec2.revoke_security_group_ingress(params.merge(group_id: id, ip_permissions: perms))
-    end
+    #   perms = nil if perms.empty?
+    #   ## can set these on command-line
+    #   params = %i[source_security_group_name source_security_group_owner_id ip_protocol from_port to_port cidr_ip].each_with_object({}) do |k,h|
+    #     h[k] = options[k]
+    #   end
+    #   ec2.revoke_security_group_ingress(params.merge(group_id: id, ip_permissions: perms))
+    # end
   end
 end

data/lib/awful/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Awful
-  VERSION = '0.0.173'
+  VERSION = '0.0.174'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awful
 version: !ruby/object:Gem::Version
-  version: 0.0.173
+  version: 0.0.174
 platform: ruby
 authors:
 - Ric Lister
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-05-01 00:00:00.000000000 Z
+date: 2017-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler