RubyGems - awful - Versions diffs - 0.0.131 → 0.0.132 - Mend

awful 0.0.131 → 0.0.132

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/awful/security_group.rb +68 -18
data/lib/awful/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9df02b3f1ece5cedce9a2932ee0f8904a1d0685c
-  data.tar.gz: ad7374123396d7155ec84d6cae57c07d09f98dab
+  metadata.gz: 14133429fbba1f41a835d8d45c39f5373a970934
+  data.tar.gz: c78d296568121425e737eb1101ab6227b4145f1f
 SHA512:
-  metadata.gz: 2cd8a580e571a794911aca602cde857f4d22e6efef782fb973930aa12da8c3c79e1ad4001e4cf2b331095b855ae798b7b1693b9e523dbbec7a082f73960a9dde
-  data.tar.gz: 17d36acb2c6df8fd77cfaf42112358f05a982c3112befd700ce1ee74ebe08934d2a65eb96b816c537668e24c5879c570fdfb2a01cb5b33262f934d3344ab050f
+  metadata.gz: 5d8e26ea411a4c35a932113c54a8123110c5e8bb3910f8514779a3c84b1a6aae59951cfa94cde2b9d3f30606d32db5e7ffb2057a6198ab5ace642a20b2aa8157
+  data.tar.gz: 5535193a7a7fa50171676f61ec315b1ef228a1d041241e4bd29569aff95316abc8ebee71e58b31580b6e85a243c22bfdad676e081fb22687617953bdd0ab694b

data/lib/awful/security_group.rb CHANGED Viewed

@@ -1,20 +1,46 @@
 module Awful
+  module Short
+    def sg(*args)
+      Awful::SecurityGroup.new.invoke(*args)
+    end
+  end
   class SecurityGroup < Cli
-    desc 'ls [NAME]', 'list security groups [matching NAME]'
-    method_option :long, aliases: '-l', default: false, desc: 'Long listing'
-    def ls(name = /./)
-      fields = options[:long] ?
-        ->(s) { [tag_name(s), s.group_id, s.group_name[0..50], s.vpc_id, s.description] } :
-        ->(s) { [s.group_name] }
-      ec2.describe_security_groups.map(&:security_groups).flatten.select do |sg|
-        sg.group_name.match(name) or sg.group_id.match(name)
-      end.map do |sg|
-        fields.call(sg)
-      end.tap do |list|
-        print_table list
+    desc 'ls [IDs]', 'list security groups'
+    method_option :long,     aliases: '-l', type: :boolean, default: false, desc: 'long listing'
+    method_option :ingress,  aliases: '-i', type: :boolean, default: false, desc: 'list ingress permissions'
+    method_option :egress,   aliases: '-o', type: :boolean, default: false, desc: 'list egress permissions'
+    method_option :tags,     aliases: '-t', type: :array,   default: [],    desc: 'List of tags to filter, as key=value'
+    method_option :stack,    aliases: '-s', type: :string,  default: nil,   desc: 'Filter by given stack'
+    method_option :resource, aliases: '-r', type: :string,  default: nil,   desc: 'Filter by given stack resource logical id'
+    def ls(*ids)
+      ## filter by tags
+      filters = []
+      options[:tags].each do |tag|
+        key, value = tag.split('=')
+        filters << {name: "tag:#{key}", values: [value]}
+      end
+      filters << {name: 'tag:aws:cloudformation:stack-name', values: [options[:stack]]}    if options[:stack]
+      filters << {name: 'tag:aws:cloudformation:logical-id', values: [options[:resource]]} if options[:resource]
+      filters = nil if filters.empty? # sdk does not like empty arrays as args
+      ec2.describe_security_groups(group_ids: ids, filters: filters).security_groups.output do |groups|
+        if options[:long]
+          print_table groups.map { |g|
+            [ g.group_name, g.group_id, g.vpc_id, g.description ]
+          }.sort
+        elsif options[:ingress]
+          print_table groups.map { |g|
+            [ g.group_name, g.group_id, g.ip_permissions.map { |p| "#{p.ip_protocol}:#{p.from_port}-#{p.to_port}" }.join(',') ]
+          }.sort
+        elsif options[:egress]
+          print_table groups.map { |g|
+            [ g.group_name, g.group_id, g.ip_permissions_egress.map { |p| "#{p.ip_protocol}:#{p.from_port}-#{p.to_port}" }.join(',') ]
+          }.sort
+        else
+          puts groups.map(&:group_name).sort
+        end
       end
     end
@@ -32,7 +58,7 @@ module Awful
     desc 'dump NAME', 'dump security group with NAME [or ID] as yaml'
     def dump(name)
-      first_matching_sg(name).tap do |sg|
+      first_matching_sg(name).output do |sg|
         puts YAML.dump(stringify_keys(sg.to_hash))
       end
     end
@@ -40,20 +66,44 @@ module Awful
     desc 'inbound NAME', 'show inbound rules for named security group'
     method_option :long, aliases: '-l', default: false, desc: 'Long listing'
     def inbound(name)
-      first_matching_sg(name).ip_permissions.tap do |perms|
+      first_matching_sg(name).ip_permissions.output do |perms|
         sources = ->(perm) { perm.ip_ranges.map(&:cidr_ip) + perm.user_id_group_pairs.map(&:group_id) }
         if options[:long]
           perms.map do |p|
             sources.call(p).map do |s|
               [p.ip_protocol, p.from_port, p.to_port, s]
             end
-          end.flatten(1).tap { |list| print_table list }
+          end.flatten(1).output { |list| print_table list }
         else
           puts perms.map { |p| sources.call(p) }.flatten
         end
       end
     end
-  end
+    desc 'revoke ID [IP_PERMISSIONS]', 'revoke rules from security group'
+    method_option :source_security_group_name,     type: :string, default: nil, desc: 'ip permission'
+    method_option :source_security_group_owner_id, type: :string, default: nil, desc: 'ip permission'
+    method_option :ip_protocol,                    type: :string, default: nil, desc: 'ip permission'
+    method_option :from_port,                      type: :string, default: nil, desc: 'ip permission'
+    method_option :to_port,                        type: :string, default: nil, desc: 'ip permission'
+    method_option :cidr_ip,                        type: :string, default: nil, desc: 'ip permission'
+    def revoke(id, *ip_permissions)
+      ## invoked from code, process ip_permissions objects as args
+      perms = ip_permissions.map do |p|
+        p.to_hash.tap do |h|
+          h[:user_id_group_pairs] = nil if h[:user_id_group_pairs].empty? # sdk will complain if this is empty
+        end
+      end
+      perms = nil if perms.empty?
+      ## can set these on command-line
+      params = %i[source_security_group_name source_security_group_owner_id ip_protocol from_port to_port cidr_ip].each_with_object({}) do |k,h|
+        h[k] = options[k]
+      end
+      ec2.revoke_security_group_ingress(params.merge(group_id: id, ip_permissions: perms))
+    end
-end
+  end
+end

data/lib/awful/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Awful
-  VERSION = '0.0.131'
+  VERSION = '0.0.132'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awful
 version: !ruby/object:Gem::Version
-  version: 0.0.131
+  version: 0.0.132
 platform: ruby
 authors:
 - Ric Lister
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-07-18 00:00:00.000000000 Z
+date: 2016-07-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler