aws-cft-tools 0.1.0

data/lib/aws_cft_tools/runbooks/diff.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+require 'diffy'
+
+module AwsCftTools
+  module Runbooks
+    ##
+    # Images - report on available AMIs
+    #
+    # @example
+    #   % aws-cli diff -e QA        # list the differences between deployed and local definitions for QA
+    #   % aws-cli diff -e QA -r App # list the differences between deployed and local definitions for
+    #                               # the App role in QA
+    #
+    class Diff < Runbook
+      require_relative 'diff/context'
+
+      def run
+        context = Context.new(client.stacks, client.templates, options)
+
+        # now match them up
+        context.report_on_missing_templates
+        context.report_on_missing_stacks
+        context.report_on_differences
+      end
+    end
+  end
+end

data/lib/aws_cft_tools/runbooks/diff/context.rb

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+require 'diffy'
+
+module AwsCftTools
+  module Runbooks
+    class Diff
+      ##
+      # The context of stacks and templates for a Diff report.
+      #
+      class Context
+        attr_reader :stacks, :templates, :options
+
+        ##
+        # The options provided to the +diff+ command to build template diffs.
+        #
+        DIFF_OPTIONS = %w[-w -U5 -t].freeze
+
+        require_relative '../common/templates'
+        require_relative 'context/reporting'
+
+        include Common::Templates
+        include Context::Reporting
+
+        ##
+        # @param stacks [Array<AwsCftTools::Stack>]
+        # @param templates [AwsCftTools::TemplateSet]
+        # @param options [Hash]
+        def initialize(stacks, templates, options = {})
+          @stacks = build_map(stacks)
+          @templates = build_map(templates)
+          @options = options
+        end
+
+        ##
+        # Reports out stacks that do not have corresponding templates.
+        #
+        def report_on_missing_templates
+          output_report_on_missing_templates(stacks.keys - templates.keys)
+        end
+
+        ##
+        # Reports out templates that do not have corresponding stacks.
+        #
+        def report_on_missing_stacks
+          output_report_on_missing_stacks(templates.keys - stacks.keys)
+        end
+
+        ##
+        # Reports on the differences in the template bodies between the set of templates and the
+        # deployed stacks.
+        #
+        def report_on_differences
+          # these are stacks with templates
+          output_report_on_differences(build_diffs)
+        end
+
+        private
+
+        def build_map(list)
+          list.each_with_object({}) do |thing, map|
+            map[thing.name] = thing
+          end
+        end
+
+        def build_diffs
+          stacks
+            .keys
+            .sort
+            .select { |fn| templates[fn] }
+            .each_with_object({}) do |name, acc|
+              acc[name] = build_diff(stacks[name], templates[name])
+            end
+        end
+
+        def build_diff(stack, template)
+          output_type = options[:colorize] ? :color : :text
+          Diffy::Diff.new(
+            stack.template_source, template.template_source_for_aws,
+            include_diff_info: true, diff: DIFF_OPTIONS
+          ).to_s(output_type)
+        end
+      end
+    end
+  end
+end

data/lib/aws_cft_tools/runbooks/diff/context/reporting.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+require 'diffy'
+
+module AwsCftTools
+  module Runbooks
+    class Diff
+      class Context
+        ##
+        # Reporting functions for the Diff context
+        #
+        module Reporting
+          def output_report_on_missing_templates(missing)
+            return if missing.empty?
+            puts "\nStacks with no template:\n  #{missing.sort.join("\n  ")}\n"
+          end
+
+          def output_report_on_missing_stacks(missing)
+            missing = template_filenames(missing)
+            return if missing.empty?
+            puts "\nUndeployed templates:\n  #{missing.sort.join("\n  ")}\n"
+          end
+
+          def output_report_on_differences(diffs)
+            report_on_blank_diffs(diffs)
+            report_on_real_diffs(diffs)
+          end
+
+          private
+
+          def report_on_blank_diffs(diffs)
+            no_diffs = diffs.keys.select { |name| diffs[name].match(/\A\s*\Z/) }
+            return if no_diffs.empty?
+
+            puts "\nTemplates with no changes:\n  #{template_filenames(no_diffs).sort.join("\n  ")}\n"
+          end
+
+          def report_on_real_diffs(diffs)
+            real_diffs = diffs.keys.reject { |name| diffs[name].match(/\A\s*\Z/) }
+
+            return if real_diffs.empty?
+
+            if options[:verbose]
+              report_full_diffs(real_diffs, diffs)
+            else
+              report_list_of_diffs(real_diffs)
+            end
+          end
+
+          def report_full_diffs(names, diffs)
+            names.sort.each do |name|
+              report_pos_diff(templates[name].filename.to_s, diffs[name])
+            end
+          end
+
+          def report_list_of_diffs(real_diffs)
+            puts "\nTemplates with changes:\n  #{template_filenames(real_diffs).sort.join("\n  ")}\n"
+          end
+
+          def template_filenames(stack_names)
+            set = templates.values_at(*stack_names).map(&:filename).map(&:to_s)
+            allowed = options[:templates]
+            if allowed && allowed.any?
+              set & allowed
+            else
+              set
+            end
+          end
+
+          def report_pos_diff(filename, diff)
+            return unless template_in_consideration(options[:templates], filename)
+            puts diff_with_filenames(diff, filename), ''
+          end
+
+          def diff_with_filenames(diff, filename)
+            diff.sub(%r{--- /.*$}, "--- #{filename} @ AWS")
+                .sub(%r{\+\+\+ /.*$}, "+++ #{filename} @ Local")
+          end
+
+          def template_in_consideration(list, filename)
+            !list || list.empty? || list.include?(filename)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aws_cft_tools/runbooks/hosts.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module AwsCftTools
+  module Runbooks
+    ##
+    # Hosts - report on EC2 instances
+    #
+    # @example
+    #   % aws-cli hosts                  # list all known EC2 instances
+    #   % aws-cli hosts -e QA            # list all known EC2 instances in the QA environment
+    #   % aws-cli hosts -r Bastion -e QA # list all known Bastion hosts in the QA environment
+    #
+    class Hosts < Runbook::Report
+      ###
+      # @return [Array<OpenStruct>]
+      #
+      def items
+        client.instances.sort_by(&method(:sort_key))
+      end
+
+      ###
+      # @return [Array<String>]
+      #
+      def columns
+        %w[public_ip private_ip] + environment_column + role_column + ['instance']
+      end
+
+      private
+
+      def sort_key(host)
+        [host.environment, host.role, host.ip].compact
+      end
+
+      def environment_column
+        options[:environment] ? [] : ['environment']
+      end
+
+      def role_column
+        options[:role] ? [] : ['role']
+      end
+    end
+  end
+end

data/lib/aws_cft_tools/runbooks/images.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module AwsCftTools
+  module Runbooks
+    ##
+    # Images - report on available AMIs
+    #
+    # @example
+    #   % aws-cli images              # list all known AMIs
+    #   % aws-cli images -e QA        # list all known AMIs tagged for the QA environment
+    #   % aws-cli images -e QA -r App # list all known AMIs tagged for the QA environment and App role
+    #
+    class Images < Runbook::Report
+      ###
+      # @return [Array<OpenStruct>]
+      #
+      def items
+        client.images.sort_by(&method(:sort_key))
+      end
+
+      ###
+      # @return [Array<String>]
+      #
+      def columns
+        environment_column + role_column + %w[created_at public type image_id]
+      end
+
+      private
+
+      def sort_key(image)
+        [image.environment, image.role, image.created_at].compact
+      end
+
+      def environment_column
+        options[:environment] ? [] : ['environment']
+      end
+
+      def role_column
+        options[:role] ? [] : ['role']
+      end
+    end
+  end
+end

data/lib/aws_cft_tools/runbooks/init.rb

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+module AwsCftTools
+  module Runbooks
+    ##
+    # Deploy - manage CloudFormation stack deployment
+    #
+    # @example
+    #   % aws-cli init # create skeleton project in the current directory
+    #
+    class Init < Runbook
+      ##
+      # The default project configuration file.
+      #
+      DEFAULT_CONFIG = <<~EOF
+        ---
+        ###
+        # Values in this file override the defaults in aws-cft. Command line options override these values.
+        #
+        # This is a good place to put project- or account-wide defaults for teams using the templates in this
+        # repo.
+        ###
+
+        ###
+        # By default, we want as much detail as possible.
+        #
+        :verbose: true
+
+        ###
+        # When different templates have nothing indicating their relative ordering, they are ordered based on the
+        # directory/folder in which they appear ordered by this list.
+        #
+        :template_folder_priorities:
+          - vpcs
+          - networks
+          - security
+          - data-resources
+          - data-services
+          - applications
+      EOF
+
+      ##
+      # The template role directories to build out when creating a project.
+      #
+      TEMPLATE_ROLES = %w[applications data-resources data-services networks security vpcs].freeze
+
+      ##
+      # The different types of files used when managing templates and stacks.
+      #
+      FILE_TYPES = %w[parameters templates].freeze
+
+      def run
+        ensure_project_directory
+        ensure_cloudformation_directories
+        ensure_config_file
+      end
+
+      private
+
+      def ensure_config_file
+        operation('Creating configuration file') do
+          file = options[:root] + options[:config_file]
+          if file.exist?
+            narrative 'Configuration file already exists. Not overwriting.'
+          else
+            doing { file.write(DEFAULT_CONFIG) }
+          end
+        end
+      end
+
+      def ensure_project_directory
+        ensure_directory(options[:root])
+      end
+
+      def ensure_cloudformation_directories
+        FILE_TYPES.product(TEMPLATE_ROLES).map { |list| list.join('/') }.each do |dir|
+          ensure_directory(options[:root] + 'cloudformation/' + dir)
+        end
+      end
+
+      def ensure_directory(dir)
+        operation("Ensure #{dir} exists") { dir.mkpath }
+      end
+    end
+  end
+end

data/lib/aws_cft_tools/runbooks/retract.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'forwardable'
+require 'table_print'
+require 'securerandom'
+
+module AwsCftTools
+  module Runbooks
+    ##
+    # Retract - manage CloudFormation stack retraction
+    #
+    # @example
+    #   % aws-cft retract -e QA               # delete all templates in the QA environment
+    #   % aws-cft retract -e Staging -n -v    # narrate the templates that would be deleted in Staging
+    #   % aws-cft retract -e Production -c -v # narrate the changes implied by deleting stacks in Production
+    #
+    class Retract < Runbook
+      require_relative 'common/changesets'
+      require_relative 'retract/templates'
+
+      extend Forwardable
+
+      include Common::Changesets
+      include Templates
+
+      def_delegators :client, :images, :stacks
+
+      def run
+        report_template_dependencies
+
+        detail do
+          tp(free_templates, ['filename'])
+        end
+
+        remove_deployed_templates
+      end
+
+      private
+
+      ##
+      # run appropriate update function against deployed templates/stacks
+      #
+      def remove_deployed_templates
+        free_templates.each(&method(:remove_deployed_template))
+      end
+
+      def remove_deployed_template(template)
+        operation("Removing: #{template.name}") do
+          checking { narrate_changes(client.changes_on_stack_delete(template, changeset_set)) }
+          doing { client.delete_stack(template) }
+        end
+      end
+
+      ##
+      # report_undefined_image - provide list of undefined imports that block stack deployment
+      #
+      def report_template_dependencies
+        diff = (templates - free_templates).map { |template| template.filename.to_s }
+        error_on_dependencies(diff) if diff.any?
+      end
+
+      def error_on_dependencies(templates)
+        puts '*** Unable to remove templates.'
+        puts 'The following templates are dependencies for templates not marked for removal: ', templates
+        exit 1
+      end
+    end
+  end
+end