aws-must-templates 0.1.6 → 0.2.1

data/spec/mustache/resourceInstance_spec.rb

@@ -13,20 +13,37 @@ describe template_under_test do
 
     # hide partials
     allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).and_return( "" )
+    allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( /common/ ).and_call_original
+    allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( :resourceInstanceInitialize ).and_return( '{}' )
     # verify that template_under_test actually used
     expect_any_instance_of( AwsMust::Template ).to receive( :get_template ).with( template_under_test  ).and_call_original
 
   end
 
+
+  # ------------------------------------------------------------------
+  # default
   it "#default'" do
 
     expect_str= <<-EOS
-           "koe" : {"Type":"AWS::EC2::Instance", "Metadata":{}, "Properties":{"ImageId":{"Fn::FindInMap":["AWSRegionArch2AMI", {"Ref":"AWS::Region"}, {"Fn::FindInMap":["AWSInstanceType2Arch", "commonInstanceType-partial called", "Arch"]}]}, "InstanceType":"commonInstanceType-partial called", "Tags":[], "SecurityGroupIds":[], "UserData":{}}}
+           "koe" : {"Type":"AWS::EC2::Instance"
+                     , "DependsOn": "riippuu"
+                     , "Metadata":{}
+                     , "Properties":{
+                           "ImageId":{"Fn::FindInMap":["AWSRegionArch2AMI", {"Ref":"AWS::Region"}, {"Fn::FindInMap":["AWSInstanceType2Arch", "commonInstanceType-partial called", "Arch"]}]}
+                         , "InstanceType":"commonInstanceType-partial called"
+                         , "Tags":[{"Key":"Name", "Value":"koe"}]
+                         , "SecurityGroupIds":[]
+                         , "UserData":{}
+                         , "SourceDestCheck": true
+                     }
+                   }
     EOS
 
     yaml_text = <<-EOF
       Name: koe
       InstanceType: t2.micro
+      DependsOn: riippuu
     EOF
 
     # debug
@@ -46,6 +63,90 @@ describe template_under_test do
 
   end
 
+  # ------------------------------------------------------------------
+  # SourceDestCheck
+
+  it "#SourceDestCheck" do
+
+    expect_str= <<-EOS
+           "koesource_dest_check" : {
+               "Type":"AWS::EC2::Instance"
+              , "Metadata":{}
+              , "Properties":{
+                    "ImageId":{"Fn::FindInMap":["AWSRegionArch2AMI", {"Ref":"AWS::Region"}, {"Fn::FindInMap":["AWSInstanceType2Arch", "commonInstanceType-partial called", "Arch"]}]}
+                    , "InstanceType":"commonInstanceType-partial called"
+                    , "Tags":[{"Key":"Name", "Value":"koesource_dest_check"}]
+                    , "SecurityGroupIds":[]
+                    , "UserData":{}
+                    , "SourceDestCheck": false
+               }
+            }
+    EOS
+
+    yaml_text = <<-EOF
+      Name: koesource_dest_check
+      InstanceType: t2.micro
+      SourceDestCheck: "false"
+    EOF
+
+    # debug
+    # puts json_sanitize( expect_str, nil  )
+
+    # stub partials 
+    expect_any_instance_of( AwsMust::Template ).to receive( :partial ).with( :commonInstanceType ).twice.and_return( '"commonInstanceType-partial called"' )
+    expect_any_instance_of( AwsMust::Template ).to receive( :partial ).with( :resourceInstanceInitialize ).and_return( '{}' )
+
+    render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
+    
+    # debug
+    # puts "render_str=#{render_str}"
+    # puts json_sanitize( render_str, nil  )
+
+    expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil  ))
+
+  end
+
+  # ------------------------------------------------------------------
+  # 
+
+
+  it "#MapRegionToImageId" do
+
+    expect_str= <<-EOS
+           "koesource_dest_check" : {
+               "Type":"AWS::EC2::Instance"
+              , "Metadata":{}
+              , "Properties":{
+                    "ImageId": {"Fn::FindInMap" : ["mappaa", {"Ref" : "AWS::Region"}, "AMI"]}
+                    , "InstanceType": "t2.micro"
+                    , "Tags":[{"Key":"Name", "Value":"koesource_dest_check"}]
+                    , "SecurityGroupIds":[]
+                    , "UserData":{}
+                    , "SourceDestCheck": true
+               }
+            }
+    EOS
+
+    yaml_text = <<-EOF
+      Name: koesource_dest_check
+      InstanceType: t2.micro
+      MapRegionToImageId: mappaa
+    EOF
+
+    # debug
+    # puts json_sanitize( expect_str, nil  )
+
+    # stub partials 
+    render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
+    
+    # debug
+    # puts "render_str=#{render_str}"
+    # puts json_sanitize( render_str, nil  )
+
+    expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil  ))
+
+  end
+
 
 end
 

data/spec/mustache/resourceInternetGateway_spec.rb

@@ -13,6 +13,8 @@ describe template_under_test do
 
     # hide partials
     allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).and_return( "" )
+    allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( /common/).and_call_original
+
     # verify that template_under_test actually used
     expect_any_instance_of( AwsMust::Template ).to receive( :get_template ).with( template_under_test  ).and_call_original
 
@@ -25,26 +27,26 @@ describe template_under_test do
         "koe" : {
             "Type" : "AWS::EC2::InternetGateway",
             "Properties" : {
-               "Tags" : [ ]
+               "Tags" : [ {"Key":"Name", "Value":"koe"} ]
             }
          },
         
-        "Attach" : {
+        "attachekoe" : {
               "Type" : "AWS::EC2::VPCGatewayAttachment",
               "Properties" : {
-                "VpcId" : { "Ref" : "" },
+                "VpcId" : { "Ref" : "vpcid" },
                 "InternetGatewayId" : { "Ref" : "koe" }
             }
         }, 
         
         
         
-        "RouteTable" : {
+        "RouteTablekoe" : {
               "Type" : "AWS::EC2::RouteTable",
               "Properties" : {
-                "VpcId" : { "Ref" : "" },
+                "VpcId" : { "Ref" : "vpcid" },
                 "Tags" : [ 
-        		           {"Key": "Name", "Value" : "RouteTable" }
+        		           {"Key": "Name", "Value" : "RouteTablekoe" }
         		         , {"Key" : "Application", "Value" : { "Ref" : "AWS::StackId"} } 
         				 ]
               }
@@ -52,9 +54,9 @@ describe template_under_test do
         
         "Route" : {
             "Type" : "AWS::EC2::Route",
-             "DependsOn" : "Attach",
+             "DependsOn" : "attachekoe",
               "Properties" : {
-                  "RouteTableId" : { "Ref" : "RouteTable" }
+                  "RouteTableId" : { "Ref" : "RouteTablekoe" }
                   , "DestinationCidrBlock" : "0.0.0.0/0"
                   , "GatewayId" : { "Ref" : "koe" }
              }
@@ -65,7 +67,7 @@ describe template_under_test do
             "Type" : "AWS::EC2::SubnetRouteTableAssociation"
            , "Properties" : {
                  "SubnetId" : { "Ref" : "" }
-               , "RouteTableId" : { "Ref" : "RouteTable" }
+               , "RouteTableId" : { "Ref" : "RouteTablekoe" }
              }
         }
 
@@ -73,6 +75,9 @@ describe template_under_test do
 
     yaml_text = <<-EOF
       Name: koe
+      Attachment: 
+         AttachmentName: attachekoe
+         Vpc: vpcid
     EOF
 
     # debug

data/spec/mustache/resourcePolicy_spec.rb

@@ -94,7 +94,7 @@ describe template_under_test do
     render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
     
     # debug
-    puts "render_str=#{render_str}"
+    # puts "render_str=#{render_str}"
     # puts json_sanitize( render_str + dummy_element , nil  )
 
     expect( json_sanitize( render_str + dummy_element, nil )).to eql( json_sanitize( expect_str  + dummy_element, nil ))

data/spec/mustache/resourceS3Bucket_spec.rb

@@ -44,7 +44,7 @@ describe template_under_test do
     render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
 
     # debug
-    puts "render_str=#{render_str}"
+    # puts "render_str=#{render_str}"
     # puts json_sanitize( render_str, nil  )
 
 

data/spec/mustache/resourceSecurityGroup_spec.rb

@@ -27,9 +27,9 @@ describe template_under_test do
       "Type" : "AWS::EC2::SecurityGroup",
       "Properties" : {
         "GroupDescription" : "Enable SSH access via port 22"
-        
-        , "SecurityGroupIngress" : [ 
-        ]
+        , "Tags": [{"Key": "Name", "Value": "koe"}]
+        , "SecurityGroupIngress" : [ ]
+        , "SecurityGroupEgress" : [ ]
       }
      }
 

data/spec/mustache/resourceSubnet_spec.rb

@@ -12,12 +12,14 @@ describe template_under_test do
     @aws_must = AwsMust::AwsMust.new( { :template_path => template_dir } )
 
     # hide partials
-    allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).and_return( "" )
+    allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).and_call_original
     # verify that template_under_test actually used
     expect_any_instance_of( AwsMust::Template ).to receive( :get_template ).with( template_under_test  ).and_call_original
 
   end
 
+  # ------------------------------------------------------------------
+  # default
 
   it "#default'" do
 
@@ -30,7 +32,7 @@ describe template_under_test do
                  "CidrBlock" : ""
                , "Tags" : [ ]
                , "MapPublicIpOnLaunch" : false
-               , "VpcId" : { "Ref" : "" }
+               , "VpcId" : { "Ref" : "vpc-124" }
            }
         }
     EOS
@@ -40,6 +42,7 @@ describe template_under_test do
 
     yaml_text = <<-EOF
       Name: #{name}
+      VpcId: vpc-124
     EOF
 
     render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
@@ -50,6 +53,50 @@ describe template_under_test do
 
     expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil  ))
 
-  end
+  end #it "#default'" do
+
+  # ------------------------------------------------------------------
+  # route tables association
+
+
+  it "#RoutetableAssociation -attribute" do
+
+
+    name = "koe"
+    expect_str= <<-EOS
+
+          "koe" : {
+           "Type" : "AWS::EC2::Subnet"
+        	   , "Properties" : {
+                 "CidrBlock" : ""
+               , "Tags" : [ ]
+               , "MapPublicIpOnLaunch" : false
+               , "VpcId" : { "Ref" : "vpc-125" }
+           }
+        }
+       , "koeRouteTableAssociation":{"Type":"AWS::EC2::SubnetRouteTableAssociation", "Properties":{"RouteTableId":{"Ref":"routetable"}, "SubnetId":{"Ref":"koe"}}}
+
+    EOS
+
+    # debug
+    # puts   json_sanitize( expect_str , nil  )
+
+    yaml_text = <<-EOF
+      Name: #{name}
+      VpcId: vpc-125
+      RoutetableAssociation: routetable
+    EOF
+
+    render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
+
+    # debug
+    # puts "render_str=#{render_str}"
+    # puts  json_sanitize( render_str, nil  )
+
+    expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil  ))
+
+  end #it "#default'" do
+
+
 
 end

data/spec/support/lib/aws/aws.rb

@@ -0,0 +1,6 @@
+# require_relative "vpc_resource.rb"
+require_relative "ec2_resource.rb"
+require_relative "vpc_resource.rb"
+require_relative "route_resource.rb"
+require_relative "security_group_resource"
+

data/spec/support/lib/aws/ec2_resource.rb

@@ -0,0 +1,177 @@
+require 'aws-sdk'
+require 'serverspec'
+
+
+require_relative "./mixin_cidr"
+require_relative "./mixin_subnet"
+require_relative "./mixin_ec2"
+
+
+module Serverspec
+  module Type
+    class Ec2Resource < Base
+
+      # ------------------------------------------------------------------
+      # attrbutes
+      
+      attr_accessor :instanceId       # 
+      attr_accessor :instanceName     # tagged
+
+      attr_accessor :attribute
+
+      # ------------------------------------------------------------------
+      # constrcutore
+
+      def self.new_by_instanceName( instanceName, attribute=nil )
+
+        raise 'must set a instanceName' if instanceName.nil?
+        ec2 = Ec2Resource.new
+        ec2.instanceName = instanceName
+        ec2.attribute = attribute
+
+        return ec2
+
+      end
+
+      def self.new_by_instanceId( instanceId, attribute=nil )
+
+        raise 'must set a instanceId' if instanceId.nil?
+        ec2 = Ec2Resource.new
+        ec2.instanceId = instanceId
+        ec2.attribute = attribute
+
+        return ec2
+
+      end
+
+      def initialize( )
+      end
+
+      # ------------------------------------------------------------------
+      # public interface
+
+      def to_s
+        "ec2:" +
+          ( @instanceId ? " instanceId=#{@instanceId}" : "" ) + 
+          ( @instanceName ? " instanceName=#{@instanceName}" : "" ) + 
+          (@attribute ? ", #{@attribute}: #{self.send( @attribute )}"  :"" )
+      end
+
+      def availability_zone 
+        describe_instance_status.availability_zone
+      end
+
+      def system_status_ok?
+        return system_status == "ok"
+      end
+
+      def system_status_not_impaired?
+        return system_status != "impaired"
+      end
+
+      def system_status
+        return describe_instance_status.system_status.status
+      end
+
+      def instance_state_running?
+        return instance_state.name == "running"
+      end
+
+      def instance_state
+        return describe_instance_status.instance_state
+      end
+
+      def instance_type
+        describe_instance_attribute("instanceType").instance_type.value
+      end
+
+      def public_ip_address
+        describe_instance.public_ip_address
+      end
+
+      def subnet_id
+        describe_instance.subnet_id
+      end
+
+      def private_ip_address
+        describe_instance.private_ip_address
+      end
+
+      # true if private_ip belongs to cidr
+      def private_ip_address_valid_cidr?( cidr )
+        private_ip = describe_instance.private_ip_address
+        cidr_valid_ip( private_ip, cidr )
+      end
+
+      def instance_id
+        # use 'instanceType'  return also instace_id
+        describe_instance_attribute("instanceType").instance_id
+      end
+
+      # routes
+
+
+      private
+
+      # ------------------------------------------------------------------
+      # mixin interface
+
+      def client
+        @ec2Client = Aws::EC2::Client.new
+        return @ec2Client
+      end
+
+      # return @instanceId or read it using aws sdk
+      def get_instanceId
+        return @instanceId if @instanceId 
+        options = {
+          dry_run: false,
+          filters: [
+                    { name: "tag:Name", values: [ @instanceName  ]},
+                    { name: "instance-state-name", values: [ "running"  ]},
+                   ],
+        }
+
+        @instanceId = describe_instances(options).reservations.first.instances.first.instance_id
+        return @instanceId
+      end
+
+      # ------------------------------------------------------------------
+      # mixin services included
+
+      include AwsMustTemplates::Mixin::CIDR
+      include AwsMustTemplates::Mixin::EC2
+
+    end # class Vpc < Base
+
+    # ------------------------------------------------------------------
+    # serverspec resource
+
+    def ec2_resource( instanceId )
+      Ec2Resource.new_by_instanceId( instanceId.kind_of?(Serverspec::Type::ValidProperty) ? instanceId.value : instanceId )
+    end
+
+    def ec2_named_resource( instanceName )
+      Ec2Resource.new_by_instanceName( instanceName.kind_of?(Serverspec::Type::ValidProperty) ? instanceName.value : instanceName )
+    end
+
+    # resource output includes also attribute value
+    def ec2_resource_attribute( instanceId, attribute )
+      Ec2Resource.new_by_instanceId( instanceId.kind_of?(Serverspec::Type::ValidProperty) ? instanceId.value : instanceId,
+                       attribute.kind_of?(Serverspec::Type::ValidProperty) ? attribute.value : attribute
+                       )
+    end
+
+    def ec2_named_resource_attribute( instanceName, attribute )
+      Ec2Resource.new_by_instanceName( instanceName.kind_of?(Serverspec::Type::ValidProperty) ? instanceName.value : instanceName,
+                       attribute.kind_of?(Serverspec::Type::ValidProperty) ? attribute.value : attribute
+                       )
+    end
+
+
+
+  end # module Type
+end
+
+include Serverspec::Type
+

data/spec/support/lib/aws/mixin_cidr.rb

@@ -0,0 +1,18 @@
+require 'netaddr'
+
+module AwsMustTemplates
+  module Mixin
+    module CIDR
+
+      # true if `cidr` contains `ip`
+      def cidr_valid_ip( ip, cidr )
+
+        cird4 = NetAddr::CIDR.create( cidr )
+        cird4.contains?( ip )
+        
+      end
+
+    end  # module CIDR
+
+  end # 
+end 

data/spec/support/lib/aws/mixin_ec2.rb

@@ -0,0 +1,53 @@
+module AwsMustTemplates
+  module Mixin
+    module EC2
+
+      # uses mixin interface
+      # - client
+      # - get_instanceId
+
+
+      # hash for aws ec2 sdk query
+      def instance_query_options
+
+        instanceId = get_instanceId
+
+        options = {
+          dry_run: false,
+          instance_ids: [ instanceId ]
+        }
+
+        return options
+
+      end
+      def describe_instance
+        describe_instances.reservations.first.instances.first
+      end
+      
+      def describe_instances( options = nil )
+        options = instance_query_options if options.nil?
+        client.describe_instances( options )
+      end
+      
+      def describe_instance_status
+        options = instance_query_options
+        # puts "options=#{options}"
+        resp =  client.describe_instance_status(options)
+        return resp.instance_statuses.first
+      end
+
+      def describe_instance_attribute( attribute )
+        # options = instance_query_options
+        # options[:attribute] = attribute
+        instanceId = get_instanceId
+        options = {
+          dry_run: false,
+          instance_id:  instanceId,
+          attribute: attribute
+        }
+        client.describe_instance_attribute(options)
+      end
+
+    end
+  end
+end

data/spec/support/lib/aws/mixin_security_group.rb

@@ -0,0 +1,15 @@
+module AwsMustTemplates
+  module Mixin
+    module SecurityGroup
+
+      private
+
+      # access subnet by 'subnetId'
+      def describe_security_groups( securityGroupIds )
+        options = { group_ids: securityGroupIds }
+        client.describe_security_groups( options ).security_groups
+      end
+
+    end
+  end
+end

data/spec/support/lib/aws/mixin_subnet.rb

@@ -0,0 +1,77 @@
+module AwsMustTemplates
+  module Mixin
+    module Subnet
+
+      private
+
+      #  'nil' if  no route-tables for subnet
+      def subnet_routes_as_array_of_hashes( subnetId )
+
+        # Each subnet must be associated with a route table, which
+        # controls the routing for the subnet. If you don't explicitly
+        # associate a subnet with a particular route table, the subnet uses
+        # the main route table.
+
+        routes = subnet_routes_from_subnet( subnetId )
+        routes = subnet_routes_from_vpc( subnetId ) if routes.nil?
+
+        # map to hash
+        return routes.inject([]){ |arr,r| arr << r.to_h }
+
+      end
+
+      def subnet_routes_from_subnet( subnetId )
+        route_tables = describe_route_tables_for_subnet( subnetId ).route_tables
+        return nil unless route_tables.any?
+        return route_tables.first.routes
+      end
+
+      # access main route table on vpc
+      def subnet_routes_from_vpc( subnetId )
+        subnet = describe_subnet( subnetId )
+        route_tables = describe_route_tables_for_vpc( subnet.vpc_id  ).route_tables
+        return route_tables.first.routes
+      end
+
+
+      # access subnet by 'subnetId'
+      def describe_subnet( subnetId )
+        options = { subnet_ids: [ subnetId ] }
+        client.describe_subnets( options ).subnets.first
+      end
+
+      # aws client request for route tables associated with subnet
+      def describe_route_tables_for_subnet( subnetId )
+        options = {
+          dry_run: false,
+          route_table_ids: nil,
+          filters: [
+                    {
+                      name: "association.subnet-id",
+                      values: [ subnetId ],
+                    }
+                   ]
+        }
+        client.describe_route_tables( options )
+      end
+
+      # aws client request for route tables associated with 'vpcId'
+      def describe_route_tables_for_vpc( vpcId )
+        options = {
+          dry_run: false,
+          route_table_ids: nil,
+          filters: [
+                    {
+                      name: "vpc-id",
+                      values: [ vpcId ],
+                    }
+                   ]
+        }
+        client.describe_route_tables( options )
+      end
+
+
+
+    end
+  end
+end

data/spec/support/lib/aws/mixin_vpc.rb

@@ -0,0 +1,10 @@
+module AwsMustTemplates
+  module Mixin
+    module Vpc
+      def describe_vpc( vpcId ) 
+        options = { vpc_ids: [ vpcId ] }
+        client.describe_vpcs( options ).first
+      end
+    end
+  end
+end