aws-must-templates 0.1.6 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +97 -44
- data/lib/tasks/cross-ref.rb +6 -0
- data/lib/tasks/suite.rake +150 -48
- data/lib/test-suites/test_suites.rb +13 -13
- data/mustache/commonDependsOn.mustache +24 -2
- data/mustache/commonRef.mustache +22 -0
- data/mustache/commonValue.mustache +1 -1
- data/mustache/commonXGressRule.mustache +31 -0
- data/mustache/mapping.mustache +3 -1
- data/mustache/mappingAmazonVpcNat.mustache +38 -0
- data/mustache/resource.mustache +4 -0
- data/mustache/resourceInstance.mustache +26 -7
- data/mustache/resourceInternetGateway.mustache +30 -16
- data/mustache/resourceRoute.mustache +50 -0
- data/mustache/resourceRouteTable.mustache +67 -0
- data/mustache/resourceSecurityGroup.mustache +13 -12
- data/mustache/resourceSubnet.mustache +20 -8
- data/mustache/root.mustache +26 -11
- data/spec/aws-must-templates/AllwaysOk/AllwaysOk_spec.rb +35 -0
- data/spec/aws-must-templates/AwsCommandLineInterfaceInstalled/AwsCommandLineInterfaceInstalled_spec.rb +19 -1
- data/spec/aws-must-templates/AwsMustTestRunnerProperties/AwsMustTestRunnerProperties_spec.rb +16 -1
- data/spec/aws-must-templates/CloudFormationHelperScriptsInstalled/CloudFormationHelperScriptsInstalled_spec.rb +17 -0
- data/spec/aws-must-templates/Ec2InstanceType/Ec2InstanceType_spec.rb +47 -0
- data/spec/aws-must-templates/Ec2PrivateIp/Ec2PrivateIp_spec.rb +49 -0
- data/spec/aws-must-templates/Ec2PublicIp/Ec2PublicIp_spec.rb +68 -0
- data/spec/aws-must-templates/Ec2Routes/Ec2Routes_spec.rb +69 -0
- data/spec/aws-must-templates/Ec2SecurityGroups/Ec2SecurityGroups_spec.rb +151 -0
- data/spec/aws-must-templates/Ec2StatusNormal/Ec2StatusNormal_spec.rb +55 -0
- data/spec/aws-must-templates/NetworkCanPing/NetworkCanPing_spec.rb +36 -0
- data/spec/aws-must-templates/ParameterTest/ParameterTest_spec.rb +17 -1
- data/spec/aws-must-templates/RespondsToPing/RespondsToPing_spec.rb +46 -0
- data/spec/aws-must-templates/S3NoAccess/S3NoAccess_spec.rb +17 -3
- data/spec/aws-must-templates/S3ReadAccessAllowed/S3ReadAccessAllowed_spec.rb +18 -1
- data/spec/aws-must-templates/Stack/Stack_spec.rb +28 -1
- data/spec/aws-must-templates/ValidOSVersion/ValidOSVersion_spec.rb +16 -1
- data/spec/aws-must-templates/Vpc/vpc_spec.rb +51 -0
- data/spec/aws-must-templates/table_of_content.mustache +67 -0
- data/spec/lib/test_suites_spec.rb +101 -28
- data/spec/mustache/commonDependsOn_spec.rb +57 -2
- data/spec/mustache/commonInstanceType_spec.rb +1 -1
- data/spec/mustache/mappingAmazonVpcNat_spec.rb +56 -0
- data/spec/mustache/mapping_spec.rb +48 -7
- data/spec/mustache/resourceInstance_spec.rb +102 -1
- data/spec/mustache/resourceInternetGateway_spec.rb +14 -9
- data/spec/mustache/resourcePolicy_spec.rb +1 -1
- data/spec/mustache/resourceS3Bucket_spec.rb +1 -1
- data/spec/mustache/resourceSecurityGroup_spec.rb +3 -3
- data/spec/mustache/resourceSubnet_spec.rb +50 -3
- data/spec/support/lib/aws/aws.rb +6 -0
- data/spec/support/lib/aws/ec2_resource.rb +177 -0
- data/spec/support/lib/aws/mixin_cidr.rb +18 -0
- data/spec/support/lib/aws/mixin_ec2.rb +53 -0
- data/spec/support/lib/aws/mixin_security_group.rb +15 -0
- data/spec/support/lib/aws/mixin_subnet.rb +77 -0
- data/spec/support/lib/aws/mixin_vpc.rb +10 -0
- data/spec/support/lib/aws/route_resource.rb +86 -0
- data/spec/support/lib/aws/security_group_resource.rb +120 -0
- data/spec/support/lib/aws/vpc_resource.rb +69 -0
- data/spec/support/lib/suite_value.rb +38 -0
- data/spec/support/lib/test_parameter.rb +12 -8
- data/spec/support/lib/valid_property.rb +29 -9
- data/spec/support/spec_helper.rb +75 -44
- data/spec/support/utils.rb +4 -0
- metadata +34 -24
@@ -13,20 +13,37 @@ describe template_under_test do
|
|
13
13
|
|
14
14
|
# hide partials
|
15
15
|
allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).and_return( "" )
|
16
|
+
allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( /common/ ).and_call_original
|
17
|
+
allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( :resourceInstanceInitialize ).and_return( '{}' )
|
16
18
|
# verify that template_under_test actually used
|
17
19
|
expect_any_instance_of( AwsMust::Template ).to receive( :get_template ).with( template_under_test ).and_call_original
|
18
20
|
|
19
21
|
end
|
20
22
|
|
23
|
+
|
24
|
+
# ------------------------------------------------------------------
|
25
|
+
# default
|
21
26
|
it "#default'" do
|
22
27
|
|
23
28
|
expect_str= <<-EOS
|
24
|
-
"koe" : {"Type":"AWS::EC2::Instance"
|
29
|
+
"koe" : {"Type":"AWS::EC2::Instance"
|
30
|
+
, "DependsOn": "riippuu"
|
31
|
+
, "Metadata":{}
|
32
|
+
, "Properties":{
|
33
|
+
"ImageId":{"Fn::FindInMap":["AWSRegionArch2AMI", {"Ref":"AWS::Region"}, {"Fn::FindInMap":["AWSInstanceType2Arch", "commonInstanceType-partial called", "Arch"]}]}
|
34
|
+
, "InstanceType":"commonInstanceType-partial called"
|
35
|
+
, "Tags":[{"Key":"Name", "Value":"koe"}]
|
36
|
+
, "SecurityGroupIds":[]
|
37
|
+
, "UserData":{}
|
38
|
+
, "SourceDestCheck": true
|
39
|
+
}
|
40
|
+
}
|
25
41
|
EOS
|
26
42
|
|
27
43
|
yaml_text = <<-EOF
|
28
44
|
Name: koe
|
29
45
|
InstanceType: t2.micro
|
46
|
+
DependsOn: riippuu
|
30
47
|
EOF
|
31
48
|
|
32
49
|
# debug
|
@@ -46,6 +63,90 @@ describe template_under_test do
|
|
46
63
|
|
47
64
|
end
|
48
65
|
|
66
|
+
# ------------------------------------------------------------------
|
67
|
+
# SourceDestCheck
|
68
|
+
|
69
|
+
it "#SourceDestCheck" do
|
70
|
+
|
71
|
+
expect_str= <<-EOS
|
72
|
+
"koesource_dest_check" : {
|
73
|
+
"Type":"AWS::EC2::Instance"
|
74
|
+
, "Metadata":{}
|
75
|
+
, "Properties":{
|
76
|
+
"ImageId":{"Fn::FindInMap":["AWSRegionArch2AMI", {"Ref":"AWS::Region"}, {"Fn::FindInMap":["AWSInstanceType2Arch", "commonInstanceType-partial called", "Arch"]}]}
|
77
|
+
, "InstanceType":"commonInstanceType-partial called"
|
78
|
+
, "Tags":[{"Key":"Name", "Value":"koesource_dest_check"}]
|
79
|
+
, "SecurityGroupIds":[]
|
80
|
+
, "UserData":{}
|
81
|
+
, "SourceDestCheck": false
|
82
|
+
}
|
83
|
+
}
|
84
|
+
EOS
|
85
|
+
|
86
|
+
yaml_text = <<-EOF
|
87
|
+
Name: koesource_dest_check
|
88
|
+
InstanceType: t2.micro
|
89
|
+
SourceDestCheck: "false"
|
90
|
+
EOF
|
91
|
+
|
92
|
+
# debug
|
93
|
+
# puts json_sanitize( expect_str, nil )
|
94
|
+
|
95
|
+
# stub partials
|
96
|
+
expect_any_instance_of( AwsMust::Template ).to receive( :partial ).with( :commonInstanceType ).twice.and_return( '"commonInstanceType-partial called"' )
|
97
|
+
expect_any_instance_of( AwsMust::Template ).to receive( :partial ).with( :resourceInstanceInitialize ).and_return( '{}' )
|
98
|
+
|
99
|
+
render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
|
100
|
+
|
101
|
+
# debug
|
102
|
+
# puts "render_str=#{render_str}"
|
103
|
+
# puts json_sanitize( render_str, nil )
|
104
|
+
|
105
|
+
expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil ))
|
106
|
+
|
107
|
+
end
|
108
|
+
|
109
|
+
# ------------------------------------------------------------------
|
110
|
+
#
|
111
|
+
|
112
|
+
|
113
|
+
it "#MapRegionToImageId" do
|
114
|
+
|
115
|
+
expect_str= <<-EOS
|
116
|
+
"koesource_dest_check" : {
|
117
|
+
"Type":"AWS::EC2::Instance"
|
118
|
+
, "Metadata":{}
|
119
|
+
, "Properties":{
|
120
|
+
"ImageId": {"Fn::FindInMap" : ["mappaa", {"Ref" : "AWS::Region"}, "AMI"]}
|
121
|
+
, "InstanceType": "t2.micro"
|
122
|
+
, "Tags":[{"Key":"Name", "Value":"koesource_dest_check"}]
|
123
|
+
, "SecurityGroupIds":[]
|
124
|
+
, "UserData":{}
|
125
|
+
, "SourceDestCheck": true
|
126
|
+
}
|
127
|
+
}
|
128
|
+
EOS
|
129
|
+
|
130
|
+
yaml_text = <<-EOF
|
131
|
+
Name: koesource_dest_check
|
132
|
+
InstanceType: t2.micro
|
133
|
+
MapRegionToImageId: mappaa
|
134
|
+
EOF
|
135
|
+
|
136
|
+
# debug
|
137
|
+
# puts json_sanitize( expect_str, nil )
|
138
|
+
|
139
|
+
# stub partials
|
140
|
+
render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
|
141
|
+
|
142
|
+
# debug
|
143
|
+
# puts "render_str=#{render_str}"
|
144
|
+
# puts json_sanitize( render_str, nil )
|
145
|
+
|
146
|
+
expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil ))
|
147
|
+
|
148
|
+
end
|
149
|
+
|
49
150
|
|
50
151
|
end
|
51
152
|
|
@@ -13,6 +13,8 @@ describe template_under_test do
|
|
13
13
|
|
14
14
|
# hide partials
|
15
15
|
allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).and_return( "" )
|
16
|
+
allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( /common/).and_call_original
|
17
|
+
|
16
18
|
# verify that template_under_test actually used
|
17
19
|
expect_any_instance_of( AwsMust::Template ).to receive( :get_template ).with( template_under_test ).and_call_original
|
18
20
|
|
@@ -25,26 +27,26 @@ describe template_under_test do
|
|
25
27
|
"koe" : {
|
26
28
|
"Type" : "AWS::EC2::InternetGateway",
|
27
29
|
"Properties" : {
|
28
|
-
"Tags" : [ ]
|
30
|
+
"Tags" : [ {"Key":"Name", "Value":"koe"} ]
|
29
31
|
}
|
30
32
|
},
|
31
33
|
|
32
|
-
"
|
34
|
+
"attachekoe" : {
|
33
35
|
"Type" : "AWS::EC2::VPCGatewayAttachment",
|
34
36
|
"Properties" : {
|
35
|
-
"VpcId" : { "Ref" : "" },
|
37
|
+
"VpcId" : { "Ref" : "vpcid" },
|
36
38
|
"InternetGatewayId" : { "Ref" : "koe" }
|
37
39
|
}
|
38
40
|
},
|
39
41
|
|
40
42
|
|
41
43
|
|
42
|
-
"
|
44
|
+
"RouteTablekoe" : {
|
43
45
|
"Type" : "AWS::EC2::RouteTable",
|
44
46
|
"Properties" : {
|
45
|
-
"VpcId" : { "Ref" : "" },
|
47
|
+
"VpcId" : { "Ref" : "vpcid" },
|
46
48
|
"Tags" : [
|
47
|
-
{"Key": "Name", "Value" : "
|
49
|
+
{"Key": "Name", "Value" : "RouteTablekoe" }
|
48
50
|
, {"Key" : "Application", "Value" : { "Ref" : "AWS::StackId"} }
|
49
51
|
]
|
50
52
|
}
|
@@ -52,9 +54,9 @@ describe template_under_test do
|
|
52
54
|
|
53
55
|
"Route" : {
|
54
56
|
"Type" : "AWS::EC2::Route",
|
55
|
-
"DependsOn" : "
|
57
|
+
"DependsOn" : "attachekoe",
|
56
58
|
"Properties" : {
|
57
|
-
"RouteTableId" : { "Ref" : "
|
59
|
+
"RouteTableId" : { "Ref" : "RouteTablekoe" }
|
58
60
|
, "DestinationCidrBlock" : "0.0.0.0/0"
|
59
61
|
, "GatewayId" : { "Ref" : "koe" }
|
60
62
|
}
|
@@ -65,7 +67,7 @@ describe template_under_test do
|
|
65
67
|
"Type" : "AWS::EC2::SubnetRouteTableAssociation"
|
66
68
|
, "Properties" : {
|
67
69
|
"SubnetId" : { "Ref" : "" }
|
68
|
-
, "RouteTableId" : { "Ref" : "
|
70
|
+
, "RouteTableId" : { "Ref" : "RouteTablekoe" }
|
69
71
|
}
|
70
72
|
}
|
71
73
|
|
@@ -73,6 +75,9 @@ describe template_under_test do
|
|
73
75
|
|
74
76
|
yaml_text = <<-EOF
|
75
77
|
Name: koe
|
78
|
+
Attachment:
|
79
|
+
AttachmentName: attachekoe
|
80
|
+
Vpc: vpcid
|
76
81
|
EOF
|
77
82
|
|
78
83
|
# debug
|
@@ -94,7 +94,7 @@ describe template_under_test do
|
|
94
94
|
render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
|
95
95
|
|
96
96
|
# debug
|
97
|
-
puts "render_str=#{render_str}"
|
97
|
+
# puts "render_str=#{render_str}"
|
98
98
|
# puts json_sanitize( render_str + dummy_element , nil )
|
99
99
|
|
100
100
|
expect( json_sanitize( render_str + dummy_element, nil )).to eql( json_sanitize( expect_str + dummy_element, nil ))
|
@@ -44,7 +44,7 @@ describe template_under_test do
|
|
44
44
|
render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
|
45
45
|
|
46
46
|
# debug
|
47
|
-
puts "render_str=#{render_str}"
|
47
|
+
# puts "render_str=#{render_str}"
|
48
48
|
# puts json_sanitize( render_str, nil )
|
49
49
|
|
50
50
|
|
@@ -27,9 +27,9 @@ describe template_under_test do
|
|
27
27
|
"Type" : "AWS::EC2::SecurityGroup",
|
28
28
|
"Properties" : {
|
29
29
|
"GroupDescription" : "Enable SSH access via port 22"
|
30
|
-
|
31
|
-
, "SecurityGroupIngress" : [
|
32
|
-
]
|
30
|
+
, "Tags": [{"Key": "Name", "Value": "koe"}]
|
31
|
+
, "SecurityGroupIngress" : [ ]
|
32
|
+
, "SecurityGroupEgress" : [ ]
|
33
33
|
}
|
34
34
|
}
|
35
35
|
|
@@ -12,12 +12,14 @@ describe template_under_test do
|
|
12
12
|
@aws_must = AwsMust::AwsMust.new( { :template_path => template_dir } )
|
13
13
|
|
14
14
|
# hide partials
|
15
|
-
allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).
|
15
|
+
allow_any_instance_of( AwsMust::Template ).to receive( :partial ).with( any_args ).and_call_original
|
16
16
|
# verify that template_under_test actually used
|
17
17
|
expect_any_instance_of( AwsMust::Template ).to receive( :get_template ).with( template_under_test ).and_call_original
|
18
18
|
|
19
19
|
end
|
20
20
|
|
21
|
+
# ------------------------------------------------------------------
|
22
|
+
# default
|
21
23
|
|
22
24
|
it "#default'" do
|
23
25
|
|
@@ -30,7 +32,7 @@ describe template_under_test do
|
|
30
32
|
"CidrBlock" : ""
|
31
33
|
, "Tags" : [ ]
|
32
34
|
, "MapPublicIpOnLaunch" : false
|
33
|
-
, "VpcId" : { "Ref" : "" }
|
35
|
+
, "VpcId" : { "Ref" : "vpc-124" }
|
34
36
|
}
|
35
37
|
}
|
36
38
|
EOS
|
@@ -40,6 +42,7 @@ describe template_under_test do
|
|
40
42
|
|
41
43
|
yaml_text = <<-EOF
|
42
44
|
Name: #{name}
|
45
|
+
VpcId: vpc-124
|
43
46
|
EOF
|
44
47
|
|
45
48
|
render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
|
@@ -50,6 +53,50 @@ describe template_under_test do
|
|
50
53
|
|
51
54
|
expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil ))
|
52
55
|
|
53
|
-
end
|
56
|
+
end #it "#default'" do
|
57
|
+
|
58
|
+
# ------------------------------------------------------------------
|
59
|
+
# route tables association
|
60
|
+
|
61
|
+
|
62
|
+
it "#RoutetableAssociation -attribute" do
|
63
|
+
|
64
|
+
|
65
|
+
name = "koe"
|
66
|
+
expect_str= <<-EOS
|
67
|
+
|
68
|
+
"koe" : {
|
69
|
+
"Type" : "AWS::EC2::Subnet"
|
70
|
+
, "Properties" : {
|
71
|
+
"CidrBlock" : ""
|
72
|
+
, "Tags" : [ ]
|
73
|
+
, "MapPublicIpOnLaunch" : false
|
74
|
+
, "VpcId" : { "Ref" : "vpc-125" }
|
75
|
+
}
|
76
|
+
}
|
77
|
+
, "koeRouteTableAssociation":{"Type":"AWS::EC2::SubnetRouteTableAssociation", "Properties":{"RouteTableId":{"Ref":"routetable"}, "SubnetId":{"Ref":"koe"}}}
|
78
|
+
|
79
|
+
EOS
|
80
|
+
|
81
|
+
# debug
|
82
|
+
# puts json_sanitize( expect_str , nil )
|
83
|
+
|
84
|
+
yaml_text = <<-EOF
|
85
|
+
Name: #{name}
|
86
|
+
VpcId: vpc-125
|
87
|
+
RoutetableAssociation: routetable
|
88
|
+
EOF
|
89
|
+
|
90
|
+
render_str = @aws_must.generate_str( template_under_test, stub_yaml_file( yaml_text ), {} )
|
91
|
+
|
92
|
+
# debug
|
93
|
+
# puts "render_str=#{render_str}"
|
94
|
+
# puts json_sanitize( render_str, nil )
|
95
|
+
|
96
|
+
expect( json_sanitize( render_str, nil )).to eql( json_sanitize( expect_str, nil ))
|
97
|
+
|
98
|
+
end #it "#default'" do
|
99
|
+
|
100
|
+
|
54
101
|
|
55
102
|
end
|
@@ -0,0 +1,177 @@
|
|
1
|
+
require 'aws-sdk'
|
2
|
+
require 'serverspec'
|
3
|
+
|
4
|
+
|
5
|
+
require_relative "./mixin_cidr"
|
6
|
+
require_relative "./mixin_subnet"
|
7
|
+
require_relative "./mixin_ec2"
|
8
|
+
|
9
|
+
|
10
|
+
module Serverspec
|
11
|
+
module Type
|
12
|
+
class Ec2Resource < Base
|
13
|
+
|
14
|
+
# ------------------------------------------------------------------
|
15
|
+
# attrbutes
|
16
|
+
|
17
|
+
attr_accessor :instanceId #
|
18
|
+
attr_accessor :instanceName # tagged
|
19
|
+
|
20
|
+
attr_accessor :attribute
|
21
|
+
|
22
|
+
# ------------------------------------------------------------------
|
23
|
+
# constrcutore
|
24
|
+
|
25
|
+
def self.new_by_instanceName( instanceName, attribute=nil )
|
26
|
+
|
27
|
+
raise 'must set a instanceName' if instanceName.nil?
|
28
|
+
ec2 = Ec2Resource.new
|
29
|
+
ec2.instanceName = instanceName
|
30
|
+
ec2.attribute = attribute
|
31
|
+
|
32
|
+
return ec2
|
33
|
+
|
34
|
+
end
|
35
|
+
|
36
|
+
def self.new_by_instanceId( instanceId, attribute=nil )
|
37
|
+
|
38
|
+
raise 'must set a instanceId' if instanceId.nil?
|
39
|
+
ec2 = Ec2Resource.new
|
40
|
+
ec2.instanceId = instanceId
|
41
|
+
ec2.attribute = attribute
|
42
|
+
|
43
|
+
return ec2
|
44
|
+
|
45
|
+
end
|
46
|
+
|
47
|
+
def initialize( )
|
48
|
+
end
|
49
|
+
|
50
|
+
# ------------------------------------------------------------------
|
51
|
+
# public interface
|
52
|
+
|
53
|
+
def to_s
|
54
|
+
"ec2:" +
|
55
|
+
( @instanceId ? " instanceId=#{@instanceId}" : "" ) +
|
56
|
+
( @instanceName ? " instanceName=#{@instanceName}" : "" ) +
|
57
|
+
(@attribute ? ", #{@attribute}: #{self.send( @attribute )}" :"" )
|
58
|
+
end
|
59
|
+
|
60
|
+
def availability_zone
|
61
|
+
describe_instance_status.availability_zone
|
62
|
+
end
|
63
|
+
|
64
|
+
def system_status_ok?
|
65
|
+
return system_status == "ok"
|
66
|
+
end
|
67
|
+
|
68
|
+
def system_status_not_impaired?
|
69
|
+
return system_status != "impaired"
|
70
|
+
end
|
71
|
+
|
72
|
+
def system_status
|
73
|
+
return describe_instance_status.system_status.status
|
74
|
+
end
|
75
|
+
|
76
|
+
def instance_state_running?
|
77
|
+
return instance_state.name == "running"
|
78
|
+
end
|
79
|
+
|
80
|
+
def instance_state
|
81
|
+
return describe_instance_status.instance_state
|
82
|
+
end
|
83
|
+
|
84
|
+
def instance_type
|
85
|
+
describe_instance_attribute("instanceType").instance_type.value
|
86
|
+
end
|
87
|
+
|
88
|
+
def public_ip_address
|
89
|
+
describe_instance.public_ip_address
|
90
|
+
end
|
91
|
+
|
92
|
+
def subnet_id
|
93
|
+
describe_instance.subnet_id
|
94
|
+
end
|
95
|
+
|
96
|
+
def private_ip_address
|
97
|
+
describe_instance.private_ip_address
|
98
|
+
end
|
99
|
+
|
100
|
+
# true if private_ip belongs to cidr
|
101
|
+
def private_ip_address_valid_cidr?( cidr )
|
102
|
+
private_ip = describe_instance.private_ip_address
|
103
|
+
cidr_valid_ip( private_ip, cidr )
|
104
|
+
end
|
105
|
+
|
106
|
+
def instance_id
|
107
|
+
# use 'instanceType' return also instace_id
|
108
|
+
describe_instance_attribute("instanceType").instance_id
|
109
|
+
end
|
110
|
+
|
111
|
+
# routes
|
112
|
+
|
113
|
+
|
114
|
+
private
|
115
|
+
|
116
|
+
# ------------------------------------------------------------------
|
117
|
+
# mixin interface
|
118
|
+
|
119
|
+
def client
|
120
|
+
@ec2Client = Aws::EC2::Client.new
|
121
|
+
return @ec2Client
|
122
|
+
end
|
123
|
+
|
124
|
+
# return @instanceId or read it using aws sdk
|
125
|
+
def get_instanceId
|
126
|
+
return @instanceId if @instanceId
|
127
|
+
options = {
|
128
|
+
dry_run: false,
|
129
|
+
filters: [
|
130
|
+
{ name: "tag:Name", values: [ @instanceName ]},
|
131
|
+
{ name: "instance-state-name", values: [ "running" ]},
|
132
|
+
],
|
133
|
+
}
|
134
|
+
|
135
|
+
@instanceId = describe_instances(options).reservations.first.instances.first.instance_id
|
136
|
+
return @instanceId
|
137
|
+
end
|
138
|
+
|
139
|
+
# ------------------------------------------------------------------
|
140
|
+
# mixin services included
|
141
|
+
|
142
|
+
include AwsMustTemplates::Mixin::CIDR
|
143
|
+
include AwsMustTemplates::Mixin::EC2
|
144
|
+
|
145
|
+
end # class Vpc < Base
|
146
|
+
|
147
|
+
# ------------------------------------------------------------------
|
148
|
+
# serverspec resource
|
149
|
+
|
150
|
+
def ec2_resource( instanceId )
|
151
|
+
Ec2Resource.new_by_instanceId( instanceId.kind_of?(Serverspec::Type::ValidProperty) ? instanceId.value : instanceId )
|
152
|
+
end
|
153
|
+
|
154
|
+
def ec2_named_resource( instanceName )
|
155
|
+
Ec2Resource.new_by_instanceName( instanceName.kind_of?(Serverspec::Type::ValidProperty) ? instanceName.value : instanceName )
|
156
|
+
end
|
157
|
+
|
158
|
+
# resource output includes also attribute value
|
159
|
+
def ec2_resource_attribute( instanceId, attribute )
|
160
|
+
Ec2Resource.new_by_instanceId( instanceId.kind_of?(Serverspec::Type::ValidProperty) ? instanceId.value : instanceId,
|
161
|
+
attribute.kind_of?(Serverspec::Type::ValidProperty) ? attribute.value : attribute
|
162
|
+
)
|
163
|
+
end
|
164
|
+
|
165
|
+
def ec2_named_resource_attribute( instanceName, attribute )
|
166
|
+
Ec2Resource.new_by_instanceName( instanceName.kind_of?(Serverspec::Type::ValidProperty) ? instanceName.value : instanceName,
|
167
|
+
attribute.kind_of?(Serverspec::Type::ValidProperty) ? attribute.value : attribute
|
168
|
+
)
|
169
|
+
end
|
170
|
+
|
171
|
+
|
172
|
+
|
173
|
+
end # module Type
|
174
|
+
end
|
175
|
+
|
176
|
+
include Serverspec::Type
|
177
|
+
|
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'netaddr'
|
2
|
+
|
3
|
+
module AwsMustTemplates
|
4
|
+
module Mixin
|
5
|
+
module CIDR
|
6
|
+
|
7
|
+
# true if `cidr` contains `ip`
|
8
|
+
def cidr_valid_ip( ip, cidr )
|
9
|
+
|
10
|
+
cird4 = NetAddr::CIDR.create( cidr )
|
11
|
+
cird4.contains?( ip )
|
12
|
+
|
13
|
+
end
|
14
|
+
|
15
|
+
end # module CIDR
|
16
|
+
|
17
|
+
end #
|
18
|
+
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
module AwsMustTemplates
|
2
|
+
module Mixin
|
3
|
+
module EC2
|
4
|
+
|
5
|
+
# uses mixin interface
|
6
|
+
# - client
|
7
|
+
# - get_instanceId
|
8
|
+
|
9
|
+
|
10
|
+
# hash for aws ec2 sdk query
|
11
|
+
def instance_query_options
|
12
|
+
|
13
|
+
instanceId = get_instanceId
|
14
|
+
|
15
|
+
options = {
|
16
|
+
dry_run: false,
|
17
|
+
instance_ids: [ instanceId ]
|
18
|
+
}
|
19
|
+
|
20
|
+
return options
|
21
|
+
|
22
|
+
end
|
23
|
+
def describe_instance
|
24
|
+
describe_instances.reservations.first.instances.first
|
25
|
+
end
|
26
|
+
|
27
|
+
def describe_instances( options = nil )
|
28
|
+
options = instance_query_options if options.nil?
|
29
|
+
client.describe_instances( options )
|
30
|
+
end
|
31
|
+
|
32
|
+
def describe_instance_status
|
33
|
+
options = instance_query_options
|
34
|
+
# puts "options=#{options}"
|
35
|
+
resp = client.describe_instance_status(options)
|
36
|
+
return resp.instance_statuses.first
|
37
|
+
end
|
38
|
+
|
39
|
+
def describe_instance_attribute( attribute )
|
40
|
+
# options = instance_query_options
|
41
|
+
# options[:attribute] = attribute
|
42
|
+
instanceId = get_instanceId
|
43
|
+
options = {
|
44
|
+
dry_run: false,
|
45
|
+
instance_id: instanceId,
|
46
|
+
attribute: attribute
|
47
|
+
}
|
48
|
+
client.describe_instance_attribute(options)
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module AwsMustTemplates
|
2
|
+
module Mixin
|
3
|
+
module SecurityGroup
|
4
|
+
|
5
|
+
private
|
6
|
+
|
7
|
+
# access subnet by 'subnetId'
|
8
|
+
def describe_security_groups( securityGroupIds )
|
9
|
+
options = { group_ids: securityGroupIds }
|
10
|
+
client.describe_security_groups( options ).security_groups
|
11
|
+
end
|
12
|
+
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
module AwsMustTemplates
|
2
|
+
module Mixin
|
3
|
+
module Subnet
|
4
|
+
|
5
|
+
private
|
6
|
+
|
7
|
+
# 'nil' if no route-tables for subnet
|
8
|
+
def subnet_routes_as_array_of_hashes( subnetId )
|
9
|
+
|
10
|
+
# Each subnet must be associated with a route table, which
|
11
|
+
# controls the routing for the subnet. If you don't explicitly
|
12
|
+
# associate a subnet with a particular route table, the subnet uses
|
13
|
+
# the main route table.
|
14
|
+
|
15
|
+
routes = subnet_routes_from_subnet( subnetId )
|
16
|
+
routes = subnet_routes_from_vpc( subnetId ) if routes.nil?
|
17
|
+
|
18
|
+
# map to hash
|
19
|
+
return routes.inject([]){ |arr,r| arr << r.to_h }
|
20
|
+
|
21
|
+
end
|
22
|
+
|
23
|
+
def subnet_routes_from_subnet( subnetId )
|
24
|
+
route_tables = describe_route_tables_for_subnet( subnetId ).route_tables
|
25
|
+
return nil unless route_tables.any?
|
26
|
+
return route_tables.first.routes
|
27
|
+
end
|
28
|
+
|
29
|
+
# access main route table on vpc
|
30
|
+
def subnet_routes_from_vpc( subnetId )
|
31
|
+
subnet = describe_subnet( subnetId )
|
32
|
+
route_tables = describe_route_tables_for_vpc( subnet.vpc_id ).route_tables
|
33
|
+
return route_tables.first.routes
|
34
|
+
end
|
35
|
+
|
36
|
+
|
37
|
+
# access subnet by 'subnetId'
|
38
|
+
def describe_subnet( subnetId )
|
39
|
+
options = { subnet_ids: [ subnetId ] }
|
40
|
+
client.describe_subnets( options ).subnets.first
|
41
|
+
end
|
42
|
+
|
43
|
+
# aws client request for route tables associated with subnet
|
44
|
+
def describe_route_tables_for_subnet( subnetId )
|
45
|
+
options = {
|
46
|
+
dry_run: false,
|
47
|
+
route_table_ids: nil,
|
48
|
+
filters: [
|
49
|
+
{
|
50
|
+
name: "association.subnet-id",
|
51
|
+
values: [ subnetId ],
|
52
|
+
}
|
53
|
+
]
|
54
|
+
}
|
55
|
+
client.describe_route_tables( options )
|
56
|
+
end
|
57
|
+
|
58
|
+
# aws client request for route tables associated with 'vpcId'
|
59
|
+
def describe_route_tables_for_vpc( vpcId )
|
60
|
+
options = {
|
61
|
+
dry_run: false,
|
62
|
+
route_table_ids: nil,
|
63
|
+
filters: [
|
64
|
+
{
|
65
|
+
name: "vpc-id",
|
66
|
+
values: [ vpcId ],
|
67
|
+
}
|
68
|
+
]
|
69
|
+
}
|
70
|
+
client.describe_route_tables( options )
|
71
|
+
end
|
72
|
+
|
73
|
+
|
74
|
+
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|