aws-must-templates 0.1.6 → 0.2.1

data/spec/support/lib/aws/route_resource.rb

@@ -0,0 +1,86 @@
+require 'aws-sdk'
+require 'serverspec'
+
+
+
+module Serverspec
+  module Type
+    class AwsRoute < Base
+
+      # ------------------------------------------------------------------
+      # attrbutes
+      
+      attr_accessor :instanceName     # tagged
+
+
+      # ------------------------------------------------------------------
+      # constrcutore
+
+      def self.new_for_ec2( instanceName )
+        raise "must set a 'instanceName' " unless instanceName
+
+        awsRoute = AwsRoute.new
+        awsRoute.instanceName = instanceName
+        return awsRoute
+      end
+
+      def initialize
+      end
+
+      # ------------------------------------------------------------------
+      # public interface
+
+      def to_s
+        "awsRoute: " + 
+          ( @instanceName ? " instanceName=#{@instanceName}" : "" )
+      end
+
+
+      def subnet_routes
+        subnetId = describe_instance.subnet_id
+        subnet_routes_as_array_of_hashes( subnetId )
+      end
+
+
+      private
+
+      # ------------------------------------------------------------------
+      # mixin interface
+
+      def client
+        @ec2Client = Aws::EC2::Client.new
+        return @ec2Client
+      end
+
+      def get_instanceId
+        return @instanceId if @instanceId 
+        options = {
+          dry_run: false,
+          filters: [
+                    { name: "tag:Name", values: [ instanceName  ]},
+                    { name: "instance-state-name", values: [ "running"  ]},
+                   ],
+        }
+
+        @instanceId = describe_instances(options).reservations.first.instances.first.instance_id
+        return @instanceId
+      end
+
+      # ------------------------------------------------------------------
+      # mixin services included
+
+      include AwsMustTemplates::Mixin::EC2
+      include AwsMustTemplates::Mixin::Subnet
+
+    end # class Vpc < Base
+
+    def route_resource_for_ec2( instanceName )
+      AwsRoute.new_for_ec2( instanceName.kind_of?(Serverspec::Type::ValidProperty) ? instanceName.value : instanceName  )
+    end
+
+
+  end # module Type
+end
+
+include Serverspec::Type
+

data/spec/support/lib/aws/security_group_resource.rb

@@ -0,0 +1,120 @@
+require 'aws-sdk'
+require 'serverspec'
+
+require_relative "./mixin_security_group"
+
+module Serverspec
+  module Type
+    class SecurityGroup < Base
+
+      # ------------------------------------------------------------------
+      # attrbutes
+      
+      attr_accessor :instanceName     # ec2 tagged with 'Name' = @instanceName
+
+
+      # ------------------------------------------------------------------
+      # constrcutore
+
+      def self.new_for_ec2( instanceName )
+        raise "must set a 'instanceName' " unless instanceName
+
+        sg = SecurityGroup.new
+        sg.instanceName = instanceName
+        return sg
+      end
+
+      def initialize
+      end
+
+      # ------------------------------------------------------------------
+      # public interface
+
+      def to_s
+        "Security group: " + 
+          ( @instanceName ? " instanceName=#{@instanceName}" : "" )
+      end
+
+      # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html#security-group-rules
+      #  Security group rules are always permissive; you can't create
+      #  rules that deny access.
+      def instance_ingress_rules
+        instance_security_group_ip_permissions
+      end
+
+      def instance_egress_rules
+        instance_security_group_ip_permissions_egress
+      end
+
+      private
+
+      # collect all ingress permissions to an array
+      def instance_security_group_ip_permissions
+        ret = [];
+        describe_security_groups(instance_security_group_ids).
+          inject( ret ){ |ret,group| 
+          group.ip_permissions.each{ |ip_permission| ret << ip_permission.to_h  }}
+        return ret
+      end
+
+      # collect all egress permissions to an array
+      def instance_security_group_ip_permissions_egress
+        ret = [];
+        describe_security_groups(instance_security_group_ids).
+          inject( ret ){ |ret,group| 
+          group.ip_permissions_egress.each{ |ip_permission_egress| ret << ip_permission_egress.to_h  }}
+        return ret
+      end
+
+
+      # security group ids for an instance
+      def instance_security_group_ids
+        instance_security_groups.map{ |group| group.group_id }
+      end
+
+
+      # for an instance
+      def instance_security_groups
+        describe_instance.security_groups
+      end
+
+
+      # ------------------------------------------------------------------
+      # mixin interface
+
+      def client
+        @ec2Client = Aws::EC2::Client.new
+        return @ec2Client
+      end
+
+      def get_instanceId
+        return @instanceId if @instanceId 
+        options = {
+          dry_run: false,
+          filters: [
+                    { name: "tag:Name", values: [ instanceName  ]},
+                    { name: "instance-state-name", values: [ "running"  ]},
+                   ],
+        }
+
+        @instanceId = describe_instances(options).reservations.first.instances.first.instance_id
+        return @instanceId
+      end
+
+      # ------------------------------------------------------------------
+      # mixin services included
+
+      include AwsMustTemplates::Mixin::EC2
+      include AwsMustTemplates::Mixin::SecurityGroup
+
+    end # class Vpc < Base
+
+    def security_group_resource_for_ec2( instanceName )
+      SecurityGroup.new_for_ec2( instanceName.kind_of?(Serverspec::Type::ValidProperty) ? instanceName.value : instanceName  )
+    end
+
+  end # module Type
+end
+
+include Serverspec::Type
+

data/spec/support/lib/aws/vpc_resource.rb

@@ -0,0 +1,69 @@
+require 'aws-sdk'
+require 'serverspec'
+
+
+
+module Serverspec
+  module Type
+
+    class VpcResource < Base
+
+      def initialize( vpcName )
+        raise "must set a 'vpcName' " unless vpcName
+        @vpcName = vpcName
+      end
+
+      def to_s
+        "vpc: '#{@vpcName}'"
+      end
+
+      def is_default?
+        return describe_vpc.is_default
+      end
+
+      # convinience routine to check value of state
+      def is_available?
+        return state == "available"
+      end
+
+      # String, one of "pending", "available"
+      def state
+        return describe_vpc.state
+      end
+      
+      private
+
+      def client
+        @ec2Client = Aws::EC2::Client.new
+        return @ec2Client
+      end
+
+      def describe_vpc
+        vpcs = describe_vpcs
+        # vpc tagged `Name`== @vpcName
+        vpc = vpcs.vpcs.select {|vpc| vpc.tags.select{ |tag| tag['key'] == 'Name' && tag['value'] == @vpcName }.any? }.first
+        raise "No vpc tagged 'Name'='#{@vpcName}'" if vpc.nil?
+        return vpc
+      end
+      
+      # read all vpc
+      def describe_vpcs
+        options = {
+          dry_run: false,
+        }
+        client.describe_vpcs( options )
+      end
+
+
+    end # class Vpc < Base
+
+    def vpc_resource_by_name( vpcName )
+      VpcResource.new( vpcName )
+    end
+
+
+  end # module Type
+end
+
+include Serverspec::Type
+

data/spec/support/lib/suite_value.rb

@@ -0,0 +1,38 @@
+module Serverspec
+  module Type
+
+    class SuiteValue < ValidProperty
+
+      VALID_VALUES = [  :host, 
+                        :instance_name, 
+                        :stack_id,
+                        :suite_id
+                     ]
+
+      def initialize(key)
+        raise <<-EOS  unless VALID_VALUES.include?(key)
+          Invalid suite value #{key}
+
+          Valid values #{VALID_VALUES.join( ', ')}
+        EOS
+        keys = []
+        keys << key
+        @key = key
+        super( keys )
+      end
+
+      def to_s
+        "Suite value '#{@key}'"
+      end
+
+    end # class
+
+    def suite_value( key )
+      SuiteValue.new( key )
+    end
+
+  end
+end
+
+include Serverspec::Type
+

data/spec/support/lib/test_parameter.rb

@@ -3,7 +3,7 @@ module Serverspec
 
     class TestParameter < ValidProperty
 
-      def initialize( role_id, test_parameter_name )
+      def initialize( role_id, test_parameter_name, mandatory )
 
         keys = ["Roles"]
         keys << role_id
@@ -12,9 +12,10 @@ module Serverspec
         @role_id = role_id
         @test_parameter_name = test_parameter_name
 
-        super( keys )
+       super( keys )
+
+        validate if mandatory
 
-        validate
       end
 
       # rpsec description text
@@ -24,18 +25,18 @@ module Serverspec
 
       # error string
       def to_error_s
-        "Test paramater '#{@test_parameter_name}' configuration error in suite '#{ @runner.property[:suite_id]}' test '#{@role_id}'"
+        "Test paramater '#{@test_parameter_name}' configuration error in suite '#{ @runner.property[:suite_id]}' #{ @runner.property[:instance_name] ? 'instance \'' +  @runner.property[:instance_name] + '\'' : ' common ' } test '#{@role_id}' "
       end
 
       # definition in test_suite.yaml (nil if not defined)
       def definition_in_test_suite
-        self.class.superclass.instance_method(:value).bind(self).call
+        self.class.superclass.instance_method(:defined?).bind(self).call
         # method( :value ).super_method.call
       end
 
       # exception unless definition ok
       def validate
-        raise to_error_s unless definition_in_test_suite
+        raise to_error_s unless  definition_in_test_suite
       end
 
       # evaluated value
@@ -45,16 +46,19 @@ module Serverspec
       end
 
       private 
+
+      # value starts with '@' --> lookup in 'properties'
       def param_evaluate( val )
         return val if val.nil? 
+        return val if !!val == val
         return val unless val[0] == "@"
         return resolve_value_for_keys( val[1..-1].split( '.' ) )
       end
 
     end # class
 
-    def test_parameter( role_id, test_parameter_name )
-      TestParameter.new( role_id, test_parameter_name )
+    def test_parameter( role_id, test_parameter_name, mandatory=true )
+      TestParameter.new( role_id, test_parameter_name, mandatory )
     end
 
   end

data/spec/support/lib/valid_property.rb

@@ -17,37 +17,57 @@ module Serverspec
         @value
       end
 
+      # key exist (may be nil)
       # RSpec document output 
       def to_s
         "property with keys #{@keys}" # + " in @runner.property= #{@runner.property}" 
       end
 
-      # return value for '@runner.property'
-      def resolve_value_for_keys( keys )
-
-        props = @runner.property
+      # yield block for final value iterating 'keys' in 'props'
+      def iterate_keys(keys, props )
 
         # iterate keys
-        keys.each do |k| 
+        keys.each_with_index do |k,index| 
           # puts "Prrops=#{props}, k=#{k}"
           if  props.nil?  then
             # fixed point reached
             props = nil
           elsif props.is_a?( Hash ) then
             # recurse down a hash
-            props = props[k] 
+            # props = props[k] 
+            if index == (keys.size() -1 ) then
+              props = yield props, k 
+            else
+              props = props[k] 
+            end
           elsif props.is_a?( Array ) then
             # choose hash with a matching key from an array
-            props = props.select{ |e| e.is_a?(Hash) && e.keys.first == k }.first
-            props = props[k] if props
+            # props = props.select{ |e| e.is_a?(Hash) && e.keys.first == k }.first
+            props = props.select{ |e| e.is_a?(Hash) && e.keys.include?(k) }.first
+            if props then
+              if index == (keys.size() -1) then
+                props = yield props, k
+              else
+                props = props[k] 
+              end
+              # props = props[k] 
+            end
           else
             # unknown case
             props = nil
           end
         end
-        
         return props
+      end
 
+      # is last key defined (value maybe whatever)
+      def defined?
+        iterate_keys( @keys, @runner.property) { |hash,key|  hash.has_key?(key) }
+      end
+
+      # return value for 'keys' in '@runner.property'
+      def resolve_value_for_keys( keys )
+        iterate_keys( keys, @runner.property) { |hash,key|  hash[key] }
       end
 
     end

data/spec/support/spec_helper.rb

@@ -8,7 +8,68 @@ require_relative "./utils.rb"
 # test-suites interface
 require_relative "../../lib/test-suites/test_suites.rb"
 
-# load test-suites.yaml
+
+# ------------------------------------------------------------------
+# Constants 
+
+describe_stacks_command  = 
+  "aws cloudformation describe-stacks"    # read json using aws cli
+
+# SSH client configuration to use
+ssh_config_file = "ssh/config.aws"
+                                          # file to use
+# stack states
+
+SUCESS_STATES  = ["CREATE_COMPLETE", "UPDATE_COMPLETE"]
+FAILURE_STATES = ["CREATE_FAILED", "DELETE_FAILED", "UPDATE_ROLLBACK_FAILED", "ROLLBACK_FAILED", "ROLLBACK_COMPLETE","ROLLBACK_FAILED","UPDATE_ROLLBACK_COMPLETE","UPDATE_ROLLBACK_FAILED"]
+END_STATES     = SUCESS_STATES + FAILURE_STATES
+
+
+# return ssh options for 'hostname_for_instance'
+def read_ssh_options( instance_name, ssh_config_file, options_init )
+
+
+  raise <<-EOS unless File.exist?( ssh_config_file )
+
+   Could not find ssh configuration file in '#{ssh_config_file}'.
+
+   Serverspec uses ssh to connect to #{instance_name}, but no configuration found!
+
+  EOS
+
+
+  # start search for an instance id
+  # puts "read_ssh_options: instance_name:#{instance_name}"
+  host = instance_name
+
+  options = Net::SSH::Config.for( host, [ ssh_config_file ] )
+  # puts "read_ssh_options: host:#{host} --> options#{options}"
+  # options[:verbose] = :info # :debug, :info, :warn, :error, :fatal
+    
+  # mapped to another name?
+  if options[:host_name] then
+    host = options[:host_name]
+    options2 = Net::SSH::Config.for( host, [ ssh_config_file ] )
+    # puts "read_ssh_options: host:#{host} --> options2#{options2}"
+    if options2[:proxy] then
+      # use proxy - if defined
+      options = options2 
+      # keep original host_name where to connect
+      options[:host_name] = host
+    end
+  end
+
+  # puts "read_ssh_options: result host:#{host} --> options#{options}"
+  return options
+
+end
+
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# Main
+
+# ------------------------------------------------------------------
+# load test-suites.yaml to an object
+
 test_suites = AwsMustTemplates::TestSuites::TestSuites.new
 
 # ------------------------------------------------------------------
@@ -31,31 +92,14 @@ end
 # suite.rake sets target ENV for suite and instance id
 
 suite_id            = ENV['TARGET_SUITE_ID']     # test suite being processed
-instance_id         = ENV['TARGET_INSTANCE_ID']  # instance being tested (if any)
+instance_name       = ENV['TARGET_INSTANCE_NAME']  # instance being tested (if any)
 
 # map suite_id to stack_id
 stack_id            = test_suites.get_suite_stack_id(  suite_id )
 
 puts "------------------------------------------------------------------"
-puts "instance_id #{instance_id}" if instance_id
-
-# ------------------------------------------------------------------
-# Constants used in stack
-
-output_key_for_hostname  = instance_id    # Stack Output variable for 
-                                          # ip/hostname for the instance
-
-describe_stacks_command  = 
-  "aws cloudformation describe-stacks"    # read json using aws cli
+puts "instance_name #{instance_name}" if instance_name
 
-# SSH client configuration must be in CWD (=user directory)
-ssh_config_file = "ssh/config"
-                                          # file to use
-# stack states
-
-SUCESS_STATES  = ["CREATE_COMPLETE", "UPDATE_COMPLETE"]
-FAILURE_STATES = ["CREATE_FAILED", "DELETE_FAILED", "UPDATE_ROLLBACK_FAILED", "ROLLBACK_FAILED", "ROLLBACK_COMPLETE","ROLLBACK_FAILED","UPDATE_ROLLBACK_COMPLETE","UPDATE_ROLLBACK_FAILED"]
-END_STATES     = SUCESS_STATES + FAILURE_STATES
 
 # ------------------------------------------------------------------
 # access cloudformation stacks using aws cli
@@ -78,19 +122,16 @@ EOS
 
 raise "Stack '#{stack_id}' status='#{stack_json["StackStatus"]} is not ready (=#{SUCESS_STATES}) '" unless SUCESS_STATES.include?( stack_json["StackStatus"] )
 
-if instance_id then
-  # find output parameter defining hostname (or ip address)
-  hostname_in_stack=stack_json["Outputs"].select {|a| a["OutputKey"] == output_key_for_hostname }.first["OutputValue"]
-  raise "Could not find OutputKey '#{output_key_for_hostname}' in stack '#{stack}' for instance_id '#{instance_id}'" unless hostname_in_stack
-end
+# ------------------------------------------------------------------
+# hash in accessible in spec tests with name 'property' 
 
-# create a hash, which is accessible in spec tests are 'property' 
 properties = {
   "Outputs" =>  stack_json["Outputs"] ? stack_json["Outputs"].inject( {} ) { |r,e| r[e["OutputKey"]] = e["OutputValue"] ; r  } : {},
   "Parameters" => stack_json["Parameters"] ? stack_json["Parameters"].inject( {} ) { |r,e| r[e["ParameterKey"]] = e["ParameterValue"] ; r  }: {},
    # Roles for test (from instance or from common suites)
-  "Roles" => (  instance_id ? test_suites.suite_instance_roles( suite_id,  instance_id ) : test_suites.suite_roles( suite_id ) ),
-  :host => instance_id,
+  "Roles" => (  instance_name ? test_suites.suite_instance_roles( suite_id,  instance_name ) : test_suites.suite_roles( suite_id ) ),
+  :host => instance_name,
+  :instance_name => instance_name,
   :stack_id => stack_id,
   :suite_id=> suite_id,
 }
@@ -104,25 +145,13 @@ set_property properties
 
 # CloudFormatio instance resources are defined in 'ssh_config_file' 
 
-raise <<-EOS unless File.exist?( ssh_config_file )
-
-   Could not find ssh configuration file in '#{ssh_config_file}'.
-
-   Serverspec uses ssh to connect to #{instance_id}, but no configuration found!
-
-EOS
-
-options = Net::SSH::Config.for(instance_id, [ ssh_config_file ] )
-# puts "instance_id #{instance_id}, options=#{options}"
-
-# use ip host_name to access stack resource `instance_id`
-options[:host_name] = hostname_in_stack
+options = read_ssh_options( instance_name, ssh_config_file, {} )
+# puts "instance_name #{instance_name}--> options=#{options}"
 
-options[:user] ||= Etc.getlogin
-
-set :host,        options[:host_name] || instance_id
+set :host,        options[:host_name]#  || instance_name
 set :ssh_options, options
 
+set :request_pty, true
 # Disable sudo
 # set :disable_sudo, true
 
@@ -132,3 +161,5 @@ set :ssh_options, options
 
 # Set PATH
 # set :path, '/sbin:/usr/local/sbin:$PATH'
+
+

data/spec/support/utils.rb

@@ -3,4 +3,8 @@ require_relative "lib/valid_property.rb"
 require_relative "lib/stack_output.rb"
 require_relative "lib/stack_parameter.rb"
 require_relative "lib/test_parameter.rb"
+require_relative "lib/suite_value.rb"
+
+# AWS
+require_relative 'lib/aws/aws'