awspec-api_gateway_extended 1.2.3

data/lib/awspec/generator/spec/rds_db_cluster_parameter_group.rb

@@ -0,0 +1,23 @@
+module Awspec::Generator
+  module Spec
+    class RdsDbClusterParameterGroup
+      include Awspec::Helper::Finder
+      def generate_by_parameter_group(parameter_group)
+        @parameter_group = parameter_group
+        res = select_all_rds_db_cluster_parameters(@parameter_group)
+        ERB.new(db_cluster_parameter_group_template, nil, '-').result(binding).gsub(/^\n/, '')
+      end
+
+      def db_cluster_parameter_group_template
+        template = <<-'EOF'
+describe rds_db_cluster_parameter_group('<%= @parameter_group %>') do
+<% res.each do |key, value| %>
+  its('<%= key %>') { should eq '<%= value %>' }
+<% end %>
+end
+EOF
+        template
+      end
+    end
+  end
+end

data/lib/awspec/generator/spec/rds_db_parameter_group.rb

@@ -0,0 +1,23 @@
+module Awspec::Generator
+  module Spec
+    class RdsDbParameterGroup
+      include Awspec::Helper::Finder
+      def generate_by_parameter_group(parameter_group)
+        @parameter_group = parameter_group
+        res = select_all_rds_db_parameters(@parameter_group)
+        ERB.new(db_parameter_group_template, nil, '-').result(binding).gsub(/^\n/, '')
+      end
+
+      def db_parameter_group_template
+        template = <<-'EOF'
+describe rds_db_parameter_group('<%= @parameter_group %>') do
+<% res.each do |key, value| %>
+  its('<%= key %>') { should eq '<%= value %>' }
+<% end %>
+end
+EOF
+        template
+      end
+    end
+  end
+end

data/lib/awspec/generator/spec/redshift.rb

@@ -0,0 +1,65 @@
+module Awspec::Generator
+  module Spec
+    class Redshift
+      include Awspec::Helper::Finder
+      def generate_by_vpc_id(vpc_id)
+        describes = %w(
+          node_type master_username db_name availability_zone
+          allow_version_upgrade number_of_nodes publicly_accessible encrypted
+          kms_key_id enhanced_vpc_routing pending_actions maintenance_track_name
+          elastic_resize_number_of_node_options
+        )
+
+        vpc = find_vpc(vpc_id)
+        raise 'Not Found VPC' unless vpc
+        @vpc_id = vpc[:vpc_id]
+        @vpc_tag_name = vpc.tag_name
+        clusters = select_redshift_by_vpc_id(@vpc_id)
+        specs = clusters.map do |cluster|
+          sg_group_names = cluster[:vpc_security_groups].map do |sg|
+            sg_id = sg.vpc_security_group_id
+            ret = find_security_group(sg_id)
+            ret[:group_name]
+          end
+          content = ERB.new(redshift_spec_template, nil, '-').result(binding).gsub(/^\n/, '')
+        end
+        specs.join("\n")
+      end
+
+      # rubocop:disable all
+      def redshift_spec_template
+        template = <<-'EOF'
+describe redshift('<%= cluster.cluster_identifier %>') do
+  it { should exist }
+  it { should be_<%= cluster.cluster_status %> }
+<% describes.each do |describe| %>
+<%- if cluster.members.include?(describe.to_sym) && !cluster[describe.to_sym].nil? -%>
+<%- if cluster[describe].is_a?(String) -%>
+  its(:<%= describe %>) { should eq '<%= cluster[describe] %>' }
+<%- else -%>
+  its(:<%= describe %>) { should eq <%= cluster[describe] %> }
+<%- end -%>
+<%- end -%>
+<% end %>
+<% sg_group_names.each do |sg_group_name| %>
+  it { should have_security_group('<%= sg_group_name %>') }
+<% end %>
+<%- if @vpc_tag_name -%>
+  it { should belong_to_vpc('<%= @vpc_tag_name %>') }
+<%- else -%>
+  it { should belong_to_vpc('<%= @vpc_id %>') }
+<%- end -%>
+  it { should belong_to_cluster_subnet_group('<%= cluster.cluster_subnet_group_name %>') }
+<% cluster.cluster_parameter_groups.each do |pg| %>
+  it { should have_cluster_parameter_group('<%= pg.parameter_group_name %>').parameter_apply_status('<%= pg.parameter_apply_status %>') }
+<% end %>
+<% cluster.tags.each do |tag| %>
+  it { should have_tag('<%= tag.key %>').value('<%= tag.value %>') }
+<% end %>
+end
+EOF
+        template
+      end
+    end
+  end
+end

data/lib/awspec/generator/spec/redshift_cluster_parameter_group.rb

@@ -0,0 +1,23 @@
+module Awspec::Generator
+  module Spec
+    class RedshiftClusterParameterGroup
+      include Awspec::Helper::Finder
+      def generate_by_parameter_group(parameter_group)
+        @parameter_group = parameter_group
+        res = select_all_redshift_cluster_parameters(@parameter_group)
+        ERB.new(redshift_cluster_parameters_spec_template, nil, '-').result(binding).gsub(/^\n/, '')
+      end
+
+      def redshift_cluster_parameters_spec_template
+        template = <<-'EOF'
+describe redshift_cluster_parameter_group('<%= @parameter_group %>') do
+<% res.each do |key, value| %>
+  its('<%= key %>') { should eq '<%= value %>' }
+<% end %>
+end
+EOF
+        template
+      end
+    end
+  end
+end

data/lib/awspec/generator/spec/route53_hosted_zone.rb

@@ -0,0 +1,72 @@
+module Awspec::Generator
+  module Spec
+    class Route53HostedZone
+      include Awspec::Helper::Finder
+      def generate_by_domain_name(id)
+        hosted_zone = find_hosted_zone(id)
+        raise 'Not Found Route53 Hosted Zone' unless hosted_zone
+        id = hosted_zone[:id]
+        selected = []
+        res = @route53_client.list_resource_record_sets({
+                                                          hosted_zone_id: id
+                                                        })
+        loop do
+          selected += res.resource_record_sets
+          break unless res.is_truncated
+
+          res = @route53_client.list_resource_record_sets({
+                                                            hosted_zone_id: id,
+                                                            start_record_name: res.next_record_name,
+                                                            start_record_type: res.next_record_type
+                                                          })
+        end
+
+        resource_record_sets = selected.map do |record_set|
+          generate_linespec(record_set)
+        end
+
+        content = ERB.new(route53_hosted_zone_spec_template, nil, '-').result(binding).gsub(/^\n/, '')
+      end
+
+      def generate_linespec(record_set)
+        name = record_set.name.gsub(/\\052/, '*') # wildcard support
+        if !record_set.resource_records.empty?
+          template = <<-'EOF'
+<% if record_set[:failover] -%>
+it { should have_record_set('<%= name %>').<%= type %>('<%= v %>').ttl(<%= record_set.ttl %>).failover('<%= record_set.failover %>') }
+<%- else -%>
+it { should have_record_set('<%= name %>').<%= type %>('<%= v %>').ttl(<%= record_set.ttl %>) }
+<% end -%>
+EOF
+          v = record_set.resource_records.map { |r| r.value }.join("\n")
+          type = record_set.type.downcase
+        else
+          # ALIAS
+          dns_name = record_set.alias_target.dns_name
+          hosted_zone_id = record_set.alias_target.hosted_zone_id
+          template = <<-'EOF'
+<% if record_set[:failover] -%>
+it { should have_record_set('<%= name %>').alias('<%= dns_name %>', '<%= hosted_zone_id %>').failover('<%= record_set.failover %>') }
+<%- else -%>
+it { should have_record_set('<%= name %>').alias('<%= dns_name %>', '<%= hosted_zone_id %>') }
+<% end -%>
+EOF
+        end
+        ERB.new(template, nil, '-').result(binding)
+      end
+
+      def route53_hosted_zone_spec_template
+        template = <<-'EOF'
+describe route53_hosted_zone('<%= hosted_zone.name %>') do
+  it { should exist }
+  its(:resource_record_set_count) { should eq <%= hosted_zone.resource_record_set_count %> }
+<% resource_record_sets.each do |line| %>
+  <%= line %>
+<% end %>
+end
+EOF
+        template
+      end
+    end
+  end
+end

data/lib/awspec/generator/spec/route_table.rb

@@ -0,0 +1,128 @@
+module Awspec::Generator
+  module Spec
+    class RouteTable
+      include Awspec::Helper::Finder
+      def generate_by_vpc_id(vpc_id)
+        describes = %w(
+        )
+        vpc = find_vpc(vpc_id)
+        raise 'Not Found VPC' unless vpc
+        @vpc_id = vpc[:vpc_id]
+        @vpc_tag_name = vpc.tag_name
+        route_tables = select_route_table_by_vpc_id(@vpc_id)
+        specs = route_tables.map do |route_table|
+          linespecs = generate_route_linespecs(route_table)
+          subnet_linespecs = generate_subnet_linespecs(route_table)
+          route_table_id = route_table[:route_table_id]
+          route_table_tag_name = route_table.tag_name
+          content = ERB.new(route_table_spec_template, nil, '-').result(binding).gsub(/^\n/, '')
+        end
+        specs.join("\n")
+      end
+
+      def generate_route_linespecs(route_table)
+        linespecs = []
+        route_table.routes.each do |route|
+          if route.gateway_id
+            destination = route.destination_cidr_block
+            destination ||= route.destination_prefix_list_id
+            linespecs.push(ERB.new(route_table_spec_gateway_linetemplate, nil, '-').result(binding))
+          end
+          if route.instance_id
+            instance = find_ec2(route.instance_id)
+            linespecs.push(ERB.new(route_table_spec_instance_linetemplate, nil, '-').result(binding)) if instance
+          end
+          if route.vpc_peering_connection_id
+            connection = find_vpc_peering_connection(route.vpc_peering_connection_id)
+            linespecs.push(ERB.new(route_table_spec_connection_linetemplate, nil, '-').result(binding)) if connection
+          end
+          if route.nat_gateway_id
+            linespecs.push(ERB.new(route_table_spec_nat_linetemplate, nil, '-').result(binding))
+          end
+        end
+        linespecs
+      end
+
+      def generate_subnet_linespecs(route_table)
+        linespecs = []
+        route_table.associations.each do |a|
+          next if a.subnet_id.nil?
+          subnet = find_subnet(a.subnet_id)
+          linespecs.push(ERB.new(route_table_spec_subnet_linetemplate, nil, '-').result(binding)) if subnet
+        end
+        linespecs
+      end
+
+      def route_table_spec_gateway_linetemplate
+        template = <<-'EOF'
+it { should have_route('<%= destination %>').target(gateway: '<%= route.gateway_id %>') }
+EOF
+        template
+      end
+
+      def route_table_spec_instance_linetemplate
+        template = <<-'EOF'
+<%- if instance.tag_name -%>
+it { should have_route('<%= route.destination_cidr_block %>').target(instance: '<%= instance.tag_name %>') }
+<%- else -%>
+it { should have_route('<%= route.destination_cidr_block %>').target(instance: '<%= route.instance_id %>') }
+<%- end -%>
+EOF
+        template
+      end
+
+      def route_table_spec_connection_linetemplate
+        template = <<-'EOF'
+<%- if connection.tag_name -%>
+it { should have_route('<%= route.destination_cidr_block %>').target(vpc_peering_connection: '<%= connection.tag_name %>') }
+<%- else -%>
+it { should have_route('<%= route.destination_cidr_block %>').target(vpc_peering_connection: '<%= route.vpc_peering_connection_id %>') }
+<%- end -%>
+EOF
+        template
+      end
+
+      def route_table_spec_nat_linetemplate
+        template = <<-'EOF'
+it { should have_route('<%= route.destination_cidr_block %>').target(nat: '<%= route.nat_gateway_id %>') }
+EOF
+        template
+      end
+
+      def route_table_spec_subnet_linetemplate
+        template = <<-'EOF'
+<%- if subnet.tag_name -%>
+it { should have_subnet('<%= subnet.tag_name %>') }
+<%- else -%>
+it { should have_subnet('<%= subnet.subnet_id %>') }
+<%- end -%>
+EOF
+        template
+      end
+
+      def route_table_spec_template
+        template = <<-'EOF'
+<%- if route_table_tag_name -%>
+describe route_table('<%= route_table_tag_name %>') do
+<%- else -%>
+describe route_table('<%= route_table_id %>') do
+<%- end -%>
+  it { should exist }
+<%- if @vpc_tag_name -%>
+  it { should belong_to_vpc('<%= @vpc_tag_name %>') }
+<%- else -%>
+  it { should belong_to_vpc('<%= @vpc_id %>') }
+<%- end -%>
+<% linespecs.each do |line| %>
+  <%= line %>
+<% end %>
+<% subnet_linespecs.each do |line| %>
+  <%= line %>
+<% end %>
+end
+EOF
+        template
+      end
+    end
+  end
+end

data/lib/awspec/generator/spec/s3_bucket.rb

@@ -0,0 +1,124 @@
+module Awspec::Generator
+  module Spec
+    class S3Bucket
+      include Awspec::Helper::Finder
+      def generate_all
+        buckets = select_all_buckets
+        raise 'Not Found Bucket' if buckets.empty?
+        specs = buckets.map do |bucket|
+          content(bucket)
+        end
+        specs.join("\n")
+      end
+
+      def generate(bucket_name)
+        bucket = find_bucket(bucket_name)
+        content(bucket)
+      end
+
+      def generate_grant_specs(acl)
+        return [] unless acl
+        linespecs = []
+        acl.grants.each do |grant|
+          linespecs.push(ERB.new(grant_linetemplate, nil, '-').result(binding))
+        end
+        linespecs
+      end
+
+      def grant_linetemplate
+        grantee = 'grant.grantee.display_name || grant.grantee.uri || grant.grantee.id'
+        template = <<-EOF
+it { should have_acl_grant(grantee: '<%= #{grantee} %>', permission: '<%= grant.permission %>') }
+        EOF
+        template
+      end
+
+      def generate_lifecycle_rule_transitions_spec(transitions_rule)
+        rules = []
+        transitions_rule.each do |line|
+          elements = []
+          line.each do |k, v|
+            elements << case v
+                        when Numeric
+                          "#{k}: #{v}"
+                        when String
+                          "#{k}: '#{v}'"
+                        else
+                          "#{k}: '#{v.inspect}'"
+                        end
+          end
+          rules << '{ ' + elements.join(', ') + ' }'
+        end
+        '[' + rules.join(', ') + ']'
+      end
+
+      def generate_lifecycle_rule_specs(lifecycle_rule)
+        return [] unless lifecycle_rule
+        linespecs = []
+        lifecycle_rule.rules.each do |rule|
+          transitions = generate_lifecycle_rule_transitions_spec(rule.transitions.map(&:to_h))
+          template = <<-EOF
+it do
+    should have_lifecycle_rule(
+      id: '<%= rule.id %>',
+      <%- if rule.filter && rule.filter.prefix -%>
+      filter: { prefix: '<%= rule.filter.prefix %>' },
+      <%- end -%>
+      <%- rule.noncurrent_version_expiration.to_h.each do |k, v| -%>
+      noncurrent_version_expiration: { <%= k %>: <%= v %> },
+      <%- end -%>
+      <%- rule.expiration.to_h.each do |k, v| -%>
+      expiration: { <%= k %>: <%= v %> },
+      <%- end -%>
+      transitions: <%= transitions %>,
+      status: '<%= rule.status %>'
+    )
+  end
+          EOF
+          linespecs.push(ERB.new(template, nil, '-').result(binding))
+        end
+        linespecs
+      end
+
+      def bucket_spec_template
+        template = <<-'EOF'
+describe s3_bucket('<%= bucket.name %>') do
+  it { should exist }
+<%- if acl -%>
+  its(:acl_owner) { should eq '<%= acl.owner.display_name %>' }
+  its(:acl_grants_count) { should eq <%= acl.grants.count %> }
+<%- end -%>
+<% grant_specs.each do |line| %>
+  <%= line %>
+<% end %>
+<%- if bucket_policy -%>
+  it { should have_policy('<%= bucket_policy %>') }
+<%- end -%>
+<%- if tag -%>
+  it { should have_tag('env').value('dev') }
+<%- end -%>
+<%- if lifecycle_rule -%>
+<% lifecycle_specs.each do |line| %>
+  <%= line %>
+<% end %>
+<%- end -%>
+end
+EOF
+        template
+      end
+
+      private
+
+      def content(bucket)
+        acl = find_bucket_acl(bucket.name)
+        grant_specs = generate_grant_specs(acl)
+        tag = find_bucket_tag(bucket.name, 'env')
+        policy = find_bucket_policy(bucket.name)
+        bucket_policy = policy.policy.read if policy
+        lifecycle_rule = find_bucket_lifecycle_configuration(bucket.name)
+        lifecycle_specs = generate_lifecycle_rule_specs(lifecycle_rule) if lifecycle_rule
+        ERB.new(bucket_spec_template, nil, '-').result(binding).gsub(/^\n/, '')
+      end
+    end
+  end
+end