awspec 1.2.0 → 1.3.0

data/lib/awspec/generator/spec/rds_db_parameter_group.rb

@@ -0,0 +1,23 @@
+module Awspec::Generator
+  module Spec
+    class RdsDbParameterGroup
+      include Awspec::Helper::Finder
+      def generate_by_paramater_group(paramater_group)
+        @paramater_group = paramater_group
+        res = select_all_rds_db_parameters(@paramater_group)
+        ERB.new(db_paramater_group_template, nil, '-').result(binding).gsub(/^\n/, '')
+      end
+
+      def db_paramater_group_template
+        template = <<-'EOF'
+describe rds_db_parameter_group('<%= @paramater_group %>') do
+<% res.each do |key, value| %>
+  its('<%= key %>') { should eq '<%= value %>' }
+<% end %>
+end
+EOF
+        template
+      end
+    end
+  end
+end

data/lib/awspec/helper/finder.rb

@@ -1,4 +1,5 @@
 require 'aws-sdk'
+require 'awspec/helper/finder/nlb'
 require 'awspec/helper/finder/alb'
 require 'awspec/helper/finder/vpc'
 require 'awspec/helper/finder/subnet'
@@ -39,6 +40,7 @@ require 'awspec/helper/client_wrap'
 
 module Awspec::Helper
   module Finder
+    include Awspec::Helper::Finder::Nlb
     include Awspec::Helper::Finder::Alb
     include Awspec::Helper::Finder::Vpc
     include Awspec::Helper::Finder::Subnet

data/lib/awspec/helper/finder/autoscaling.rb

@@ -22,6 +22,13 @@ module Awspec::Helper
         res.load_balancer_target_groups
       end
 
+      def select_lb_target_group_by_autoscaling_group_name(name)
+        res = autoscaling_client.describe_load_balancer_target_groups({
+                                                                        auto_scaling_group_name: name
+                                                                      })
+        res.load_balancer_target_groups
+      end
+
       def find_block_device_mapping(id, device_id)
         ret = find_launch_configuration(id).block_device_mappings.select do |device|
           next true if device.device_name == device_id

data/lib/awspec/helper/finder/nlb.rb

@@ -0,0 +1,57 @@
+module Awspec::Helper
+  module Finder
+    module Nlb
+      def find_nlb(id)
+        res = elbv2_client.describe_load_balancers({ names: [id] })
+        res.load_balancers.select do |lb|
+          lb.type == 'network'
+        end.single_resource(id)
+      rescue
+        return nil
+      end
+
+      def select_nlb_by_vpc_id(vpc_id)
+        res = elbv2_client.describe_load_balancers
+        res.load_balancers.select do |lb|
+          lb.vpc_id == vpc_id && lb.type == 'network'
+        end
+      end
+
+      def find_nlb_listener(arn)
+        res = elbv2_client.describe_listeners({ listener_arns: [arn] })
+        res.listeners.single_resource(arn)
+      rescue
+        return nil
+      end
+
+      def find_nlb_target_group(id)
+        res = elbv2_client.describe_target_groups({ names: [id] })
+        httpx_res = res.target_groups.select do |tg|
+          %w(HTTP HTTPS).include?(tg.protocol)
+        end
+        if !httpx_res || httpx_res.empty?
+          raise "ERROR: Found no HTTP nor HTTPS -protocol target group named '#{id}'."
+        end
+        httpx_res.single_resource(id)
+      rescue
+        # Prefer the HTTP/HTTPS protocol target group, but survive without it:
+        begin
+          res.target_groups.single_resource(id)
+        rescue
+          return nil
+        end
+      end
+
+      def select_rule_by_nlb_listener_id(id)
+        selected = []
+        next_marker = nil
+        loop do
+          res = elbv2_client.describe_rules(marker: next_marker, listener_arn: id)
+          selected += res.rules unless res.nil?
+          (res.nil? && next_marker = res.next_marker) || break
+        end
+        selected
+      end
+    end
+  end
+end

data/lib/awspec/helper/finder/rds.rb

@@ -20,6 +20,34 @@ module Awspec::Helper
           db_instance.db_subnet_group.vpc_id == vpc_id
         end
       end
+
+      def select_all_rds_db_parameters(paramater_group)
+        parameters = {}
+        res = rds_client.describe_db_parameters({
+                                                  db_parameter_group_name: paramater_group
+                                                })
+        loop do
+          res.parameters.each do |param|
+            parameters[param.parameter_name] = param.parameter_value
+          end
+          (res.next_page? && res = res.next_page) || break
+        end
+        parameters
+      end
+
+      def select_all_rds_db_cluster_parameters(paramater_group)
+        parameters = {}
+        res = rds_client.describe_db_cluster_parameters({
+                                                          db_cluster_parameter_group_name: paramater_group
+                                                        })
+        loop do
+          res.parameters.each do |param|
+            parameters[param.parameter_name] = param.parameter_value
+          end
+          (res.respond_to?(:next_page?) && res.next_page? && res = res.next_page) || break
+        end
+        parameters
+      end
     end
   end
 end

data/lib/awspec/helper/type.rb

@@ -8,14 +8,16 @@ module Awspec
       require 'awspec/type/account_attribute'
 
       TYPES = %w(
-        alb ami autoscaling_group cloudtrail cloudwatch_alarm cloudwatch_event directconnect_virtual_interface
+        alb alb_listener alb_target_group ami autoscaling_group cloudtrail
+        cloudwatch_alarm cloudwatch_event directconnect_virtual_interface
         ebs ec2 ecr_repository ecs_cluster ecs_container_instance ecs_service ecs_task_definition
         efs elasticache elasticache_cache_parameter_group elasticsearch elb iam_group
         iam_policy iam_role iam_user kms lambda launch_configuration nat_gateway
-        network_acl network_interface rds rds_db_cluster_parameter_group rds_db_parameter_group route53_hosted_zone
+        network_acl network_interface nlb nlb_listener nlb_target_group
+        rds rds_db_cluster_parameter_group rds_db_parameter_group route53_hosted_zone
         route_table s3_bucket security_group ses_identity subnet vpc cloudfront_distribution
         elastictranscoder_pipeline waf_web_acl customer_gateway vpn_gateway vpn_connection internet_gateway acm
-        cloudwatch_logs dynamodb_table eip sqs alb_listener alb_target_group cloudformation_stack
+        cloudwatch_logs dynamodb_table eip sqs cloudformation_stack
       )
 
       ACCOUNT_ATTRIBUTES = %w(

data/lib/awspec/matcher.rb

@@ -61,6 +61,9 @@ require 'awspec/matcher/belong_to_domain'
 # Alb Target Group
 require 'awspec/matcher/belong_to_alb'
 
+# Nlb Target Group
+require 'awspec/matcher/belong_to_nlb'
+
 # VPC
 require 'awspec/matcher/be_connected_to_vpc'
 require 'awspec/matcher/have_vpc_peering_connection'

data/lib/awspec/matcher/belong_to_nlb.rb

@@ -0,0 +1,8 @@
+RSpec::Matchers.define :belong_to_nlb do |nlb_arn|
+  match do |type|
+    return true if type.load_balancer_arns.include?(nlb_arn)
+    ret = type.find_nlb(nlb_arn)
+    return false unless ret
+    type.load_balancer_arns.include?(ret.load_balancer_arn)
+  end
+end

data/lib/awspec/matcher/have_rule.rb

@@ -1,7 +1,8 @@
 RSpec::Matchers.define :have_rule do |rule_id|
   match do |type|
     return type.has_rule?(rule_id, @priority, @action) if type.instance_of?(Awspec::Type::WafWebAcl)
-    type.has_rule?(rule_id, @priority, @conditions, @actions) if type.instance_of?(Awspec::Type::AlbListener)
+    return type.has_rule?(rule_id, @priority, @conditions, @actions) if type.instance_of?(Awspec::Type::AlbListener)
+    type.has_rule?(rule_id, @priority, @conditions, @actions) if type.instance_of?(Awspec::Type::NlbListener)
   end
 
   chain :priority do |priority|

data/lib/awspec/stub/nlb.rb

@@ -0,0 +1,119 @@
+# rubocop:disable Metrics/LineLength
+Aws.config[:elasticloadbalancingv2] = {
+  stub_responses: {
+    describe_load_balancers: {
+      load_balancers: [
+        {
+          load_balancer_arn:
+            'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/app/my-nlb/1aa1bb1cc1ddee11',
+          dns_name:
+            'internal-my-nlb-1551266724.ap-northeast-1.elb.amazonaws.com',
+          canonical_hosted_zone_id: 'A12BCDEDCBA34BC',
+          created_time: Time.new(2017, 4, 4, 9, 00, 00, '+00:00'),
+          load_balancer_name: 'my-nlb',
+          # scheme: 'internal',
+          scheme: 'internet-facing',
+          vpc_id: 'vpc-ab123cde',
+          state:
+            {
+              code: 'active',
+              reason: nil
+            },
+          type: 'network',
+          availability_zones:
+            [
+              {
+                zone_name: 'ap-northeast-1a',
+                subnet_id: 'subnet-1234a567'
+              },
+              {
+                zone_name: 'ap-northeast-1c',
+                subnet_id: 'subnet-abcd7890'
+              }
+            ],
+          ip_address_type: 'ipv4'
+        },
+        {
+          load_balancer_arn:
+            'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/net/my-alb/2aa2bb2cc2ddee22',
+          dns_name:
+            'my-alb-2aa2bb2cc2ddee22.elb.ap-northeast-1.amazonaws.com',
+          canonical_hosted_zone_id: 'N12BCDEDCBN34BC',
+          created_time: Time.new(2017, 4, 4, 9, 00, 00, '+00:00'),
+          load_balancer_name: 'my-alb',
+          scheme: 'internal',
+          vpc_id: 'vpc-ab123cde',
+          state:
+            {
+              code: 'active',
+              reason: nil
+            },
+          type: 'application',
+          availability_zones:
+            [
+              {
+                zone_name: 'ap-northeast-1a',
+                subnet_id: 'subnet-7890ne12'
+              },
+              {
+                zone_name: 'ap-northeast-1c',
+                subnet_id: 'subnet-nnnd1234'
+              }
+            ],
+          ip_address_type: 'ipv4'
+        }
+      ],
+      next_marker: nil
+    },
+    describe_listeners: {
+      listeners: [
+        {
+          default_actions: [
+            {
+              target_group_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:targetgroup/my-targets/73e2d6bc24d8a067',
+              type: 'forward'
+            }
+          ],
+          listener_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:listener/app/my-nlb/1aa1bb1cc1ddee11/f2f7dc8efc522ab2',
+          load_balancer_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/app/my-nlb/1aa1bb1cc1ddee11',
+          port: 80,
+          protocol: 'HTTP'
+        }
+      ]
+    }
+  }
+}
+
+Aws.config[:ec2] = {
+  stub_responses: {
+    describe_subnets: {
+      subnets: [
+        {
+          state: 'available',
+          vpc_id: 'vpc-ab123cde',
+          subnet_id: 'subnet-1234a567',
+          cidr_block: '10.0.1.0/24',
+          tags: [
+            {
+              key: 'Name',
+              value: 'my-subnet'
+            }
+          ]
+        }
+      ]
+    },
+    describe_vpcs: {
+      vpcs: [
+        {
+          vpc_id: 'vpc-ab123cde',
+          tags: [
+            {
+              key: 'Name',
+              value: 'my-vpc'
+            }
+          ]
+        }
+      ]
+    }
+  }
+}

data/lib/awspec/stub/nlb_listener.rb

@@ -0,0 +1,131 @@
+# rubocop:disable Metrics/LineLength
+Aws.config[:elasticloadbalancingv2] = {
+  stub_responses: {
+    describe_load_balancers: {
+      load_balancers: [
+        {
+          load_balancer_arn:
+            'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/app/my-nlb/1aa1bb1cc1ddee11',
+          dns_name:
+            'internal-my-nlb-1551266724.ap-northeast-1.elb.amazonaws.com',
+          canonical_hosted_zone_id: 'A12BCDEDCBA34BC',
+          created_time: Time.new(2017, 4, 4, 9, 00, 00, '+00:00'),
+          load_balancer_name: 'my-nlb',
+          # scheme: 'internal',
+          scheme: 'internet-facing',
+          vpc_id: 'vpc-ab123cde',
+          state:
+            {
+              code: 'active',
+              reason: nil
+            },
+          type: 'network',
+          availability_zones:
+            [
+              {
+                zone_name: 'ap-northeast-1a',
+                subnet_id: 'subnet-1234a567'
+              },
+              {
+                zone_name: 'ap-northeast-1c',
+                subnet_id: 'subnet-abcd7890'
+              }
+            ],
+          ip_address_type: 'ipv4'
+        }
+      ],
+      next_marker: nil
+    },
+    describe_listeners: {
+      listeners: [
+        {
+          default_actions: [
+            {
+              target_group_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:targetgroup/my-targets/73e2d6bc24d8a067',
+              type: 'forward'
+            }
+          ],
+          listener_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:listener/app/my-nlb/1aa1bb1cc1ddee11/f2f7dc8efc522ab2',
+          load_balancer_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/app/my-nlb/1aa1bb1cc1ddee11',
+          port: 80,
+          protocol: 'HTTP'
+        }
+      ]
+    },
+    describe_target_groups: {
+      target_groups: [
+        {
+          health_check_interval_seconds: 30,
+          health_check_path: '/',
+          health_check_port: 'traffic-port',
+          health_check_protocol: 'HTTP',
+          health_check_timeout_seconds: 5,
+          healthy_threshold_count: 5,
+          load_balancer_arns: [
+            'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/app/my-nlb/1aa1bb1cc1ddee11'
+          ],
+          matcher: {
+            http_code: '200'
+          },
+          port: 80,
+          protocol: 'HTTP',
+          target_group_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:targetgroup/my-nlb-target-group/73e2d6bc24d8a067',
+          target_group_name: 'my-nlb-target-group',
+          unhealthy_threshold_count: 2,
+          vpc_id: 'vpc-ab123cde'
+        }
+      ]
+    },
+    describe_rules: {
+      rules: [
+        {
+          actions: [
+            {
+              target_group_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:targetgroup/my-nlb-target-group/73e2d6bc24d8a067',
+              type: 'forward'
+            }
+          ],
+          conditions: [
+          ],
+          is_default: true,
+          priority: 'default',
+          rule_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:listener-rule/app/my-nlb/1aa1bb1cc1ddee11/f2f7dc8efc522ab2/defaaaaaaaultbbbb'
+        }
+      ]
+    }
+  }
+}
+
+Aws.config[:ec2] = {
+  stub_responses: {
+    describe_subnets: {
+      subnets: [
+        {
+          state: 'available',
+          vpc_id: 'vpc-ab123cde',
+          subnet_id: 'subnet-1234a567',
+          cidr_block: '10.0.1.0/24',
+          tags: [
+            {
+              key: 'Name',
+              value: 'my-subnet'
+            }
+          ]
+        }
+      ]
+    },
+    describe_vpcs: {
+      vpcs: [
+        {
+          vpc_id: 'vpc-ab123cde',
+          tags: [
+            {
+              key: 'Name',
+              value: 'my-vpc'
+            }
+          ]
+        }
+      ]
+    }
+  }
+}