awspec 1.26.0 → 1.27.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/doc/_resource_types/rds_proxy.md +42 -0
- data/doc/resource_types.md +53 -0
- data/lib/awspec/command/generate.rb +1 -1
- data/lib/awspec/generator/doc/type/rds_proxy.rb +23 -0
- data/lib/awspec/generator/spec/rds_proxy.rb +38 -0
- data/lib/awspec/generator.rb +1 -0
- data/lib/awspec/helper/finder/rds.rb +14 -0
- data/lib/awspec/helper/type.rb +1 -1
- data/lib/awspec/matcher/belong_to_subnet.rb +17 -0
- data/lib/awspec/stub/rds_proxy.rb +85 -0
- data/lib/awspec/type/rds_proxy.rb +67 -0
- data/lib/awspec/version.rb +1 -1
- metadata +7 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 733ec333dd6c4035c558544facf4cf168c74f528c2fd133aa2b89532dcc95a0f
|
4
|
+
data.tar.gz: 7f31ead68d437f29da2948decfd77ac92c8ce9b2e97c60fe5d6346d1a8889f72
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fcd55db64d1b79dd6c81cb8afab7196b6bacc59a0739530192ee3fc38ecef812873d7ab7c9def4fc91991a2e0e8aba70bda5d79b6781f1bd548df6ef168d85ec
|
7
|
+
data.tar.gz: a767de714ea4be5c6e8fbaf5bfd9d520f759750129fe35bae3915cf5811526cbd090d69c93d321856164a053c71c65ad4d115030591c41f6e45a506a5a60f92f
|
@@ -0,0 +1,42 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe rds_proxy('my-rds-proxy') do
|
5
|
+
it { should exist }
|
6
|
+
end
|
7
|
+
```
|
8
|
+
|
9
|
+
### be_available, be_creating, be_deleting, be_incompatible_network, be_insufficient_resource_limits, be_modifying, be_reactivating, be_suspended, be_suspending
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
describe rds_proxy('my-rds-proxy') do
|
13
|
+
it { should be_available }
|
14
|
+
end
|
15
|
+
```
|
16
|
+
|
17
|
+
### have_security_group
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
describe rds_proxy('my-rds-proxy') do
|
21
|
+
it { should have_security_group('sg-5a6b7cd8') }
|
22
|
+
it { should have_security_group('my-db-sg') }
|
23
|
+
end
|
24
|
+
```
|
25
|
+
|
26
|
+
### belong_to_subnet
|
27
|
+
|
28
|
+
```ruby
|
29
|
+
describe rds_proxy('my-rds-proxy') do
|
30
|
+
it { should belong_to_subnet('subnet-8901b123') }
|
31
|
+
it { should belong_to_subnet('db-subnet-a') }
|
32
|
+
end
|
33
|
+
```
|
34
|
+
|
35
|
+
### belong_to_vpc
|
36
|
+
|
37
|
+
```ruby
|
38
|
+
describe rds_proxy('my-rds-proxy') do
|
39
|
+
it { should belong_to_vpc('vpc-ab123cde') }
|
40
|
+
it { should belong_to_vpc('my-vpc') }
|
41
|
+
end
|
42
|
+
```
|
data/doc/resource_types.md
CHANGED
@@ -63,6 +63,7 @@
|
|
63
63
|
| [rds](#rds)
|
64
64
|
| [rds_db_cluster_parameter_group](#rds_db_cluster_parameter_group)
|
65
65
|
| [rds_db_parameter_group](#rds_db_parameter_group)
|
66
|
+
| [rds_proxy](#rds_proxy)
|
66
67
|
| [redshift](#redshift)
|
67
68
|
| [redshift_cluster_parameter_group](#redshift_cluster_parameter_group)
|
68
69
|
| [route53_hosted_zone](#route53_hosted_zone)
|
@@ -2915,6 +2916,58 @@ end
|
|
2915
2916
|
```
|
2916
2917
|
|
2917
2918
|
|
2919
|
+
## <a name="rds_proxy">rds_proxy</a>
|
2920
|
+
|
2921
|
+
RdsProxy resource type.
|
2922
|
+
|
2923
|
+
### exist
|
2924
|
+
|
2925
|
+
```ruby
|
2926
|
+
describe rds_proxy('my-rds-proxy') do
|
2927
|
+
it { should exist }
|
2928
|
+
end
|
2929
|
+
```
|
2930
|
+
|
2931
|
+
|
2932
|
+
### be_available, be_creating, be_deleting, be_incompatible_network, be_insufficient_resource_limits, be_modifying, be_reactivating, be_suspended, be_suspending
|
2933
|
+
|
2934
|
+
```ruby
|
2935
|
+
describe rds_proxy('my-rds-proxy') do
|
2936
|
+
it { should be_available }
|
2937
|
+
end
|
2938
|
+
```
|
2939
|
+
|
2940
|
+
|
2941
|
+
### have_security_group
|
2942
|
+
|
2943
|
+
```ruby
|
2944
|
+
describe rds_proxy('my-rds-proxy') do
|
2945
|
+
it { should have_security_group('sg-5a6b7cd8') }
|
2946
|
+
it { should have_security_group('my-db-sg') }
|
2947
|
+
end
|
2948
|
+
```
|
2949
|
+
|
2950
|
+
|
2951
|
+
### belong_to_subnet
|
2952
|
+
|
2953
|
+
```ruby
|
2954
|
+
describe rds_proxy('my-rds-proxy') do
|
2955
|
+
it { should belong_to_subnet('subnet-8901b123') }
|
2956
|
+
it { should belong_to_subnet('db-subnet-a') }
|
2957
|
+
end
|
2958
|
+
```
|
2959
|
+
|
2960
|
+
|
2961
|
+
### belong_to_vpc
|
2962
|
+
|
2963
|
+
```ruby
|
2964
|
+
describe rds_proxy('my-rds-proxy') do
|
2965
|
+
it { should belong_to_vpc('vpc-ab123cde') }
|
2966
|
+
it { should belong_to_vpc('my-vpc') }
|
2967
|
+
end
|
2968
|
+
```
|
2969
|
+
|
2970
|
+
### its(:vpc_id), its(:db_proxy_name), its(:db_proxy_arn), its(:status), its(:engine_family), its(:vpc_id), its(:vpc_security_group_ids), its(:vpc_subnet_ids), its(:role_arn), its(:endpoint), its(:require_tls), its(:idle_client_timeout), its(:debug_logging), its(:created_date), its(:updated_date)
|
2918
2971
|
## <a name="redshift">redshift</a>
|
2919
2972
|
|
2920
2973
|
Redshift resource type.
|
@@ -11,7 +11,7 @@ module Awspec
|
|
11
11
|
|
12
12
|
types = %w[
|
13
13
|
vpc ec2 rds security_group elb network_acl route_table subnet nat_gateway network_interface alb nlb
|
14
|
-
internet_gateway autoscaling_group alb_listener nlb_listener redshift
|
14
|
+
internet_gateway autoscaling_group alb_listener nlb_listener redshift rds_proxy
|
15
15
|
]
|
16
16
|
|
17
17
|
types.each do |type|
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Awspec::Generator
|
4
|
+
module Doc
|
5
|
+
module Type
|
6
|
+
class RdsProxy < Base
|
7
|
+
def initialize
|
8
|
+
super
|
9
|
+
@type_name = 'RdsProxy'
|
10
|
+
@type = Awspec::Type::RdsProxy.new('my-rds-proxy')
|
11
|
+
@ret = @type.resource_via_client
|
12
|
+
@matchers = [
|
13
|
+
Awspec::Type::RdsProxy::STATES.map { |state| "be_#{state.tr('-', '_')}" }.join(', '),
|
14
|
+
'belong_to_vpc',
|
15
|
+
'belong_to_subnet'
|
16
|
+
]
|
17
|
+
@ignore_matchers = Awspec::Type::RdsProxy::STATES.map { |state| "be_#{state.tr('-', '_')}" }
|
18
|
+
@describes = %w[vpc_id]
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Awspec::Generator
|
4
|
+
module Spec
|
5
|
+
class RdsProxy
|
6
|
+
include Awspec::Helper::Finder
|
7
|
+
def generate_by_vpc_id(vpc_id)
|
8
|
+
vpc = find_vpc(vpc_id)
|
9
|
+
raise 'Not Found VPC' unless vpc
|
10
|
+
|
11
|
+
@vpc_id = vpc[:vpc_id]
|
12
|
+
db_proxies = select_rds_proxy_by_vpc_id(@vpc_id)
|
13
|
+
specs = db_proxies.map do |db_proxy|
|
14
|
+
content = ERB.new(rds_proxy_spec_template, nil, '-').result(binding).gsub(/^\n/, '')
|
15
|
+
end
|
16
|
+
specs.join("\n")
|
17
|
+
end
|
18
|
+
|
19
|
+
# rubocop:disable all
|
20
|
+
def rds_proxy_spec_template
|
21
|
+
template = <<-'EOF'
|
22
|
+
describe rds_proxy('<%= db_proxy.db_proxy_name %>') do
|
23
|
+
it { should exist }
|
24
|
+
it { should be_<%= db_proxy.status %> }
|
25
|
+
it { should belong_to_vpc('<%= @vpc_id %>') }
|
26
|
+
<% db_proxy.vpc_security_group_ids.each do |sg_group_id| %>
|
27
|
+
it { should have_security_group('<%= sg_group_id %>') }
|
28
|
+
<% end %>
|
29
|
+
<% db_proxy.vpc_subnet_ids.each do |subnet_id| %>
|
30
|
+
it { should belong_to_subnet('<%= subnet_id %>') }
|
31
|
+
<% end %>
|
32
|
+
end
|
33
|
+
EOF
|
34
|
+
template
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
data/lib/awspec/generator.rb
CHANGED
@@ -40,6 +40,7 @@ require 'awspec/generator/spec/alb_listener'
|
|
40
40
|
require 'awspec/generator/spec/nlb_listener'
|
41
41
|
require 'awspec/generator/spec/redshift'
|
42
42
|
require 'awspec/generator/spec/redshift_cluster_parameter_group'
|
43
|
+
require 'awspec/generator/spec/rds_proxy'
|
43
44
|
|
44
45
|
# Doc
|
45
46
|
require 'awspec/generator/doc/type'
|
@@ -57,6 +57,20 @@ module Awspec::Helper
|
|
57
57
|
end
|
58
58
|
parameters
|
59
59
|
end
|
60
|
+
|
61
|
+
def find_rds_proxy(db_proxy_name)
|
62
|
+
res = rds_client.describe_db_proxies({
|
63
|
+
db_proxy_name: db_proxy_name
|
64
|
+
})
|
65
|
+
res.db_proxies.single_resource(db_proxy_name)
|
66
|
+
end
|
67
|
+
|
68
|
+
def select_rds_proxy_by_vpc_id(vpc_id)
|
69
|
+
res = rds_client.describe_db_proxies
|
70
|
+
res.db_proxies.select do |db_proxy|
|
71
|
+
db_proxy.vpc_id == vpc_id
|
72
|
+
end
|
73
|
+
end
|
60
74
|
end
|
61
75
|
end
|
62
76
|
end
|
data/lib/awspec/helper/type.rb
CHANGED
@@ -17,7 +17,7 @@ module Awspec
|
|
17
17
|
efs eks eks_nodegroup elasticache elasticache_cache_parameter_group elasticsearch elb emr firehose iam_group
|
18
18
|
iam_policy iam_role iam_user kinesis kms lambda launch_configuration launch_template mq nat_gateway
|
19
19
|
network_acl network_interface nlb nlb_listener nlb_target_group
|
20
|
-
rds rds_db_cluster_parameter_group rds_db_parameter_group route53_hosted_zone
|
20
|
+
rds rds_proxy rds_db_cluster_parameter_group rds_db_parameter_group route53_hosted_zone
|
21
21
|
route_table s3_bucket security_group ses_identity subnet vpc cloudfront_distribution
|
22
22
|
elastictranscoder_pipeline waf_web_acl wafregional_web_acl customer_gateway vpn_gateway vpn_connection
|
23
23
|
internet_gateway acm cloudwatch_logs dynamodb_table eip sqs ssm_parameter cloudformation_stack
|
@@ -32,5 +32,22 @@ RSpec::Matchers.define :belong_to_subnet do |subnet_id|
|
|
32
32
|
|
33
33
|
return ret[:subnet_availability_zone][:name] == type.availability_zone if ret
|
34
34
|
end
|
35
|
+
|
36
|
+
# RDS Proxy
|
37
|
+
if type.instance_of?(Awspec::Type::RdsProxy)
|
38
|
+
subnet_ids = type.resource_via_client[:vpc_subnet_ids]
|
39
|
+
return true if subnet_ids.include?(subnet_id)
|
40
|
+
|
41
|
+
res = type.ec2_client.describe_subnets({
|
42
|
+
filters: [{ name: 'tag:Name', values: [subnet_id] }]
|
43
|
+
})
|
44
|
+
return false unless res
|
45
|
+
|
46
|
+
ret = subnet_ids.find do |s|
|
47
|
+
s == res[:subnets][0][:subnet_id]
|
48
|
+
end
|
49
|
+
|
50
|
+
return ret ? true : false
|
51
|
+
end
|
35
52
|
end
|
36
53
|
end
|
@@ -0,0 +1,85 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
Aws.config[:rds] = {
|
4
|
+
stub_responses: {
|
5
|
+
describe_db_proxies: {
|
6
|
+
db_proxies: [
|
7
|
+
{
|
8
|
+
db_proxy_name: 'my-rds-proxy',
|
9
|
+
db_proxy_arn: 'arn:aws:rds:ap-northeast-1:123456789012:db-proxy:my-rds-proxy',
|
10
|
+
status: 'available',
|
11
|
+
engine_family: 'MYSQL',
|
12
|
+
vpc_id: 'vpc-ab123cde',
|
13
|
+
vpc_security_group_ids: [
|
14
|
+
'sg-5a6b7cd8'
|
15
|
+
],
|
16
|
+
vpc_subnet_ids: [
|
17
|
+
'subnet-8901b123'
|
18
|
+
],
|
19
|
+
auth: [
|
20
|
+
{
|
21
|
+
description: nil,
|
22
|
+
user_name: nil,
|
23
|
+
auth_scheme: 'SECRETS',
|
24
|
+
secret_arn: 'arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:mysql-FShJ8c',
|
25
|
+
iam_auth: 'DISABLED'
|
26
|
+
}
|
27
|
+
],
|
28
|
+
role_arn: 'arn:aws:iam::123456789012:role/service-role/rds-proxy-role-123456789012',
|
29
|
+
endpoint: 'rds-proxy.proxy-abcdefghij12.ap-northeast-1.rds.amazonaws.com',
|
30
|
+
require_tls: true,
|
31
|
+
idle_client_timeout: 5400,
|
32
|
+
debug_logging: false,
|
33
|
+
created_date: Time.local(2022),
|
34
|
+
updated_date: Time.local(2022)
|
35
|
+
}
|
36
|
+
],
|
37
|
+
marker: nil
|
38
|
+
}
|
39
|
+
}
|
40
|
+
}
|
41
|
+
|
42
|
+
Aws.config[:ec2] = {
|
43
|
+
stub_responses: {
|
44
|
+
describe_vpcs: {
|
45
|
+
vpcs: [
|
46
|
+
{
|
47
|
+
vpc_id: 'vpc-ab123cde',
|
48
|
+
tags: [
|
49
|
+
{
|
50
|
+
key: 'Name',
|
51
|
+
value: 'my-vpc'
|
52
|
+
}
|
53
|
+
]
|
54
|
+
}
|
55
|
+
]
|
56
|
+
},
|
57
|
+
describe_security_groups: {
|
58
|
+
security_groups: [
|
59
|
+
{
|
60
|
+
group_id: 'sg-5a6b7cd8',
|
61
|
+
group_name: 'group-name-sg',
|
62
|
+
tags: [
|
63
|
+
{
|
64
|
+
key: 'Name',
|
65
|
+
value: 'my-db-sg'
|
66
|
+
}
|
67
|
+
]
|
68
|
+
}
|
69
|
+
]
|
70
|
+
},
|
71
|
+
describe_subnets: {
|
72
|
+
subnets: [
|
73
|
+
{
|
74
|
+
subnet_id: 'subnet-8901b123',
|
75
|
+
tags: [
|
76
|
+
{
|
77
|
+
key: 'Name',
|
78
|
+
value: 'db-subnet-a'
|
79
|
+
}
|
80
|
+
]
|
81
|
+
}
|
82
|
+
]
|
83
|
+
}
|
84
|
+
}
|
85
|
+
}
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Awspec::Type
|
4
|
+
class RdsProxy < ResourceBase
|
5
|
+
aws_resource Aws::RDS::Types::DBProxy
|
6
|
+
|
7
|
+
def resource_via_client
|
8
|
+
@resource_via_client ||= find_rds_proxy(@display_name)
|
9
|
+
end
|
10
|
+
|
11
|
+
def id
|
12
|
+
@id ||= resource_via_client.db_proxy_name if resource_via_client
|
13
|
+
end
|
14
|
+
|
15
|
+
STATES = %w[
|
16
|
+
available creating deleting incompatible-network
|
17
|
+
insufficient-resource-limits modifying reactivating
|
18
|
+
suspended suspending
|
19
|
+
]
|
20
|
+
|
21
|
+
STATES.each do |state|
|
22
|
+
define_method "#{state.tr('-', '_')}?" do
|
23
|
+
resource_via_client.status == state
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def vpc_id
|
28
|
+
resource_via_client.vpc_id
|
29
|
+
end
|
30
|
+
|
31
|
+
def has_security_group?(sg_id)
|
32
|
+
return true if has_vpc_security_group_id?(sg_id)
|
33
|
+
return true if has_vpc_security_group_name?(sg_id)
|
34
|
+
return true if has_vpc_security_group_tag_name?(sg_id)
|
35
|
+
end
|
36
|
+
|
37
|
+
private
|
38
|
+
|
39
|
+
def has_vpc_security_group_id?(sg_id)
|
40
|
+
resource_via_client.vpc_security_group_ids.include?(sg_id)
|
41
|
+
end
|
42
|
+
|
43
|
+
def has_vpc_security_group_name?(sg_id)
|
44
|
+
sgs = resource_via_client.vpc_security_group_ids
|
45
|
+
res = ec2_client.describe_security_groups({
|
46
|
+
filters: [{ name: 'group-name', values: [sg_id] }]
|
47
|
+
})
|
48
|
+
return false unless res.security_groups.count == 1
|
49
|
+
|
50
|
+
sgs.find do |sg|
|
51
|
+
sg == res.security_groups.first.group_id
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def has_vpc_security_group_tag_name?(sg_id)
|
56
|
+
sgs = resource_via_client.vpc_security_group_ids
|
57
|
+
res = ec2_client.describe_security_groups({
|
58
|
+
filters: [{ name: 'tag:Name', values: [sg_id] }]
|
59
|
+
})
|
60
|
+
return false unless res.security_groups.count == 1
|
61
|
+
|
62
|
+
sgs.find do |sg|
|
63
|
+
sg == res.security_groups.first.group_id
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
data/lib/awspec/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: awspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.27.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- k1LoW
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-07-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: addressable
|
@@ -311,6 +311,7 @@ files:
|
|
311
311
|
- doc/_resource_types/rds_account_attributes.md
|
312
312
|
- doc/_resource_types/rds_db_cluster_parameter_group.md
|
313
313
|
- doc/_resource_types/rds_db_parameter_group.md
|
314
|
+
- doc/_resource_types/rds_proxy.md
|
314
315
|
- doc/_resource_types/redshift.md
|
315
316
|
- doc/_resource_types/redshift_cluster_parameter_group.md
|
316
317
|
- doc/_resource_types/route53_hosted_zone.md
|
@@ -417,6 +418,7 @@ files:
|
|
417
418
|
- lib/awspec/generator/doc/type/rds_account_attributes.rb
|
418
419
|
- lib/awspec/generator/doc/type/rds_db_cluster_parameter_group.rb
|
419
420
|
- lib/awspec/generator/doc/type/rds_db_parameter_group.rb
|
421
|
+
- lib/awspec/generator/doc/type/rds_proxy.rb
|
420
422
|
- lib/awspec/generator/doc/type/redshift.rb
|
421
423
|
- lib/awspec/generator/doc/type/redshift_cluster_parameter_group.rb
|
422
424
|
- lib/awspec/generator/doc/type/route53_hosted_zone.rb
|
@@ -469,6 +471,7 @@ files:
|
|
469
471
|
- lib/awspec/generator/spec/rds.rb
|
470
472
|
- lib/awspec/generator/spec/rds_db_cluster_parameter_group.rb
|
471
473
|
- lib/awspec/generator/spec/rds_db_parameter_group.rb
|
474
|
+
- lib/awspec/generator/spec/rds_proxy.rb
|
472
475
|
- lib/awspec/generator/spec/redshift.rb
|
473
476
|
- lib/awspec/generator/spec/redshift_cluster_parameter_group.rb
|
474
477
|
- lib/awspec/generator/spec/route53_hosted_zone.rb
|
@@ -653,6 +656,7 @@ files:
|
|
653
656
|
- lib/awspec/stub/rds.rb
|
654
657
|
- lib/awspec/stub/rds_db_cluster_parameter_group.rb
|
655
658
|
- lib/awspec/stub/rds_db_parameter_group.rb
|
659
|
+
- lib/awspec/stub/rds_proxy.rb
|
656
660
|
- lib/awspec/stub/redshift.rb
|
657
661
|
- lib/awspec/stub/redshift_cluster_parameter_group.rb
|
658
662
|
- lib/awspec/stub/route53_hosted_zone.rb
|
@@ -745,6 +749,7 @@ files:
|
|
745
749
|
- lib/awspec/type/rds_account_attributes.rb
|
746
750
|
- lib/awspec/type/rds_db_cluster_parameter_group.rb
|
747
751
|
- lib/awspec/type/rds_db_parameter_group.rb
|
752
|
+
- lib/awspec/type/rds_proxy.rb
|
748
753
|
- lib/awspec/type/redshift.rb
|
749
754
|
- lib/awspec/type/redshift_cluster_parameter_group.rb
|
750
755
|
- lib/awspec/type/resource_base.rb
|