banacle 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +4 -4
- data/README.md +3 -1
- data/example/Gemfile.lock +4 -4
- data/lib/banacle/aws_wrapper/nacl.rb +18 -17
- data/lib/banacle/aws_wrapper/vpc.rb +0 -1
- data/lib/banacle/interactive_message/handler.rb +10 -7
- data/lib/banacle/slash_command/command.rb +3 -3
- data/lib/banacle/slash_command/handler.rb +4 -1
- data/lib/banacle/slash_command/parser.rb +5 -0
- data/lib/banacle/version.rb +1 -1
- metadata +2 -3
- data/lib/banacle/aws_wrapper/result.rb +0 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 45572c635e126a7ca610c10387909814e748ef1eebd99c825790bd873039dfb2
|
4
|
+
data.tar.gz: 6092ccd18529bb92d30a931237429f39ea30cec076d93d0eb3b19f41ba8b9af0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '09f7b8c15074e7885f94e00b4f8ba3cbee41aaa21b9ca170b10d15a164b1d1367a1b95fcacc17ea1031d3b0fd3f9278416dffa821cb9722566905ea7e016ff6d'
|
7
|
+
data.tar.gz: 593b016ba1a5d3c560aa12e3f4543dc75639a5e4063f03da51052100d156d86f69f7db2d79253fd9ea18f89747ecd518a55d8e5cf10d693cd4a17bc2505bb455
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
banacle (0.2.
|
4
|
+
banacle (0.2.3)
|
5
5
|
aws-sdk-ec2
|
6
6
|
sinatra
|
7
7
|
unicorn
|
@@ -10,13 +10,13 @@ GEM
|
|
10
10
|
remote: https://rubygems.org/
|
11
11
|
specs:
|
12
12
|
aws-eventstream (1.0.1)
|
13
|
-
aws-partitions (1.
|
14
|
-
aws-sdk-core (3.
|
13
|
+
aws-partitions (1.131.0)
|
14
|
+
aws-sdk-core (3.45.0)
|
15
15
|
aws-eventstream (~> 1.0)
|
16
16
|
aws-partitions (~> 1.0)
|
17
17
|
aws-sigv4 (~> 1.0)
|
18
18
|
jmespath (~> 1.0)
|
19
|
-
aws-sdk-ec2 (1.
|
19
|
+
aws-sdk-ec2 (1.66.0)
|
20
20
|
aws-sdk-core (~> 3, >= 3.39.0)
|
21
21
|
aws-sigv4 (~> 1.0)
|
22
22
|
aws-sigv4 (1.0.3)
|
data/README.md
CHANGED
@@ -27,13 +27,15 @@ Banacle is supposed to be run as a Sinatra server. You can run it simply by `rac
|
|
27
27
|
- `/slack/command`: handle Slash Command
|
28
28
|
- `/slack/message`: handle Interactive Message
|
29
29
|
|
30
|
+
By default, the format of Slack Slash Command is: `/[cmd] [create or delete] [region] [vpc_id or vpc_name] [cidr_blocks]`
|
31
|
+
|
30
32
|
### Customize authentication
|
31
33
|
You can customize Banacle by using request handler modules.
|
32
34
|
See example directory which implements a customized authentication feature for details.
|
33
35
|
|
34
36
|
## Example: ban 1.2.3.4 from my VPC
|
35
37
|
|
36
|
-
Execute
|
38
|
+
Execute a command that create a DENY NACL entry for 1.2.3.4 on a VPC named "test" in ap-northeast-1.
|
37
39
|
|
38
40
|

|
39
41
|
|
data/example/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: ..
|
3
3
|
specs:
|
4
|
-
banacle (0.2.
|
4
|
+
banacle (0.2.3)
|
5
5
|
aws-sdk-ec2
|
6
6
|
sinatra
|
7
7
|
unicorn
|
@@ -10,13 +10,13 @@ GEM
|
|
10
10
|
remote: https://rubygems.org/
|
11
11
|
specs:
|
12
12
|
aws-eventstream (1.0.1)
|
13
|
-
aws-partitions (1.
|
14
|
-
aws-sdk-core (3.
|
13
|
+
aws-partitions (1.131.0)
|
14
|
+
aws-sdk-core (3.45.0)
|
15
15
|
aws-eventstream (~> 1.0)
|
16
16
|
aws-partitions (~> 1.0)
|
17
17
|
aws-sigv4 (~> 1.0)
|
18
18
|
jmespath (~> 1.0)
|
19
|
-
aws-sdk-ec2 (1.
|
19
|
+
aws-sdk-ec2 (1.66.0)
|
20
20
|
aws-sdk-core (~> 3, >= 3.39.0)
|
21
21
|
aws-sigv4 (~> 1.0)
|
22
22
|
aws-sigv4 (1.0.3)
|
@@ -1,6 +1,5 @@
|
|
1
1
|
require 'aws-sdk-ec2'
|
2
2
|
require 'banacle/aws_wrapper/error'
|
3
|
-
require 'banacle/aws_wrapper/result'
|
4
3
|
|
5
4
|
module Banacle
|
6
5
|
module AwsWrapper
|
@@ -8,6 +7,8 @@ module Banacle
|
|
8
7
|
class EntryDuplicatedError < AwsWrapper::Error; end
|
9
8
|
class EntryNotFoundError < AwsWrapper::Error; end
|
10
9
|
|
10
|
+
Result = Struct.new(:cidr_block, :status, :error, :rule_number, keyword_init: true) do; end
|
11
|
+
|
11
12
|
DEFAULT_RULE_NUMBER = 100
|
12
13
|
|
13
14
|
def self.create_network_acl_ingress_entries(region:, vpc_id:, cidr_blocks:)
|
@@ -30,26 +31,24 @@ module Banacle
|
|
30
31
|
|
31
32
|
def create_network_acl_ingress_entries
|
32
33
|
cidr_blocks.map do |cidr_block|
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
end.to_h
|
34
|
+
begin
|
35
|
+
rule_number = create_network_acl_ingress_entry(cidr_block)
|
36
|
+
Result.new(cidr_block: cidr_block, status: true, rule_number: rule_number)
|
37
|
+
rescue AwsWrapper::Error => e
|
38
|
+
Result.new(cidr_block: cidr_block, status: false, error: e)
|
39
|
+
end
|
40
|
+
end
|
41
41
|
end
|
42
42
|
|
43
43
|
def delete_network_acl_entries
|
44
44
|
cidr_blocks.map do |cidr_block|
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
end.to_h
|
45
|
+
begin
|
46
|
+
rule_number = delete_network_acl_entry(cidr_block)
|
47
|
+
Result.new(cidr_block: cidr_block, status: true, rule_number: rule_number)
|
48
|
+
rescue AwsWrapper::Error => e
|
49
|
+
Result.new(cidr_block: cidr_block, status: false, error: e)
|
50
|
+
end
|
51
|
+
end
|
53
52
|
end
|
54
53
|
|
55
54
|
private
|
@@ -95,6 +94,8 @@ module Banacle
|
|
95
94
|
else
|
96
95
|
raise EntryNotFoundError.new("not found")
|
97
96
|
end
|
97
|
+
|
98
|
+
target.rule_number
|
98
99
|
end
|
99
100
|
|
100
101
|
def add_rule_number(num)
|
@@ -22,13 +22,16 @@ module Banacle
|
|
22
22
|
|
23
23
|
self.request = Request.new(raw_request)
|
24
24
|
|
25
|
-
if request.action.approved?
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
25
|
+
json = if request.action.approved?
|
26
|
+
handle_approval
|
27
|
+
elsif request.action.rejected?
|
28
|
+
handle_reject
|
29
|
+
elsif request.action.cancelled?
|
30
|
+
handle_cancellation
|
31
|
+
end
|
32
|
+
puts json
|
33
|
+
|
34
|
+
json
|
32
35
|
end
|
33
36
|
|
34
37
|
private
|
@@ -61,10 +61,10 @@ module Banacle
|
|
61
61
|
end
|
62
62
|
|
63
63
|
def format_results(results)
|
64
|
-
results.map do |
|
65
|
-
t = "#{action} DENY #{cidr_block} => "
|
64
|
+
results.map do |result|
|
65
|
+
t = "#{action} DENY #{result.cidr_block} => "
|
66
66
|
if result.status
|
67
|
-
t += "succeeded"
|
67
|
+
t += "succeeded (rule number: #{result.rule_number})"
|
68
68
|
else
|
69
69
|
t += "error: #{result.error}"
|
70
70
|
end
|
data/lib/banacle/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: banacle
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Takuya Kosugiyama
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-01-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -153,7 +153,6 @@ files:
|
|
153
153
|
- lib/banacle/app.rb
|
154
154
|
- lib/banacle/aws_wrapper/error.rb
|
155
155
|
- lib/banacle/aws_wrapper/nacl.rb
|
156
|
-
- lib/banacle/aws_wrapper/result.rb
|
157
156
|
- lib/banacle/aws_wrapper/vpc.rb
|
158
157
|
- lib/banacle/config.rb
|
159
158
|
- lib/banacle/interactive_message/authenticator.rb
|