cfn-model 0.1.32 → 0.1.33
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cfn-model/transforms/serverless.rb +76 -38
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a9079fef39b645007961bf5837699e02f76b86a587c79f74faf390165a8dcf56
|
|
4
|
+
data.tar.gz: 6b3563c7239a31ad68ddd705649d8ca38b6db1adc061632de39faea256bc77b6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0e38f76f6f5b2d6bddad02c994b492ab7a98211e5049dc62840540acd4435af501fbedb08978d558d76fbfc03757cd3e2253eabd3cbcbbfc41fc4d2b3a6bf270
|
|
7
|
+
data.tar.gz: 434fc11caf6c25f449ad4dcf6bd2c6b63c9ad9bb86ffe1a1a01bdea53a2e3df98763695d98d632940441d755512592a88be634e4fb23645f3c69bdb7baa59a08
|
|
@@ -29,35 +29,75 @@ class CfnModel
|
|
|
29
29
|
uri.split('/')[3..-1].join('/')
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
def s3_uri?(uri)
|
|
33
|
+
if uri.is_a? String
|
|
34
|
+
uri[0..4].eql? 's3://'
|
|
35
|
+
else
|
|
36
|
+
false
|
|
37
|
+
end
|
|
35
38
|
end
|
|
36
39
|
|
|
37
|
-
|
|
38
|
-
|
|
40
|
+
def resolve_globals_function_property(cfn_hash, property_name)
|
|
41
|
+
cfn_hash['Globals']['Function'][property_name]
|
|
42
|
+
end
|
|
39
43
|
|
|
40
|
-
def
|
|
41
|
-
|
|
42
|
-
|
|
44
|
+
def serverless_function_property(serverless_function, cfn_hash, property_name)
|
|
45
|
+
serverless_function['Properties'][property_name] || \
|
|
46
|
+
resolve_globals_function_property(cfn_hash, property_name)
|
|
47
|
+
end
|
|
43
48
|
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
if
|
|
49
|
+
# i question whether we need to carry out the transform this far given cfn_nag
|
|
50
|
+
# likely won't ever opine on bucket names or object keys
|
|
51
|
+
def transform_code_uri(lambda_fn_params, code_uri)
|
|
52
|
+
puts code_uri
|
|
53
|
+
if s3_uri? code_uri
|
|
49
54
|
lambda_fn_params[:code_bucket] = bucket_from_uri code_uri
|
|
50
55
|
lambda_fn_params[:code_key] = object_key_from_uri code_uri
|
|
56
|
+
elsif code_uri.is_a? Hash
|
|
57
|
+
lambda_fn_params[:code_bucket] = code_uri['Bucket']
|
|
58
|
+
lambda_fn_params[:code_key] = code_uri['Key']
|
|
51
59
|
end
|
|
52
|
-
|
|
53
|
-
|
|
60
|
+
lambda_fn_params
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def serverless_function_properties(cfn_hash, serverless_function)
|
|
64
|
+
code_uri = serverless_function_property(serverless_function, cfn_hash, 'CodeUri')
|
|
65
|
+
|
|
66
|
+
lambda_fn_params = {
|
|
67
|
+
handler: serverless_function_property(serverless_function, cfn_hash, 'Handler'),
|
|
68
|
+
runtime: serverless_function_property(serverless_function, cfn_hash, 'Runtime')
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
lambda_fn_params = transform_code_uri(
|
|
72
|
+
lambda_fn_params,
|
|
73
|
+
code_uri
|
|
74
|
+
)
|
|
75
|
+
|
|
76
|
+
lambda_fn_params
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def replace_serverless_function(cfn_hash, resource_name)
|
|
80
|
+
serverless_function = cfn_hash['Resources'][resource_name]
|
|
81
|
+
|
|
82
|
+
lambda_fn_params = serverless_function_properties(cfn_hash, serverless_function)
|
|
83
|
+
|
|
84
|
+
cfn_hash['Resources'][resource_name] = lambda_function lambda_fn_params
|
|
54
85
|
|
|
55
86
|
cfn_hash['Resources']['FunctionNameRole'] = function_name_role
|
|
56
87
|
end
|
|
57
|
-
# rubocop:enable Metrics/AbcSize
|
|
58
|
-
# rubocop:enable Metrics/MethodLength
|
|
59
88
|
|
|
60
|
-
|
|
89
|
+
def lambda_service_can_assume_role
|
|
90
|
+
{
|
|
91
|
+
'Version' => '2012-10-17',
|
|
92
|
+
'Statement' => [
|
|
93
|
+
{
|
|
94
|
+
'Action' => ['sts:AssumeRole'],
|
|
95
|
+
'Effect' => 'Allow',
|
|
96
|
+
'Principal' => { 'Service' => ['lambda.amazonaws.com'] }
|
|
97
|
+
}
|
|
98
|
+
]
|
|
99
|
+
}
|
|
100
|
+
end
|
|
61
101
|
|
|
62
102
|
# Return the hash structure of the 'FunctionNameRole'
|
|
63
103
|
# AWS::IAM::Role resource as created by Serverless transform
|
|
@@ -65,20 +105,23 @@ class CfnModel
|
|
|
65
105
|
{
|
|
66
106
|
'Type' => 'AWS::IAM::Role',
|
|
67
107
|
'Properties' => {
|
|
68
|
-
'ManagedPolicyArns' =>
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
'AssumeRolePolicyDocument' =>
|
|
72
|
-
'Version' => '2012-10-17',
|
|
73
|
-
'Statement' => [{
|
|
74
|
-
'Action' => ['sts:AssumeRole'], 'Effect' => 'Allow',
|
|
75
|
-
'Principal' => { 'Service' => ['lambda.amazonaws.com'] }
|
|
76
|
-
}]
|
|
77
|
-
}
|
|
108
|
+
'ManagedPolicyArns' => [
|
|
109
|
+
'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
|
|
110
|
+
],
|
|
111
|
+
'AssumeRolePolicyDocument' => lambda_service_can_assume_role
|
|
78
112
|
}
|
|
79
113
|
}
|
|
80
114
|
end
|
|
81
|
-
|
|
115
|
+
|
|
116
|
+
def lambda_function_code(fn_resource, code_bucket, code_key)
|
|
117
|
+
if code_bucket && code_key
|
|
118
|
+
fn_resource['Properties']['Code'] = {
|
|
119
|
+
'S3Bucket' => code_bucket,
|
|
120
|
+
'S3Key' => code_key
|
|
121
|
+
}
|
|
122
|
+
end
|
|
123
|
+
fn_resource
|
|
124
|
+
end
|
|
82
125
|
|
|
83
126
|
# Return the hash structure of a AWS::Lambda::Function as created
|
|
84
127
|
# by Serverless transform
|
|
@@ -86,20 +129,15 @@ class CfnModel
|
|
|
86
129
|
code_bucket: nil,
|
|
87
130
|
code_key: nil,
|
|
88
131
|
runtime:)
|
|
89
|
-
fn_resource =
|
|
90
|
-
|
|
132
|
+
fn_resource = {
|
|
133
|
+
'Type' => 'AWS::Lambda::Function',
|
|
91
134
|
'Properties' => {
|
|
92
135
|
'Handler' => handler,
|
|
93
136
|
'Role' => { 'Fn::GetAtt' => %w[FunctionNameRole Arn] },
|
|
94
137
|
'Runtime' => runtime
|
|
95
|
-
} }
|
|
96
|
-
if code_bucket && code_key
|
|
97
|
-
fn_resource['Properties']['Code'] = {
|
|
98
|
-
'S3Bucket' => code_bucket,
|
|
99
|
-
'S3Key' => code_key
|
|
100
138
|
}
|
|
101
|
-
|
|
102
|
-
fn_resource
|
|
139
|
+
}
|
|
140
|
+
lambda_function_code(fn_resource, code_bucket, code_key)
|
|
103
141
|
end
|
|
104
142
|
end
|
|
105
143
|
end
|