cfn-model 0.1.32 → 0.1.33
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/cfn-model/transforms/serverless.rb +76 -38
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a9079fef39b645007961bf5837699e02f76b86a587c79f74faf390165a8dcf56
|
4
|
+
data.tar.gz: 6b3563c7239a31ad68ddd705649d8ca38b6db1adc061632de39faea256bc77b6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0e38f76f6f5b2d6bddad02c994b492ab7a98211e5049dc62840540acd4435af501fbedb08978d558d76fbfc03757cd3e2253eabd3cbcbbfc41fc4d2b3a6bf270
|
7
|
+
data.tar.gz: 434fc11caf6c25f449ad4dcf6bd2c6b63c9ad9bb86ffe1a1a01bdea53a2e3df98763695d98d632940441d755512592a88be634e4fb23645f3c69bdb7baa59a08
|
@@ -29,35 +29,75 @@ class CfnModel
|
|
29
29
|
uri.split('/')[3..-1].join('/')
|
30
30
|
end
|
31
31
|
|
32
|
-
|
33
|
-
|
34
|
-
|
32
|
+
def s3_uri?(uri)
|
33
|
+
if uri.is_a? String
|
34
|
+
uri[0..4].eql? 's3://'
|
35
|
+
else
|
36
|
+
false
|
37
|
+
end
|
35
38
|
end
|
36
39
|
|
37
|
-
|
38
|
-
|
40
|
+
def resolve_globals_function_property(cfn_hash, property_name)
|
41
|
+
cfn_hash['Globals']['Function'][property_name]
|
42
|
+
end
|
39
43
|
|
40
|
-
def
|
41
|
-
|
42
|
-
|
44
|
+
def serverless_function_property(serverless_function, cfn_hash, property_name)
|
45
|
+
serverless_function['Properties'][property_name] || \
|
46
|
+
resolve_globals_function_property(cfn_hash, property_name)
|
47
|
+
end
|
43
48
|
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
if
|
49
|
+
# i question whether we need to carry out the transform this far given cfn_nag
|
50
|
+
# likely won't ever opine on bucket names or object keys
|
51
|
+
def transform_code_uri(lambda_fn_params, code_uri)
|
52
|
+
puts code_uri
|
53
|
+
if s3_uri? code_uri
|
49
54
|
lambda_fn_params[:code_bucket] = bucket_from_uri code_uri
|
50
55
|
lambda_fn_params[:code_key] = object_key_from_uri code_uri
|
56
|
+
elsif code_uri.is_a? Hash
|
57
|
+
lambda_fn_params[:code_bucket] = code_uri['Bucket']
|
58
|
+
lambda_fn_params[:code_key] = code_uri['Key']
|
51
59
|
end
|
52
|
-
|
53
|
-
|
60
|
+
lambda_fn_params
|
61
|
+
end
|
62
|
+
|
63
|
+
def serverless_function_properties(cfn_hash, serverless_function)
|
64
|
+
code_uri = serverless_function_property(serverless_function, cfn_hash, 'CodeUri')
|
65
|
+
|
66
|
+
lambda_fn_params = {
|
67
|
+
handler: serverless_function_property(serverless_function, cfn_hash, 'Handler'),
|
68
|
+
runtime: serverless_function_property(serverless_function, cfn_hash, 'Runtime')
|
69
|
+
}
|
70
|
+
|
71
|
+
lambda_fn_params = transform_code_uri(
|
72
|
+
lambda_fn_params,
|
73
|
+
code_uri
|
74
|
+
)
|
75
|
+
|
76
|
+
lambda_fn_params
|
77
|
+
end
|
78
|
+
|
79
|
+
def replace_serverless_function(cfn_hash, resource_name)
|
80
|
+
serverless_function = cfn_hash['Resources'][resource_name]
|
81
|
+
|
82
|
+
lambda_fn_params = serverless_function_properties(cfn_hash, serverless_function)
|
83
|
+
|
84
|
+
cfn_hash['Resources'][resource_name] = lambda_function lambda_fn_params
|
54
85
|
|
55
86
|
cfn_hash['Resources']['FunctionNameRole'] = function_name_role
|
56
87
|
end
|
57
|
-
# rubocop:enable Metrics/AbcSize
|
58
|
-
# rubocop:enable Metrics/MethodLength
|
59
88
|
|
60
|
-
|
89
|
+
def lambda_service_can_assume_role
|
90
|
+
{
|
91
|
+
'Version' => '2012-10-17',
|
92
|
+
'Statement' => [
|
93
|
+
{
|
94
|
+
'Action' => ['sts:AssumeRole'],
|
95
|
+
'Effect' => 'Allow',
|
96
|
+
'Principal' => { 'Service' => ['lambda.amazonaws.com'] }
|
97
|
+
}
|
98
|
+
]
|
99
|
+
}
|
100
|
+
end
|
61
101
|
|
62
102
|
# Return the hash structure of the 'FunctionNameRole'
|
63
103
|
# AWS::IAM::Role resource as created by Serverless transform
|
@@ -65,20 +105,23 @@ class CfnModel
|
|
65
105
|
{
|
66
106
|
'Type' => 'AWS::IAM::Role',
|
67
107
|
'Properties' => {
|
68
|
-
'ManagedPolicyArns' =>
|
69
|
-
|
70
|
-
|
71
|
-
'AssumeRolePolicyDocument' =>
|
72
|
-
'Version' => '2012-10-17',
|
73
|
-
'Statement' => [{
|
74
|
-
'Action' => ['sts:AssumeRole'], 'Effect' => 'Allow',
|
75
|
-
'Principal' => { 'Service' => ['lambda.amazonaws.com'] }
|
76
|
-
}]
|
77
|
-
}
|
108
|
+
'ManagedPolicyArns' => [
|
109
|
+
'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
|
110
|
+
],
|
111
|
+
'AssumeRolePolicyDocument' => lambda_service_can_assume_role
|
78
112
|
}
|
79
113
|
}
|
80
114
|
end
|
81
|
-
|
115
|
+
|
116
|
+
def lambda_function_code(fn_resource, code_bucket, code_key)
|
117
|
+
if code_bucket && code_key
|
118
|
+
fn_resource['Properties']['Code'] = {
|
119
|
+
'S3Bucket' => code_bucket,
|
120
|
+
'S3Key' => code_key
|
121
|
+
}
|
122
|
+
end
|
123
|
+
fn_resource
|
124
|
+
end
|
82
125
|
|
83
126
|
# Return the hash structure of a AWS::Lambda::Function as created
|
84
127
|
# by Serverless transform
|
@@ -86,20 +129,15 @@ class CfnModel
|
|
86
129
|
code_bucket: nil,
|
87
130
|
code_key: nil,
|
88
131
|
runtime:)
|
89
|
-
fn_resource =
|
90
|
-
|
132
|
+
fn_resource = {
|
133
|
+
'Type' => 'AWS::Lambda::Function',
|
91
134
|
'Properties' => {
|
92
135
|
'Handler' => handler,
|
93
136
|
'Role' => { 'Fn::GetAtt' => %w[FunctionNameRole Arn] },
|
94
137
|
'Runtime' => runtime
|
95
|
-
} }
|
96
|
-
if code_bucket && code_key
|
97
|
-
fn_resource['Properties']['Code'] = {
|
98
|
-
'S3Bucket' => code_bucket,
|
99
|
-
'S3Key' => code_key
|
100
138
|
}
|
101
|
-
|
102
|
-
fn_resource
|
139
|
+
}
|
140
|
+
lambda_function_code(fn_resource, code_bucket, code_key)
|
103
141
|
end
|
104
142
|
end
|
105
143
|
end
|