cfndk 0.0.7 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.circleci/config.yml +79 -0
- data/.gitignore +1 -1
- data/.rspec +2 -0
- data/.rspec_parallel +6 -0
- data/.simplecov +9 -0
- data/Gemfile +11 -1
- data/Gemfile.lock +815 -0
- data/README.md +269 -76
- data/bin/cfndk +3 -18
- data/cfndk.gemspec +15 -6
- data/docker/Dockerfile +8 -0
- data/docker/build.sh +3 -0
- data/docker/cfndk.sh +14 -0
- data/lib/cfndk.rb +36 -0
- data/lib/cfndk/change_set_command.rb +103 -0
- data/lib/cfndk/command.rb +125 -119
- data/lib/cfndk/config_file_loadable.rb +13 -0
- data/lib/cfndk/credential_provider_chain.rb +12 -42
- data/lib/cfndk/credential_resolvable.rb +10 -0
- data/lib/cfndk/diff.rb +38 -0
- data/lib/cfndk/global_config.rb +46 -0
- data/lib/cfndk/key_pair.rb +66 -14
- data/lib/cfndk/key_pair_command.rb +60 -0
- data/lib/cfndk/key_pairs.rb +22 -5
- data/lib/cfndk/logger.rb +12 -3
- data/lib/cfndk/stack.rb +427 -126
- data/lib/cfndk/stack_command.rb +128 -0
- data/lib/cfndk/stacks.rb +48 -22
- data/lib/cfndk/subcommand_help_returnable.rb +16 -0
- data/lib/cfndk/template_packager.rb +210 -0
- data/lib/cfndk/uuid.rb +10 -0
- data/lib/cfndk/version.rb +1 -1
- data/skel/cfndk.yml +4 -0
- data/spec/.gitignore +1 -0
- data/spec/cfndk_change_set_create_spec.rb +436 -0
- data/spec/cfndk_change_set_destroy_spec.rb +160 -0
- data/spec/cfndk_change_set_execute_spec.rb +179 -0
- data/spec/cfndk_change_set_report_spec.rb +107 -0
- data/spec/cfndk_change_set_spec.rb +37 -0
- data/spec/cfndk_create_spec.rb +504 -0
- data/spec/cfndk_destroy_spec.rb +148 -0
- data/spec/cfndk_keypiar_spec.rb +397 -0
- data/spec/cfndk_report_spec.rb +164 -0
- data/spec/cfndk_spec.rb +103 -0
- data/spec/cfndk_stack_create_spec.rb +814 -0
- data/spec/cfndk_stack_destroy_spec.rb +225 -0
- data/spec/cfndk_stack_report_spec.rb +181 -0
- data/spec/cfndk_stack_spec.rb +133 -0
- data/spec/cfndk_stack_update_spec.rb +553 -0
- data/spec/fixtures/big_vpc.yaml +533 -0
- data/spec/fixtures/empty_resource.yaml +2 -0
- data/spec/fixtures/iam.json +8 -0
- data/spec/fixtures/iam.yaml +38 -0
- data/spec/fixtures/iam_different.json +8 -0
- data/spec/fixtures/invalid_vpc.yaml +21 -0
- data/spec/fixtures/lambda_function/index.js +4 -0
- data/spec/fixtures/lambda_function/lambda_function.json +4 -0
- data/spec/fixtures/lambda_function/lambda_function.yaml +28 -0
- data/spec/fixtures/nested_stack.json +35 -0
- data/spec/fixtures/nested_stack.yaml +20 -0
- data/spec/fixtures/serverless_function/index.js +4 -0
- data/spec/fixtures/serverless_function/serverless_function.json +4 -0
- data/spec/fixtures/serverless_function/serverless_function.yaml +21 -0
- data/spec/fixtures/sg.json +8 -0
- data/spec/fixtures/sg.yaml +27 -0
- data/spec/fixtures/sg_different.yaml +22 -0
- data/spec/fixtures/stack.json +8 -0
- data/spec/fixtures/stack.template.json +39 -0
- data/spec/fixtures/stack.yaml +22 -0
- data/spec/fixtures/vpc.json +8 -0
- data/spec/fixtures/vpc.template.json +40 -0
- data/spec/fixtures/vpc.yaml +21 -0
- data/spec/fixtures/vpc_different.yaml +21 -0
- data/spec/spec_helper.rb +14 -0
- data/spec/support/aruba.rb +6 -0
- data/vagrant/Vagrantfile +89 -0
- metadata +259 -31
@@ -0,0 +1,38 @@
|
|
1
|
+
AWSTemplateFormatVersion: 2010-09-09
|
2
|
+
Description: IAM Stack
|
3
|
+
Parameters:
|
4
|
+
WebRoleName:
|
5
|
+
Description: Name for WebRole
|
6
|
+
Type: String
|
7
|
+
Resources:
|
8
|
+
WebRole:
|
9
|
+
Type: AWS::IAM::Role
|
10
|
+
Properties:
|
11
|
+
AssumeRolePolicyDocument:
|
12
|
+
Version: "2012-10-17"
|
13
|
+
Statement:
|
14
|
+
-
|
15
|
+
Effect: "Allow"
|
16
|
+
Principal:
|
17
|
+
Service:
|
18
|
+
- "ec2.amazonaws.com"
|
19
|
+
Action:
|
20
|
+
- "sts:AssumeRole"
|
21
|
+
Path: "/"
|
22
|
+
Policies:
|
23
|
+
-
|
24
|
+
PolicyName: "root"
|
25
|
+
PolicyDocument:
|
26
|
+
Version: "2012-10-17"
|
27
|
+
Statement:
|
28
|
+
-
|
29
|
+
Effect: "Allow"
|
30
|
+
Action: "*"
|
31
|
+
Resource: "*"
|
32
|
+
RoleName: !Ref WebRoleName
|
33
|
+
Outputs:
|
34
|
+
WebRole:
|
35
|
+
Description: WebIam Role
|
36
|
+
Value: !Ref WebRole
|
37
|
+
Export:
|
38
|
+
Name: !Ref WebRoleName
|
@@ -0,0 +1,21 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Stack1
|
3
|
+
Parameters:
|
4
|
+
VpcName:
|
5
|
+
Description: Name for this VPC
|
6
|
+
Type: String
|
7
|
+
Resources:
|
8
|
+
Vpc:
|
9
|
+
Type: AWS::EC2::VPC
|
10
|
+
Properties:
|
11
|
+
CidrBlock: 192.168.0.0/24
|
12
|
+
EnableDnsHostnames: true
|
13
|
+
Tags:
|
14
|
+
- Key: Name
|
15
|
+
Value: !Sub ${VpcName}-VPC
|
16
|
+
Outputs:
|
17
|
+
VpcId:
|
18
|
+
Description: VPC ID
|
19
|
+
Value: !Ref Vpc
|
20
|
+
Export:
|
21
|
+
Name: !Sub ${VpcName}-VpcId
|
@@ -0,0 +1,28 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Lambda function Stack
|
3
|
+
Resources:
|
4
|
+
LambdaRole:
|
5
|
+
Type: AWS::IAM::Role
|
6
|
+
Properties:
|
7
|
+
AssumeRolePolicyDocument:
|
8
|
+
Statement:
|
9
|
+
-
|
10
|
+
Effect: "Allow"
|
11
|
+
Principal:
|
12
|
+
Service:
|
13
|
+
- "lambda.amazonaws.com"
|
14
|
+
Action:
|
15
|
+
- "sts:AssumeRole"
|
16
|
+
Path: "/"
|
17
|
+
ManagedPolicyArns:
|
18
|
+
- arn:aws:iam::aws:policy/PowerUserAccess
|
19
|
+
LambdaFunction:
|
20
|
+
Type: AWS::Lambda::Function
|
21
|
+
Properties:
|
22
|
+
Code: ./lambda_function
|
23
|
+
Handler: index.handler
|
24
|
+
Role:
|
25
|
+
Fn::GetAtt:
|
26
|
+
- LambdaRole
|
27
|
+
- Arn
|
28
|
+
Runtime: "nodejs12.x"
|
@@ -0,0 +1,35 @@
|
|
1
|
+
{
|
2
|
+
"AWSTemplateFormatVersion": "2010-09-09",
|
3
|
+
"Description": "Stack2",
|
4
|
+
"Parameters": {
|
5
|
+
"VpcId": {
|
6
|
+
"Type": "String"
|
7
|
+
}
|
8
|
+
},
|
9
|
+
"Resources": {
|
10
|
+
"TestSg": {
|
11
|
+
"Type": "AWS::EC2::SecurityGroup",
|
12
|
+
"Properties": {
|
13
|
+
"GroupDescription": "Web ELB Acccess Security Group",
|
14
|
+
"VpcId": {
|
15
|
+
"Ref": "VpcId"
|
16
|
+
},
|
17
|
+
"SecurityGroupIngress": [
|
18
|
+
{
|
19
|
+
"IpProtocol": "tcp",
|
20
|
+
"FromPort": 80,
|
21
|
+
"ToPort": 80,
|
22
|
+
"CidrIp": "0.0.0.0/0",
|
23
|
+
"Description": "Allow HTTP Access From Internet"
|
24
|
+
}
|
25
|
+
],
|
26
|
+
"Tags": [
|
27
|
+
{
|
28
|
+
"Key": "Name",
|
29
|
+
"Value": "TestSg"
|
30
|
+
}
|
31
|
+
]
|
32
|
+
}
|
33
|
+
}
|
34
|
+
}
|
35
|
+
}
|
@@ -0,0 +1,20 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Stack2
|
3
|
+
Parameters:
|
4
|
+
VpcId:
|
5
|
+
Type: String
|
6
|
+
Resources:
|
7
|
+
TestSg:
|
8
|
+
Type: AWS::EC2::SecurityGroup
|
9
|
+
Properties:
|
10
|
+
GroupDescription: Web ELB Acccess Security Group
|
11
|
+
VpcId: !Ref VpcId
|
12
|
+
SecurityGroupIngress:
|
13
|
+
- IpProtocol: tcp
|
14
|
+
FromPort: 80
|
15
|
+
ToPort: 80
|
16
|
+
CidrIp: 0.0.0.0/0
|
17
|
+
Description: Allow HTTP Access From Internet
|
18
|
+
Tags:
|
19
|
+
- Key: Name
|
20
|
+
Value: TestSg
|
@@ -0,0 +1,21 @@
|
|
1
|
+
|
2
|
+
|
3
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
4
|
+
Transform: AWS::Serverless-2016-10-31
|
5
|
+
Resources:
|
6
|
+
ServerlessFunction:
|
7
|
+
Type: AWS::Serverless::Function
|
8
|
+
Properties:
|
9
|
+
FunctionName: serverless-func
|
10
|
+
CodeUri: ./serverless_function
|
11
|
+
Handler: index.handler
|
12
|
+
Runtime: "nodejs12.x"
|
13
|
+
AutoPublishAlias: live
|
14
|
+
Timeout: 10
|
15
|
+
MemorySize: 128
|
16
|
+
|
17
|
+
ServerlessFunctionLogGroup:
|
18
|
+
Type: AWS::Logs::LogGroup
|
19
|
+
Properties:
|
20
|
+
LogGroupName: !Sub /aws/lambda/${ServerlessFunction}
|
21
|
+
RetentionInDays: 14
|
@@ -0,0 +1,27 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Stack2
|
3
|
+
Parameters:
|
4
|
+
VpcName:
|
5
|
+
Description: Name for this VPC
|
6
|
+
Type: String
|
7
|
+
Resources:
|
8
|
+
TestSg:
|
9
|
+
Type: AWS::EC2::SecurityGroup
|
10
|
+
Properties:
|
11
|
+
GroupDescription: Web ELB Acccess Security Group
|
12
|
+
VpcId:
|
13
|
+
Fn::ImportValue: !Sub ${VpcName}-VpcId
|
14
|
+
SecurityGroupIngress:
|
15
|
+
- IpProtocol: tcp
|
16
|
+
FromPort: 80
|
17
|
+
ToPort: 80
|
18
|
+
CidrIp: 0.0.0.0/0
|
19
|
+
Description: Allow HTTP Access From Internet
|
20
|
+
- IpProtocol: tcp
|
21
|
+
FromPort: 443
|
22
|
+
ToPort: 443
|
23
|
+
CidrIp: 0.0.0.0/0
|
24
|
+
Description: Allow HTTPS Access From Internet
|
25
|
+
Tags:
|
26
|
+
- Key: Name
|
27
|
+
Value: TestSg
|
@@ -0,0 +1,22 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Stack2
|
3
|
+
Parameters:
|
4
|
+
VpcName:
|
5
|
+
Description: Name for this VPC
|
6
|
+
Type: String
|
7
|
+
Resources:
|
8
|
+
TestSg:
|
9
|
+
Type: AWS::EC2::SecurityGroup
|
10
|
+
Properties:
|
11
|
+
GroupDescription: Web ELB Acccess Security Group
|
12
|
+
VpcId:
|
13
|
+
Fn::ImportValue: !Sub ${VpcName}-VpcId
|
14
|
+
SecurityGroupIngress:
|
15
|
+
- IpProtocol: tcp
|
16
|
+
FromPort: 80
|
17
|
+
ToPort: 80
|
18
|
+
CidrIp: 0.0.0.0/0
|
19
|
+
Description: Allow HTTP Access From Internet
|
20
|
+
Tags:
|
21
|
+
- Key: Name
|
22
|
+
Value: TestSg
|
@@ -0,0 +1,39 @@
|
|
1
|
+
{
|
2
|
+
"AWSTemplateFormatVersion": "2010-09-09",
|
3
|
+
"Description": "Stack1",
|
4
|
+
"Parameters": {
|
5
|
+
"VpcName": {
|
6
|
+
"Description": "Name for this VPC",
|
7
|
+
"Type": "String"
|
8
|
+
}
|
9
|
+
},
|
10
|
+
"Resources": {
|
11
|
+
"Vpc": {
|
12
|
+
"Type": "AWS::EC2::VPC",
|
13
|
+
"Properties": {
|
14
|
+
"CidrBlock": "192.168.0.0/24",
|
15
|
+
"EnableDnsHostnames": true,
|
16
|
+
"Tags": [
|
17
|
+
{
|
18
|
+
"Key": "Name",
|
19
|
+
"Value": {
|
20
|
+
"Fn::Sub": "${VpcName}-VPC"
|
21
|
+
}
|
22
|
+
}
|
23
|
+
]
|
24
|
+
}
|
25
|
+
},
|
26
|
+
"SgStack": {
|
27
|
+
"Type": "AWS::CloudFormation::Stack",
|
28
|
+
"Properties": {
|
29
|
+
"Parameters": {
|
30
|
+
"VpcId": {
|
31
|
+
"Ref": "Vpc"
|
32
|
+
}
|
33
|
+
},
|
34
|
+
"TemplateURL": "./nested_stack.json",
|
35
|
+
"TimeoutInMinutes": 2
|
36
|
+
}
|
37
|
+
}
|
38
|
+
}
|
39
|
+
}
|
@@ -0,0 +1,22 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Stack1
|
3
|
+
Parameters:
|
4
|
+
VpcName:
|
5
|
+
Description: Name for this VPC
|
6
|
+
Type: String
|
7
|
+
Resources:
|
8
|
+
Vpc:
|
9
|
+
Type: AWS::EC2::VPC
|
10
|
+
Properties:
|
11
|
+
CidrBlock: 192.168.0.0/24
|
12
|
+
EnableDnsHostnames: true
|
13
|
+
Tags:
|
14
|
+
- Key: Name
|
15
|
+
Value: !Sub ${VpcName}-VPC
|
16
|
+
SgStack:
|
17
|
+
Type: AWS::CloudFormation::Stack
|
18
|
+
Properties:
|
19
|
+
Parameters:
|
20
|
+
VpcId: !Ref Vpc
|
21
|
+
TemplateURL: ./nested_stack.yaml
|
22
|
+
TimeoutInMinutes: 2
|
@@ -0,0 +1,40 @@
|
|
1
|
+
{
|
2
|
+
"AWSTemplateFormatVersion": "2010-09-09",
|
3
|
+
"Description": "Stack1",
|
4
|
+
"Parameters": {
|
5
|
+
"VpcName": {
|
6
|
+
"Description": "Name for this VPC",
|
7
|
+
"Type": "String"
|
8
|
+
}
|
9
|
+
},
|
10
|
+
"Resources": {
|
11
|
+
"Vpc": {
|
12
|
+
"Type": "AWS::EC2::VPC",
|
13
|
+
"Properties": {
|
14
|
+
"CidrBlock": "192.168.0.0/24",
|
15
|
+
"EnableDnsHostnames": true,
|
16
|
+
"Tags": [
|
17
|
+
{
|
18
|
+
"Key": "Name",
|
19
|
+
"Value": {
|
20
|
+
"Fn::Sub": "${VpcName}-VPC"
|
21
|
+
}
|
22
|
+
}
|
23
|
+
]
|
24
|
+
}
|
25
|
+
}
|
26
|
+
},
|
27
|
+
"Outputs": {
|
28
|
+
"VpcId": {
|
29
|
+
"Description": "VPC ID",
|
30
|
+
"Value": {
|
31
|
+
"Ref": "Vpc"
|
32
|
+
},
|
33
|
+
"Export": {
|
34
|
+
"Name": {
|
35
|
+
"Fn::Sub": "${VpcName}-VpcId"
|
36
|
+
}
|
37
|
+
}
|
38
|
+
}
|
39
|
+
}
|
40
|
+
}
|
@@ -0,0 +1,21 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Stack1
|
3
|
+
Parameters:
|
4
|
+
VpcName:
|
5
|
+
Description: Name for this VPC
|
6
|
+
Type: String
|
7
|
+
Resources:
|
8
|
+
Vpc:
|
9
|
+
Type: AWS::EC2::VPC
|
10
|
+
Properties:
|
11
|
+
CidrBlock: 192.168.0.0/24
|
12
|
+
EnableDnsHostnames: true
|
13
|
+
Tags:
|
14
|
+
- Key: Name
|
15
|
+
Value: !Sub ${VpcName}-VPC
|
16
|
+
Outputs:
|
17
|
+
VpcId:
|
18
|
+
Description: VPC ID
|
19
|
+
Value: !Ref Vpc
|
20
|
+
Export:
|
21
|
+
Name: !Sub ${VpcName}-VpcId
|
@@ -0,0 +1,21 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Stack1
|
3
|
+
Parameters:
|
4
|
+
VpcName:
|
5
|
+
Description: Name for this VPC
|
6
|
+
Type: String
|
7
|
+
Resources:
|
8
|
+
Vpc:
|
9
|
+
Type: AWS::EC2::VPC
|
10
|
+
Properties:
|
11
|
+
CidrBlock: 192.168.0.0/24
|
12
|
+
EnableDnsHostnames: false
|
13
|
+
Tags:
|
14
|
+
- Key: Name
|
15
|
+
Value: !Sub ${VpcName}-VPC
|
16
|
+
Outputs:
|
17
|
+
VpcId:
|
18
|
+
Description: VPC ID
|
19
|
+
Value: !Ref Vpc
|
20
|
+
Export:
|
21
|
+
Name: !Sub ${VpcName}-VpcId
|