cfndk 0.0.7 → 0.1.2

data/lib/cfndk/config_file_loadable.rb

@@ -0,0 +1,13 @@
+module CFnDK
+  module ConfigFileLoadable
+    private
+
+    def load_config_data(options)
+      raise "File does not exist. #{options[:config_path]}" unless File.file?(options[:config_path])
+      data = open(options[:config_path], 'r') { |f| YAML.load(f) }
+      return data if data
+      CFnDK.logger.error "File is empty. #{options[:config_path]}".color(:red)
+      nil
+    end
+  end
+end

data/lib/cfndk/credential_provider_chain.rb

@@ -1,12 +1,14 @@
 module CFnDK
   class CredentialProviderChain
-    def initialize(config = nil)
-      @config = config
+    def initialize(profile = nil)
+      @profile = profile
     end
 
     def resolve
       providers.each do |method_name, options|
-        provider = send(method_name, options.merge(config: @config))
+        CFnDK.logger.debug "resolving: #{method_name}"
+        provider = send(method_name, options)
+        CFnDK.logger.debug "resolved: #{method_name}" if provider && provider.set?
         return provider if provider && provider.set?
       end
       nil
@@ -16,30 +18,17 @@ module CFnDK
 
     def providers
       [
-        [:static_credentials, {}],
         [:env_credentials, {}],
         [:assume_role_credentials, {}],
-        [:shared_credentials, {}],
-        [:process_credentials, {}],
+        [:shared_credentials, {profile: @profile}],
         [:instance_profile_credentials, {
-          retries: @config ? @config.instance_profile_credentials_retries : 0,
-          http_open_timeout: @config ? @config.instance_profile_credentials_timeout : 1,
-          http_read_timeout: @config ? @config.instance_profile_credentials_timeout : 1,
+          retries: 0,
+          http_open_timeout: 1,
+          http_read_timeout: 1,
         }],
       ]
     end
 
-    def static_credentials(options)
-      if options[:config]
-        ::Aws::Credentials.new(
-          options[:config].access_key_id,
-          options[:config].secret_access_key,
-          options[:config].session_token)
-      else
-        nil
-      end
-    end
-
     def env_credentials(options)
       key =    %w(AWS_ACCESS_KEY_ID AMAZON_ACCESS_KEY_ID AWS_ACCESS_KEY)
       secret = %w(AWS_SECRET_ACCESS_KEY AMAZON_SECRET_ACCESS_KEY AWS_SECRET_KEY)
@@ -55,8 +44,8 @@ module CFnDK
     end
 
     def shared_credentials(options)
-      if options[:config]
-        ::Aws::SharedCredentials.new(profile_name: options[:config].profile)
+      if options[:profile]
+        ::Aws::SharedCredentials.new(profile_name: options[:profile])
       else
         ::Aws::SharedCredentials.new(
           profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
@@ -65,29 +54,10 @@ module CFnDK
       nil
     end
 
-    def process_credentials(options)
-      profile_name = options[:config].profile if options[:config]
-      profile_name ||= ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE']
-
-      config = ::Aws.shared_config
-      if config.config_enabled? && process_provider = config.credentials_process(profile_name)
-        ::Aws::ProcessCredentials.new(process_provider)
-      else
-        nil
-      end
-    rescue ::Aws::Errors::NoSuchProfileError
-      nil
-    end
-
     def assume_role_credentials(options)
       if ::Aws.shared_config.config_enabled?
         profile = nil
         region = nil
-        if options[:config]
-          profile = options[:config].profile
-          region = options[:config].region
-          assume_role_with_profile(options[:config].profile, options[:config].region)
-        end
         assume_role_with_profile(profile, region)
       else
         nil
@@ -106,7 +76,7 @@ module CFnDK
       ::Aws.shared_config.assume_role_credentials_from_config(
         profile: prof,
         region: region,
-        chain_config: @config
+        chain_config: nil
       )
     end
   end

data/lib/cfndk/credential_resolvable.rb

@@ -0,0 +1,10 @@
+module CFnDK
+  module CredentialResolvable
+    private
+
+    def resolve_credential(data, option)
+      global_config = CFnDK::GlobalConfig.new(data, option)
+      CFnDK::CredentialProviderChain.new(global_config.profile).resolve
+    end
+  end
+end

data/lib/cfndk/diff.rb

@@ -0,0 +1,38 @@
+module CFnDK
+  FORMAT = :unified
+  LINES = 3
+
+  def self.diff(data_old, data_new)
+    result = ''
+
+    file_length_difference = 0
+
+    data_old = data_old.split($/).map { |e| e.chomp }
+    data_new = data_new.split($/).map { |e| e.chomp }
+
+    diffs = Diff::LCS.diff(data_old, data_new)
+    diffs = nil if diffs.empty?
+
+    return '' unless diffs
+
+    oldhunk = hunk = nil
+
+    diffs.each do |piece|
+      begin
+        hunk = Diff::LCS::Hunk.new(data_old, data_new, piece, LINES, file_length_difference)
+        file_length_difference = hunk.file_length_difference
+
+        next unless oldhunk
+        next if LINES.positive? and hunk.merge(oldhunk)
+
+        result << oldhunk.diff(FORMAT) << "\n"
+      ensure
+        oldhunk = hunk
+      end
+    end
+
+    last = oldhunk.diff(FORMAT)
+    last << "\n" if last.respond_to?(:end_with?) && !last.end_with?("\n")
+    result << last
+  end
+end

data/lib/cfndk/global_config.rb

@@ -0,0 +1,46 @@
+module CFnDK
+  class GlobalConfig
+    attr_reader :timeout_in_minutes, :s3_template_bucket, :s3_template_hash, :region, :role_arn, :package, :profile, :pre_command, :post_command
+    def initialize(data, option)
+      @timeout_in_minutes = 1
+      @s3_template_bucket = 'cfndk-templates'
+      @s3_template_hash = Uuid.instance.uuid
+      @region = ENV['AWS_REGION'] || 'us-east-1'
+      @package = false
+      @profile = ENV['AWS_PROFILE'] || nil
+      return unless data['global'].is_a?(Hash)
+      @timeout_in_minutes = data['global']['timeout_in_minutes'] || 1
+      @s3_template_bucket = data['global']['s3_template_bucket'] || 'cfndk-templates'
+      @region = data['global']['region'] || ENV['AWS_REGION'] || 'us-east-1'
+      @package = data['global']['package'] === 'true' ? true : false
+      @role_arn = data['global']['role_arn'] || nil
+      @profile = ENV['AWS_PROFILE'] || data['global']['default_profile'] || nil
+      @pre_command = data['global']['pre_command'] || nil
+      @post_command = data['global']['post_command'] || nil
+    end
+
+    def pre_command_execute
+      if @pre_command
+        CFnDK.logger.info(('execute global pre command: ' + @pre_command).color(:green))
+        IO.popen(@pre_command, :err => [:child, :out]) do |io|
+          io.each_line do |line|
+            CFnDK.logger.info((line).color(:green))
+          end
+        end
+        raise 'global pre command is error. status: ' + $?.exitstatus.to_s + ' command: ' + @pre_command if $?.exitstatus != 0
+      end
+    end
+
+    def post_command_execute
+      if @post_command
+        CFnDK.logger.info(('execute global post command: ' + @post_command).color(:green))
+        IO.popen(@post_command, :err => [:child, :out]) do |io|
+          io.each_line do |line|
+            CFnDK.logger.info((line).color(:green))
+          end
+        end
+        raise 'global post command is error. status: ' + $?.exitstatus.to_s + ' command: ' + @post_command if $?.exitstatus != 0
+      end
+    end
+  end
+end

data/lib/cfndk/key_pair.rb

@@ -1,43 +1,95 @@
 module CFnDK
   class KeyPair
-    attr_reader :key_file
-    def initialize(name, data, option, credentials)
+    attr_reader :key_file, :enabled, :pre_command, :post_command
+    def initialize(name, data, option, global_config, credentials)
+      @global_config = global_config
       @name = name
-      @key_file = nil
-      @key_file = data['key_file'] || nil if data
+      data = {} unless data
+      @key_file = data['key_file'] || nil
+      @region = data['region'] || @global_config.region
+      @pre_command = data['pre_command'] || nil
+      @post_command = data['post_command'] || nil
+      @enabled = true
+      @enabled = false if data['enabled'] === false
       @option = option
-      @logger = CFnDK::Logger.new(option)
-      @client = Aws::EC2::Client.new(credentials: credentials)
+      @client = Aws::EC2::Client.new(credentials: credentials, region: @region)
     end
 
     def create
-      @logger.info(('creating keypair: ' + name).color(:green))
+      return unless @enabled
+      CFnDK.logger.info(('creating keypair: ' + name).color(:green))
       key_pair = @client.create_key_pair(
         key_name: name
       )
-      @logger.info(('created keypair: ' + name).color(:green))
+      CFnDK.logger.info(('created keypair: ' + name).color(:green))
 
       create_key_file(key_pair)
     end
 
     def destroy
-      @logger.info(('deleting keypair: ' + name).color(:green))
-      @client.delete_key_pair(
-        key_name: name
-      )
-      @logger.info(('deleted keypair: ' + name).color(:green))
+      return unless @enabled
+      if exists?
+        CFnDK.logger.info(('deleting keypair: ' + name).color(:green))
+        @client.delete_key_pair(
+          key_name: name
+        )
+        CFnDK.logger.info(('deleted keypair: ' + name).color(:green))
+      else
+        CFnDK.logger.info(('do not delete keypair: ' + name).color(:red))
+      end
+    end
+
+    def exists?
+      !@client.describe_key_pairs(
+        key_names: [
+          name,
+        ]
+      ).key_pairs.empty?
+    rescue Aws::EC2::Errors::InvalidKeyPairNotFound
+      false
     end
 
     def name
       [@name, @option[:uuid]].compact.join('-')
     end
 
+    def original_name
+      @name
+    end
+
+    def pre_command_execute
+      return unless @enabled
+      if @pre_command
+        CFnDK.logger.info(('execute pre command: ' + @pre_command).color(:green))
+        IO.popen(@pre_command, :err => [:child, :out]) do |io|
+          io.each_line do |line|
+            CFnDK.logger.info((line).color(:green))
+          end
+        end
+        raise 'pre command is error. status: ' + $?.exitstatus.to_s + ' command: ' + @pre_command if $?.exitstatus != 0
+      end
+    end
+
+    def post_command_execute
+      return unless @enabled
+      if @post_command
+        CFnDK.logger.info(('execute post command: ' + @post_command).color(:green))
+        IO.popen(@post_command, :err => [:child, :out]) do |io|
+          io.each_line do |line|
+            CFnDK.logger.info((line).color(:green))
+          end
+        end
+        raise 'post command is error. status: ' + $?.exitstatus.to_s + ' command: ' + @post_command if $?.exitstatus != 0
+      end
+    end
+
     private
 
     def create_key_file(key_pair)
       return unless @key_file
       key_file = CFnDK::ErbString.new(@key_file, @option).value
-      @logger.info(('create key file: ' + key_file).color(:green))
+      CFnDK.logger.info(('create key file: ' + key_file).color(:green))
+      FileUtils.mkdir_p(File.dirname(key_file))
       File.write(key_file, key_pair.key_material)
     end
   end

data/lib/cfndk/key_pair_command.rb

@@ -0,0 +1,60 @@
+module CFnDK
+  class KeyPairCommand < Thor
+    include SubcommandHelpReturnable
+    include ConfigFileLoadable
+    include CredentialResolvable
+
+    class_option :verbose, type: :boolean, aliases: 'v', desc: 'More verbose output.'
+    class_option :color, type: :boolean, default: true, desc: 'Use colored output'
+    class_option :config_path, type: :string, aliases: 'c', default: "#{Dir.getwd}/cfndk.yml", desc: 'The configuration file to use'
+    class_option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
+    class_option :keypair_names, type: :array, desc: 'Target keypair names'
+
+    desc 'create', 'Create keypair'
+    option :properties, type: :hash, aliases: 'p', default: {}, desc: 'Set property'
+    def create
+      CFnDK.logger.info 'create...'.color(:green)
+      data = load_config_data(options)
+      credentials = resolve_credential(data, options)
+      global_config = CFnDK::GlobalConfig.new(data, options)
+      keypairs = CFnDK::KeyPairs.new(data, options, credentials)
+
+      global_config.pre_command_execute
+      keypairs.pre_command_execute
+      keypairs.create
+      keypairs.post_command_execute
+      global_config.post_command_execute
+      return 0
+    rescue => e
+      CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
+      e.backtrace_locations.each do |line|
+        CFnDK.logger.debug line
+      end
+      return 1
+    end
+
+    desc 'destroy', 'Destroy keypair'
+    option :force, type: :boolean, aliases: 'f', default: false, desc: 'Say yes to all prompts for confirmation'
+    def destroy
+      CFnDK.logger.info 'destroy...'.color(:green)
+      data = load_config_data(options)
+      credentials = resolve_credential(data, options)
+
+      keypairs = CFnDK::KeyPairs.new(data, options, credentials)
+
+      if options[:force] || yes?('Are you sure you want to destroy? (y/n)', :yellow)
+        keypairs.destroy
+        return 0
+      else
+        CFnDK.logger.info 'destroy command was canceled'.color(:green)
+        return 2
+      end
+    rescue => e
+      CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
+      e.backtrace_locations.each do |line|
+        CFnDK.logger.debug line
+      end
+      return 1
+    end
+  end
+end

data/lib/cfndk/key_pairs.rb

@@ -3,17 +3,34 @@ module CFnDK
     def initialize(data, option, credentials)
       @option = option
       @credentials = credentials
+      @global_config = CFnDK::GlobalConfig.new(data, option)
       prepare_keypairs(data)
     end
 
     def create
-      return if @option[:stack_names].instance_of?(Array)
-      @keypairs.each_value(&:create)
+      @keypairs.each_value do |keypair|
+        next if @option[:keypair_names].instance_of?(Array) && !@option[:keypair_names].include?(keypair.original_name)
+        keypair.create
+      end
     end
 
     def destroy
-      return if @option[:stack_names].instance_of?(Array)
-      @keypairs.each_value(&:destroy)
+      @keypairs.each_value do |keypair|
+        next if @option[:keypair_names].instance_of?(Array) && !@option[:keypair_names].include?(keypair.original_name)
+        keypair.destroy
+      end
+    end
+
+    def pre_command_execute
+      @keypairs.each_value do |keypair|
+        keypair.pre_command_execute
+      end
+    end
+
+    def post_command_execute
+      @keypairs.each_value do |keypair|
+        keypair.post_command_execute
+      end
     end
 
     private
@@ -22,7 +39,7 @@ module CFnDK
       @keypairs = {}
       return unless data['keypairs']
       data['keypairs'].each do |name, properties|
-        @keypairs[name] = KeyPair.new(name, properties, @option, @credentials)
+        @keypairs[name] = KeyPair.new(name, properties, @option, @global_config, @credentials)
       end
     end
   end

data/lib/cfndk/logger.rb

@@ -1,8 +1,17 @@
 module CFnDK
-  class Logger < Logger
-    def initialize(option)
+  def self.logger
+    @logger = CFnDKLogger.new({}) if @logger.nil?
+    @logger
+  end
+
+  def self.logger=(logger)
+    @logger = logger
+  end
+
+  class CFnDKLogger < Logger
+    def initialize(options)
       super(STDOUT)
-      self.level = Logger::INFO unless option[:v]
+      self.level = Logger::INFO unless options[:verbose]
       self.formatter = proc { |severity, datetime, progname, message|
         message.to_s.split(/\n/).map do |line|
           "#{datetime} #{severity} #{line}\n"