RubyGems - cfndk - Versions diffs - 0.0.7 → 0.1.2 - Mend

cfndk 0.0.7 → 0.1.2

Files changed (78) hide show

checksums.yaml +5 -5
data/.circleci/config.yml +79 -0
data/.gitignore +1 -1
data/.rspec +2 -0
data/.rspec_parallel +6 -0
data/.simplecov +9 -0
data/Gemfile +11 -1
data/Gemfile.lock +815 -0
data/README.md +269 -76
data/bin/cfndk +3 -18
data/cfndk.gemspec +15 -6
data/docker/Dockerfile +8 -0
data/docker/build.sh +3 -0
data/docker/cfndk.sh +14 -0
data/lib/cfndk.rb +36 -0
data/lib/cfndk/change_set_command.rb +103 -0
data/lib/cfndk/command.rb +125 -119
data/lib/cfndk/config_file_loadable.rb +13 -0
data/lib/cfndk/credential_provider_chain.rb +12 -42
data/lib/cfndk/credential_resolvable.rb +10 -0
data/lib/cfndk/diff.rb +38 -0
data/lib/cfndk/global_config.rb +46 -0
data/lib/cfndk/key_pair.rb +66 -14
data/lib/cfndk/key_pair_command.rb +60 -0
data/lib/cfndk/key_pairs.rb +22 -5
data/lib/cfndk/logger.rb +12 -3
data/lib/cfndk/stack.rb +427 -126
data/lib/cfndk/stack_command.rb +128 -0
data/lib/cfndk/stacks.rb +48 -22
data/lib/cfndk/subcommand_help_returnable.rb +16 -0
data/lib/cfndk/template_packager.rb +210 -0
data/lib/cfndk/uuid.rb +10 -0
data/lib/cfndk/version.rb +1 -1
data/skel/cfndk.yml +4 -0
data/spec/.gitignore +1 -0
data/spec/cfndk_change_set_create_spec.rb +436 -0
data/spec/cfndk_change_set_destroy_spec.rb +160 -0
data/spec/cfndk_change_set_execute_spec.rb +179 -0
data/spec/cfndk_change_set_report_spec.rb +107 -0
data/spec/cfndk_change_set_spec.rb +37 -0
data/spec/cfndk_create_spec.rb +504 -0
data/spec/cfndk_destroy_spec.rb +148 -0
data/spec/cfndk_keypiar_spec.rb +397 -0
data/spec/cfndk_report_spec.rb +164 -0
data/spec/cfndk_spec.rb +103 -0
data/spec/cfndk_stack_create_spec.rb +814 -0
data/spec/cfndk_stack_destroy_spec.rb +225 -0
data/spec/cfndk_stack_report_spec.rb +181 -0
data/spec/cfndk_stack_spec.rb +133 -0
data/spec/cfndk_stack_update_spec.rb +553 -0
data/spec/fixtures/big_vpc.yaml +533 -0
data/spec/fixtures/empty_resource.yaml +2 -0
data/spec/fixtures/iam.json +8 -0
data/spec/fixtures/iam.yaml +38 -0
data/spec/fixtures/iam_different.json +8 -0
data/spec/fixtures/invalid_vpc.yaml +21 -0
data/spec/fixtures/lambda_function/index.js +4 -0
data/spec/fixtures/lambda_function/lambda_function.json +4 -0
data/spec/fixtures/lambda_function/lambda_function.yaml +28 -0
data/spec/fixtures/nested_stack.json +35 -0
data/spec/fixtures/nested_stack.yaml +20 -0
data/spec/fixtures/serverless_function/index.js +4 -0
data/spec/fixtures/serverless_function/serverless_function.json +4 -0
data/spec/fixtures/serverless_function/serverless_function.yaml +21 -0
data/spec/fixtures/sg.json +8 -0
data/spec/fixtures/sg.yaml +27 -0
data/spec/fixtures/sg_different.yaml +22 -0
data/spec/fixtures/stack.json +8 -0
data/spec/fixtures/stack.template.json +39 -0
data/spec/fixtures/stack.yaml +22 -0
data/spec/fixtures/vpc.json +8 -0
data/spec/fixtures/vpc.template.json +40 -0
data/spec/fixtures/vpc.yaml +21 -0
data/spec/fixtures/vpc_different.yaml +21 -0
data/spec/spec_helper.rb +14 -0
data/spec/support/aruba.rb +6 -0
data/vagrant/Vagrantfile +89 -0
metadata +259 -31

@@ -0,0 +1,128 @@
+module CFnDK
+  class StackCommand < Thor
+    include SubcommandHelpReturnable
+    include ConfigFileLoadable
+    include CredentialResolvable
+    class_option :verbose, type: :boolean, aliases: 'v', desc: 'More verbose output.'
+    class_option :color, type: :boolean, default: true, desc: 'Use colored output'
+    class_option :config_path, type: :string, aliases: 'c', default: "#{Dir.getwd}/cfndk.yml", desc: 'The configuration file to use'
+    class_option :stack_names, type: :array, aliases: 's', desc: 'Target stack names'
+    desc 'create', 'Create stack'
+    option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
+    option :properties, type: :hash, aliases: 'p', default: {}, desc: 'Set property'
+    def create
+      CFnDK.logger.info 'create...'.color(:green)
+      data = load_config_data(options)
+      credentials = resolve_credential(data, options)
+      global_config = CFnDK::GlobalConfig.new(data, options)
+      stacks = CFnDK::Stacks.new(data, options, credentials)
+      global_config.pre_command_execute
+      stacks.pre_command_execute
+      stacks.validate
+      stacks.create
+      stacks.post_command_execute
+      global_config.post_command_execute
+      return 0
+    rescue => e
+      CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
+      e.backtrace_locations.each do |line|
+        CFnDK.logger.debug line
+      end
+      return 1
+    end
+    desc 'update', 'Update stack'
+    option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
+    option :properties, type: :hash, aliases: 'p', default: {}, desc: 'Set property'
+    def update
+      CFnDK.logger.info 'update...'.color(:green)
+      data = load_config_data(options)
+      credentials = resolve_credential(data, options)
+      global_config = CFnDK::GlobalConfig.new(data, options)
+      stacks = CFnDK::Stacks.new(data, options, credentials)
+      global_config.pre_command_execute
+      stacks.pre_command_execute
+      stacks.validate
+      stacks.update
+      stacks.post_command_execute
+      global_config.post_command_execute
+      return 0
+    rescue => e
+      CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
+      e.backtrace_locations.each do |line|
+        CFnDK.logger.debug line
+      end
+      return 1
+    end
+    desc 'destroy', 'Destroy stack'
+    option :force, type: :boolean, aliases: 'f', default: false, desc: 'Say yes to all prompts for confirmation'
+    option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
+    def destroy
+      CFnDK.logger.info 'destroy...'.color(:green)
+      data = load_config_data(options)
+      credentials = resolve_credential(data, options)
+      stacks = CFnDK::Stacks.new(data, options, credentials)
+      if options[:force] || yes?('Are you sure you want to destroy? (y/n)', :yellow)
+        stacks.destroy
+        return 0
+      else
+        CFnDK.logger.info 'destroy command was canceled'.color(:green)
+        return 2
+      end
+    rescue => e
+      CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
+      e.backtrace_locations.each do |line|
+        CFnDK.logger.debug line
+      end
+      return 1
+    end
+    desc 'validate', 'Validate stack'
+    def validate
+      CFnDK.logger.info 'validate...'.color(:green)
+      data = load_config_data(options)
+      credentials = resolve_credential(data, options)
+      global_config = CFnDK::GlobalConfig.new(data, options)
+      stacks = CFnDK::Stacks.new(data, options, credentials)
+      global_config.pre_command_execute
+      stacks.pre_command_execute
+      stacks.validate
+      stacks.post_command_execute
+      global_config.post_command_execute
+      return 0
+    rescue => e
+      CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
+      e.backtrace_locations.each do |line|
+        CFnDK.logger.debug line
+      end
+      return 1
+    end
+    desc 'report', 'Report stack'
+    option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
+    option :types, type: :array, default: %w(tag output parameter resource event), desc: 'Report type'
+    def report
+      CFnDK.logger.info 'report...'.color(:green)
+      data = load_config_data(options)
+      credentials = resolve_credential(data, options)
+      stacks = CFnDK::Stacks.new(data, options, credentials)
+      stacks.report
+      return 0
+    rescue => e
+      CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
+      e.backtrace_locations.each do |line|
+        CFnDK.logger.debug line
+      end
+      return 1
+    end
+  end
+end

data/lib/cfndk/stacks.rb CHANGED

@@ -3,8 +3,7 @@ module CFnDK
     def initialize(data, option, credentials)
       @option = option
       @credentials = credentials
-      @logger = CFnDK::Logger.new(option)
+      @global_config = CFnDK::GlobalConfig.new(data, option)
       prepare_stack(data)
       prepare_sequence
     end
@@ -52,48 +51,74 @@ module CFnDK
       end
     end
-    def create_or_changeset
+    def create_change_set
       @sequence.each do |stacks|
-        create_stacks = []
-        changeset_stacks = []
+        wait_until_stacks = []
         stacks.each do |name|
-          if @stacks[name].exits?
-            @stacks[name].create_change_set
-            changeset_stacks.push name
+          wait_until_stacks.push(@stacks[name].create_change_set)
+        end
+        wait_until_stacks.compact!
+        wait_until_stacks.each do |name|
+          @stacks[name].wait_until_create_change_set
+        end
+      end
+    end
+    def execute_change_set
+      @sequence.each do |stacks|
+        created_stacks = []
+        wait_until_stacks = []
+        stacks.each do |name|
+          created_stacks.push(name) if @stacks[name].created?
+          wait_until_stacks.push(@stacks[name].execute_change_set)
+        end
+        wait_until_stacks.compact!
+        wait_until_stacks.each do |name|
+          if created_stacks.include?(name)
+            @stacks[name].wait_until_update
           else
-            @stacks[name].create
-            create_stacks.push name
+            @stacks[name].wait_until_create
           end
         end
-        create_stacks.each do |name|
-          @stacks[name].wait_until_create
+      end
+    end
+    def delete_change_set
+      @sequence.reverse_each do |stacks|
+        stacks.each do |name|
+          @stacks[name].delete_change_set
         end
-        changeset_stacks.each do |name|
-          @stacks[name].wait_until_create_change_set
+      end
+    end
+    def report_change_set
+      @sequence.each do |stacks|
+        stacks.each do |name|
+          @stacks[name].report_change_set
         end
       end
     end
-    def report_stack
+    def report
       @sequence.each do |stacks|
         stacks.each do |name|
-          @stacks[name].report_stack
+          @stacks[name].report
         end
       end
     end
-    def report_stack_resource
+    def pre_command_execute
       @sequence.each do |stacks|
         stacks.each do |name|
-          @stacks[name].report_stack_resource
+          @stacks[name].pre_command_execute
         end
       end
     end
-    def report_event
+    def post_command_execute
       @sequence.each do |stacks|
         stacks.each do |name|
-          @stacks[name].report_event
+          @stacks[name].post_command_execute
         end
       end
     end
@@ -102,8 +127,9 @@ module CFnDK
     def prepare_stack(data)
       @stacks = {}
+      return unless data['stacks'].is_a?(Hash)
       data['stacks'].each do |name, properties|
-        @stacks[name] = Stack.new(name, properties, @option, @credentials)
+        @stacks[name] = Stack.new(name, properties, @option, @global_config, @credentials)
       end
     end
@@ -117,7 +143,7 @@ module CFnDK
             names_of_processed_stack.include? depend_name
           end
         end
-        raise 'There are cyclic dependency or stack is not exit. unprocessed_stack: ' + names_of_upprocessed_stack.join(',') if names.empty?
+        raise "There are cyclic dependency or stack doesn't exist. unprocessed_stack: " + names_of_upprocessed_stack.join(',') if names.empty?
         names_of_processed_stack += names
         names_of_upprocessed_stack -= names
         @sequence.push names

data/lib/cfndk/subcommand_help_returnable.rb ADDED

@@ -0,0 +1,16 @@
+module CFnDK
+  module SubcommandHelpReturnable
+    module ClassMethods
+      def subcommand_help(cmd)
+        desc 'help [COMMAND]', 'Describe subcommands or one specific subcommand'
+        class_eval "
+          def help(command = nil, subcommand = true); super; return 2; end
+  "
+      end
+    end
+    extend ClassMethods
+    def self.included(klass)
+      klass.extend ClassMethods
+    end
+  end
+end

data/lib/cfndk/template_packager.rb ADDED

@@ -0,0 +1,210 @@
+using Polyfill(
+  String: %w[#delete_prefix]
+)
+module CFnDK
+  class TemplatePackager
+    def initialize(template_file, region, package, global_config, s3_client, sts_client)
+      @template_file = template_file
+      @region = region
+      @package = package
+      @global_config = global_config
+      @s3_client = s3_client
+      @sts_client = sts_client
+      @template_body = nil
+      @is_uploaded = false
+    end
+    def large_template?
+      template_body.size > 51200
+    end
+    def template_body
+      package_templte
+    end
+    def upload_template_file
+      key = [@global_config.s3_template_hash, @template_file].compact.join('/')
+      url = "https://s3.amazonaws.com/#{bucket_name}/#{key}"
+      unless @is_uploaded
+        create_bucket
+        @s3_client.put_object(
+          body: template_body,
+          bucket: bucket_name,
+          key: key
+        )
+        @is_uploaded = true
+        CFnDK.logger.info('Put S3 object: ' + url + ' Size: ' + template_body.size.to_s)
+      end
+      url
+    end
+    def package_templte
+      if !@template_body
+        if !@package
+          @template_body = File.open(@template_file, 'r').read
+          return @template_body
+        end
+        orgTemplate = File.open(@template_file, 'r').read
+        CFnDK.logger.debug('Original Template:' + orgTemplate)
+        if is_json?(orgTemplate)
+          data = JSON.parse(orgTemplate)
+        else
+          data = YAML.load(orgTemplate.gsub(/!/, '____CFNDK!____'))
+        end
+        if data['Resources']
+          data['Resources'].each do |k, v|
+            next unless v.key?('Type')
+            t = v['Type']
+            properties = v['Properties'] || {}
+            case t
+            when 'AWS::CloudFormation::Stack' then
+              if properties['TemplateURL'] =~ /^\s*./
+                tp = TemplatePackager.new(File.dirname(@template_file) + '/' + properties['TemplateURL'].sub(/^\s*.\//, ''), @region, @package, @global_config, @s3_client, @sts_client)
+                v['Properties']['TemplateURL'] = tp.upload_template_file
+              end
+            when 'AWS::Lambda::Function' then
+              if properties['Code'].kind_of?(String)
+                result = upload_zip_file(File.dirname(@template_file) + '/' + properties['Code'].sub(/^\s*.\//, ''))
+                v['Properties']['Code'] = {
+                  'S3Bucket' => result['bucket'],
+                  'S3Key' => result['key']
+                }
+              end
+            when 'AWS::Serverless::Function' then
+              if properties['CodeUri'].kind_of?(String)
+                result = upload_zip_file(File.dirname(@template_file) + '/' + properties['CodeUri'].sub(/^\s*.\//, ''))
+                v['Properties']['CodeUri'] = {
+                  'Bucket' => result['bucket'],
+                  'Key' => result['key']
+                }
+              end
+            when 'AWS::Serverless::Api' then
+              if properties['DefinitionUri'].kind_of?(String)
+                result = upload_file(File.dirname(@template_file) + '/' + properties['DefinitionUri'].sub(/^\s*.\//, ''))
+                v['Properties']['DefinitionUri'] = {
+                  'Bucket' => result['bucket'],
+                  'Key' => result['key']
+                }
+              end
+            when 'AWS::ApiGateway::RestApi' then
+              if properties['BodyS3Location'].kind_of?(String)
+                result = upload_file(File.dirname(@template_file) + '/' + properties['BodyS3Location'].sub(/^\s*.\//, ''))
+                v['Properties']['BodyS3Location'] = {
+                  'Bucket' => result['bucket'],
+                  'Key' => result['key']
+                }
+              end
+            end
+            ## TODO support resources
+            # * AWS::AppSync::GraphQLSchema DefinitionS3Location
+            # * AWS::AppSync::Resolver RequestMappingTemplateS3Location
+            # * AWS::AppSync::Resolver ResponseMappingTemplateS3Location
+            # * AWS::ElasticBeanstalk::ApplicationVersion SourceBundle
+            # * AWS::Glue::Job Command ScriptLocation
+            # * AWS::Include Location
+          end
+        end
+        if is_json?(orgTemplate)
+          @template_body = JSON.dump(data)
+        else
+          @template_body = YAML.dump_stream(data).gsub(/____CFNDK!____/, '!')
+        end
+        CFnDK.logger.info('Template Packager diff: ' + @template_file)
+        CFnDK.logger.info(CFnDK.diff(orgTemplate, @template_body).to_s)
+        CFnDK.logger.debug('Package Template size: ' + @template_body.size.to_s)
+        CFnDK.logger.debug('Package Template:' + @template_body)
+      end
+      @template_body
+    end
+    private
+    def upload_zip_file(path)
+      create_bucket
+      key = [@global_config.s3_template_hash, path.sub(/^.\//, '') + ".zip"].compact.join('/')
+      buffer = Zip::OutputStream.write_buffer do |out|
+        Dir.glob(path + '/**/*') do |file|
+          if (!File.directory?(file))
+            out.put_next_entry(file.delete_prefix(path + '/'))
+            out.write(File.open(file, 'r').read)
+          end
+        end
+      end
+      @s3_client.put_object(
+        body: buffer.string,
+        bucket: bucket_name,
+        key: key
+      )
+      url = "https://s3.amazonaws.com/#{bucket_name}/#{key}"
+      CFnDK.logger.info('Put S3 object: ' + url)
+      {
+        'bucket' => bucket_name,
+        'key' => key
+      }
+    end
+    def upload_file(path)
+      create_bucket
+      key = [@global_config.s3_template_hash, path.sub(/^.\//, '')].compact.join('/')
+      @s3_client.put_object(
+        body: File.open(path, 'r').read,
+        bucket: bucket_name,
+        key: key
+      )
+      url = "https://s3.amazonaws.com/#{bucket_name}/#{key}"
+      CFnDK.logger.info('Put S3 object: ' + url)
+      {
+        'bucket' => bucket_name,
+        'key' => key
+      }
+    end
+    def create_bucket
+      begin
+        @s3_client.head_bucket(bucket: bucket_name)
+      rescue Aws::S3::Errors::NotFound, Aws::S3::Errors::Forbidden
+        @s3_client.create_bucket(bucket: bucket_name)
+        CFnDK.logger.info('Creatt S3 bucket: ' + bucket_name)
+        @s3_client.put_bucket_lifecycle_configuration(
+          bucket: bucket_name,
+          lifecycle_configuration: {
+            rules: [
+              {
+                expiration: {
+                  days: 1,
+                },
+                status: 'Enabled',
+                id: 'Delete Old Files',
+                prefix: '',
+                abort_incomplete_multipart_upload: {
+                  days_after_initiation: 1,
+                },
+              },
+            ],
+          }
+        )
+      end
+    end
+    def bucket_name
+      resp = @sts_client.get_caller_identity({})
+      resp.account + '-' + @region + '-' + @global_config.s3_template_bucket
+    end
+    def is_json?(str)
+      begin
+        !!JSON.parse(str)
+      rescue
+        false
+      end
+    end
+  end
+end