cfndk 0.1.1 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.circleci/config.yml +8 -5
- data/.gitignore +1 -0
- data/.rspec +2 -0
- data/Gemfile +0 -11
- data/Gemfile.lock +1069 -587
- data/README.md +124 -10
- data/cfndk.gemspec +7 -2
- data/docker/Dockerfile +8 -0
- data/docker/build.sh +3 -0
- data/docker/cfndk.sh +14 -0
- data/lib/cfndk/change_set_command.rb +14 -8
- data/lib/cfndk/command.rb +14 -6
- data/lib/cfndk/credential_provider_chain.rb +12 -42
- data/lib/cfndk/credential_resolvable.rb +10 -0
- data/lib/cfndk/diff.rb +38 -0
- data/lib/cfndk/global_config.rb +33 -2
- data/lib/cfndk/key_pair.rb +33 -1
- data/lib/cfndk/key_pair_command.rb +10 -3
- data/lib/cfndk/key_pairs.rb +12 -0
- data/lib/cfndk/stack.rb +67 -60
- data/lib/cfndk/stack_command.rb +26 -8
- data/lib/cfndk/stacks.rb +16 -0
- data/lib/cfndk/template_packager.rb +210 -0
- data/lib/cfndk/uuid.rb +10 -0
- data/lib/cfndk/version.rb +1 -1
- data/lib/cfndk.rb +12 -1
- data/spec/cfndk_spec.rb +1 -1
- data/spec/cfndk_stack_create_spec.rb +365 -5
- data/spec/cfndk_stack_destroy_spec.rb +64 -0
- data/spec/cfndk_stack_update_spec.rb +86 -0
- data/spec/fixtures/big_vpc.yaml +533 -0
- data/spec/fixtures/lambda_function/index.js +4 -0
- data/spec/fixtures/lambda_function/lambda_function.json +4 -0
- data/spec/fixtures/lambda_function/lambda_function.yaml +28 -0
- data/spec/fixtures/nested_stack.json +35 -0
- data/spec/fixtures/nested_stack.yaml +20 -0
- data/spec/fixtures/serverless_function/index.js +4 -0
- data/spec/fixtures/serverless_function/serverless_function.json +4 -0
- data/spec/fixtures/serverless_function/serverless_function.yaml +21 -0
- data/spec/fixtures/stack.json +8 -0
- data/spec/fixtures/stack.template.json +39 -0
- data/spec/fixtures/stack.yaml +22 -0
- data/spec/fixtures/vpc.template.json +40 -0
- data/vagrant/Vagrantfile +89 -0
- metadata +117 -13
data/README.md
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
# AWS CloudFormation Development Kit
|
2
2
|
|
3
3
|
This is easy operation/integration support tool for AWS CloudFormation.
|
4
|
+
This tool drives DevOps and Infrastructure as Code.
|
4
5
|
|
5
6
|
[![CircleCI](https://circleci.com/gh/Amakata/cfndk/tree/master.svg?style=svg)](https://circleci.com/gh/Amakata/cfndk/tree/master)
|
6
7
|
|
@@ -18,18 +19,19 @@ kumogata, SparkleFormation, CoffeeFormation など、CloudFormationのテンプ
|
|
18
19
|
* CloudFormationでバージョンコントロールシステムと連動した継続的インテグレーションのための基盤対応
|
19
20
|
* Keypairの作成/削除
|
20
21
|
* コマンド、サブコマンド、冪統性を考慮したコマンドライン体系、オプションの整理、ヘルプの追加
|
21
|
-
* チェンジセットの作成/実行/削除/レポート
|
22
|
+
* チェンジセットの作成/実行/削除/レポート
|
22
23
|
* Keypair/スタック毎のregionのサポート
|
23
24
|
* 512000バイト以上の大きなテンプレートファイルの場合に自動的にS3にテンプレートファイルをアップロードして処理する機能
|
25
|
+
* aws cloudformation package相当の機能(nested templateやlambda functionの自動アップロード) (experimental)
|
24
26
|
* cfndk全体での共通設定
|
25
27
|
|
26
|
-
##
|
28
|
+
## Install
|
27
29
|
|
28
30
|
```
|
29
31
|
$ gem install cfndk
|
30
32
|
```
|
31
33
|
|
32
|
-
##
|
34
|
+
## Usage
|
33
35
|
|
34
36
|
```
|
35
37
|
$ mkdir cfn-project
|
@@ -42,7 +44,7 @@ $ cfndk report
|
|
42
44
|
$ cfndk destroy -f
|
43
45
|
```
|
44
46
|
|
45
|
-
## Credentials
|
47
|
+
## Credentials configuration
|
46
48
|
|
47
49
|
次の順番でCredentialsを評価して最初に有効なCredentialsを使用します。
|
48
50
|
|
@@ -57,7 +59,7 @@ $ cfndk destroy -f
|
|
57
59
|
4. EC2/ECS Instance ProfileによるCredentials
|
58
60
|
* AWS_CONTAINER_CREDENTIALS_RELATIVE_URI環境変数が設定された場合のみECSが使われます。
|
59
61
|
|
60
|
-
##
|
62
|
+
## Command
|
61
63
|
|
62
64
|
### ```init```
|
63
65
|
|
@@ -143,7 +145,7 @@ cfndk changeset help
|
|
143
145
|
|
144
146
|
で確認できます。
|
145
147
|
|
146
|
-
###
|
148
|
+
### option
|
147
149
|
|
148
150
|
#### ```-v --verbose```
|
149
151
|
|
@@ -200,7 +202,7 @@ UUIDが指定されるとチェンジセット名に付加されます。
|
|
200
202
|
他にもオプションはあります。
|
201
203
|
詳細はコマンドヘルプを参照してください。
|
202
204
|
|
203
|
-
##
|
205
|
+
## Environment Variables
|
204
206
|
|
205
207
|
### ```CFNDK_UUID```
|
206
208
|
|
@@ -220,6 +222,9 @@ global:
|
|
220
222
|
region: ap-northeast-1
|
221
223
|
s3_template_bucket: cfndk-templates
|
222
224
|
timeout_in_minutes: 10
|
225
|
+
role_arn: arn:aws:iam::XXXXXXXXXXX:role/XXXXXXXXXXXXX
|
226
|
+
package: true
|
227
|
+
default_profile: profile_name
|
223
228
|
keypairs:
|
224
229
|
Key1:
|
225
230
|
region: us-east-1
|
@@ -232,6 +237,7 @@ stacks:
|
|
232
237
|
parameter_input: stack1/env.json
|
233
238
|
parameters:
|
234
239
|
VpcName: Prod<%= append_uuid %>
|
240
|
+
package: true
|
235
241
|
Stack2:
|
236
242
|
template_file: stack2/stack2.yaml
|
237
243
|
parameter_input: stack2/env.json
|
@@ -241,7 +247,7 @@ stacks:
|
|
241
247
|
- CAPABILITY_IAM
|
242
248
|
- CAPABILITY_NAMED_IAM
|
243
249
|
depends:
|
244
|
-
- Stack1
|
250
|
+
- Stack1
|
245
251
|
timeout_in_minutes: 10
|
246
252
|
```
|
247
253
|
|
@@ -250,10 +256,17 @@ global:
|
|
250
256
|
region: [String]
|
251
257
|
s3_template_bucket: [String]
|
252
258
|
timeout_in_minutes: [Integer]
|
259
|
+
package: [Boolean]
|
260
|
+
default_profile: [String]
|
261
|
+
pre_command: [String]
|
262
|
+
post_command: [String]
|
253
263
|
keypairs:
|
254
264
|
[String]:
|
255
265
|
region: [String]
|
256
266
|
key_file: [String]
|
267
|
+
enabled: [Boolean]
|
268
|
+
pre_command: [String]
|
269
|
+
post_command: [String]
|
257
270
|
stacks:
|
258
271
|
[String]:
|
259
272
|
region: [String]
|
@@ -268,7 +281,11 @@ stacks:
|
|
268
281
|
timeout_in_minutes: [Integer]
|
269
282
|
depends:
|
270
283
|
- [String]
|
271
|
-
- [String]
|
284
|
+
- [String]
|
285
|
+
package: [Boolean]
|
286
|
+
enabled: [Boolean]
|
287
|
+
pre_command: [String]
|
288
|
+
post_command: [String]
|
272
289
|
```
|
273
290
|
|
274
291
|
### ```global:```
|
@@ -285,6 +302,10 @@ AWS_REGIONも指定されない場合はus-east-1を利用します。
|
|
285
302
|
|
286
303
|
全体で利用するタイムアウト時間を分で指定します。
|
287
304
|
|
305
|
+
#### role_arn
|
306
|
+
|
307
|
+
利用するロールのARN
|
308
|
+
|
288
309
|
#### s3_template_bucket (デフォルト: cfndk-templates)
|
289
310
|
|
290
311
|
スタックのCloudFormationテンプレートファイルをアップロードするS3のバケット名を指定します。
|
@@ -298,6 +319,37 @@ regionはスタック毎で指定されたものを利用します。
|
|
298
319
|
|
299
320
|
S3バケットは一日で自動的に中身のオブジェクトが削除されるように設定されます。
|
300
321
|
|
322
|
+
#### package (デフォルト: false)
|
323
|
+
|
324
|
+
trueを指定した場合に、
|
325
|
+
スタックのテンプレートで、ネステッドスタックや、CloudFormationのコードがローカルパス形式で指定されている場合に
|
326
|
+
```aws cloudformation package```
|
327
|
+
相当の処理を行います。
|
328
|
+
|
329
|
+
yaml、jsonの意図しない加工がされる可能性があるためデフォルトではfalseとなっています。
|
330
|
+
|
331
|
+
例えば、```package: true```を指定して下記の様に記述すると、 ```./lambda_function``` フォルダをzipアーカイブしてS3にアップロードし、Codeを適切なS3のパスに更新します。
|
332
|
+
|
333
|
+
```
|
334
|
+
LambdaFunction:
|
335
|
+
Type: AWS::Lambda::Function
|
336
|
+
Properties:
|
337
|
+
Code: ./lambda_function
|
338
|
+
```
|
339
|
+
|
340
|
+
#### default_profile
|
341
|
+
|
342
|
+
default_profileで指定されたAWSプロファイルを利用してスタックを作成します。
|
343
|
+
AWS_PROFILE環境変数が指定された場合にはAWS_PROFILE環境変数が優先して使用されます。
|
344
|
+
|
345
|
+
#### pre_command
|
346
|
+
|
347
|
+
スタックのcreate、updateやチェンジセットのcreateで、処理の開始前に実施するコマンドを指定します。
|
348
|
+
|
349
|
+
#### post_command
|
350
|
+
|
351
|
+
スタックのcreate、updateやチェンジセットのcreateで、処理の完了後に実施するコマンドを指定します。
|
352
|
+
|
301
353
|
### ```keypairs:```
|
302
354
|
|
303
355
|
```
|
@@ -326,6 +378,17 @@ erbの記法が利用できます。
|
|
326
378
|
key_file: key/key<%= append_uuid %>.pem
|
327
379
|
```
|
328
380
|
|
381
|
+
#### enabled (デフォルト: true)
|
382
|
+
|
383
|
+
falseを指定した場合、そのkey pairを無視します
|
384
|
+
|
385
|
+
#### pre_command
|
386
|
+
|
387
|
+
ker pairのcreateの処理の開始前に実施するコマンドを指定します。
|
388
|
+
|
389
|
+
#### post_command
|
390
|
+
|
391
|
+
key pairのcreateの処理の完了後に実施するコマンドを指定します。
|
329
392
|
|
330
393
|
### ```stacks:```
|
331
394
|
|
@@ -401,6 +464,28 @@ dependsを指定すると、create,update,create-or-changeset,destoryのコマ
|
|
401
464
|
- Stack2
|
402
465
|
```
|
403
466
|
|
467
|
+
#### package (デフォルト: false)
|
468
|
+
|
469
|
+
trueを指定した場合に、
|
470
|
+
スタックのテンプレートで、ネステッドスタックや、CloudFormationのコードがローカルパス形式で指定されている場合に
|
471
|
+
```aws cloudformation package```
|
472
|
+
相当の処理を行います。
|
473
|
+
|
474
|
+
yaml、jsonの意図しない加工がされる可能性があるためデフォルトではfalseとなっています。
|
475
|
+
|
476
|
+
例えば、```package: true```を指定して下記の様に記述すると、 ```./lambda_function``` フォルダをzipアーカイブしてS3にアップロードし、Codeを適切なS3のパスに更新します。
|
477
|
+
|
478
|
+
```
|
479
|
+
LambdaFunction:
|
480
|
+
Type: AWS::Lambda::Function
|
481
|
+
Properties:
|
482
|
+
Code: ./lambda_function
|
483
|
+
```
|
484
|
+
|
485
|
+
#### enabled (デフォルト: true)
|
486
|
+
|
487
|
+
falseを指定した場合、そのスタックを無視します
|
488
|
+
|
404
489
|
#### timeout_in_minutes
|
405
490
|
|
406
491
|
スタックを作成する際などのタイムアウト時間を分で指定します。
|
@@ -409,6 +494,14 @@ dependsを指定すると、create,update,create-or-changeset,destoryのコマ
|
|
409
494
|
timeout_in_minutes: 5
|
410
495
|
```
|
411
496
|
|
497
|
+
#### pre_command
|
498
|
+
|
499
|
+
スタックのcreate、updateやチェンジセットのcreateで、処理の開始前に実施するコマンドを指定します。
|
500
|
+
|
501
|
+
#### post_command
|
502
|
+
|
503
|
+
スタックのcreate、updateやチェンジセットのcreateで、処理の完了後に実施するコマンドを指定します。
|
504
|
+
|
412
505
|
|
413
506
|
### erbで使用できるメソッド
|
414
507
|
|
@@ -427,8 +520,29 @@ dependsを指定すると、create,update,create-or-changeset,destoryのコマ
|
|
427
520
|
|
428
521
|
オプション```--properties```で指定したキーに対応する値を参照することができます。
|
429
522
|
|
523
|
+
## Execution Environment
|
524
|
+
|
525
|
+
### Vagrant
|
526
|
+
|
527
|
+
Vagrantを利用してLinux環境とcfndkのインストールを行うリファレンス環境を用意しました。
|
528
|
+
|
529
|
+
```
|
530
|
+
cd vagrant
|
531
|
+
vagrant up
|
532
|
+
vagrant ssh
|
533
|
+
```
|
534
|
+
|
535
|
+
### Docker
|
536
|
+
|
537
|
+
gemで直接インストールする代わりに、Dockerコンテナを利用して、cfndkコマンドを実行できるようにします。
|
538
|
+
|
539
|
+
```
|
540
|
+
cp docker/cfndk.sh /usr/local/bin/cfndk.sh
|
541
|
+
chmod +x /usr/local/bin/cfndk.sh
|
542
|
+
AWS_PROFILE=default cfndk.sh help
|
543
|
+
```
|
430
544
|
|
431
|
-
##
|
545
|
+
## Test
|
432
546
|
|
433
547
|
cfndkコマンドのテストを行うことができます。
|
434
548
|
CFNDK_COVERAGE環境変数に1を設定することで、カバレッジを取ることができます。
|
data/cfndk.gemspec
CHANGED
@@ -18,7 +18,6 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
19
|
spec.require_paths = ['lib']
|
20
20
|
|
21
|
-
spec.add_development_dependency 'bundler'
|
22
21
|
spec.add_development_dependency 'rake'
|
23
22
|
spec.add_development_dependency 'rspec'
|
24
23
|
spec.add_development_dependency 'aruba'
|
@@ -26,9 +25,15 @@ Gem::Specification.new do |spec|
|
|
26
25
|
spec.add_development_dependency 'awspec'
|
27
26
|
spec.add_development_dependency 'parallel_tests'
|
28
27
|
|
28
|
+
spec.add_dependency 'bundler'
|
29
29
|
spec.add_dependency 'thor'
|
30
30
|
spec.add_dependency 'rainbow'
|
31
|
-
spec.add_dependency '
|
31
|
+
spec.add_dependency 'rubyzip', '1.3.0'
|
32
|
+
spec.add_dependency 'aws-sdk-ec2'
|
33
|
+
spec.add_dependency 'aws-sdk-s3'
|
34
|
+
spec.add_dependency 'aws-sdk-cloudformation'
|
32
35
|
spec.add_dependency 'camelizable'
|
33
36
|
spec.add_dependency 'terminal-table'
|
37
|
+
spec.add_dependency 'diff-lcs'
|
38
|
+
spec.add_dependency 'polyfill'
|
34
39
|
end
|
data/docker/Dockerfile
ADDED
data/docker/build.sh
ADDED
data/docker/cfndk.sh
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
WORK_DIR=`pwd`
|
4
|
+
|
5
|
+
docker run \
|
6
|
+
-v $WORK_DIR:/home/cfndk \
|
7
|
+
-v $HOME/.aws:/root/.aws \
|
8
|
+
-e AWS_PROFILE=$AWS_PROFILE \
|
9
|
+
-e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \
|
10
|
+
-e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \
|
11
|
+
-e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN \
|
12
|
+
-w /home/cfndk \
|
13
|
+
-it amakata/cfndk:latest \
|
14
|
+
"$@"
|
@@ -2,11 +2,12 @@ module CFnDK
|
|
2
2
|
class ChangeSetCommand < Thor
|
3
3
|
include SubcommandHelpReturnable
|
4
4
|
include ConfigFileLoadable
|
5
|
+
include CredentialResolvable
|
5
6
|
|
6
7
|
class_option :verbose, type: :boolean, aliases: 'v', desc: 'More verbose output.'
|
7
8
|
class_option :color, type: :boolean, default: true, desc: 'Use colored output'
|
8
9
|
class_option :config_path, type: :string, aliases: 'c', default: "#{Dir.getwd}/cfndk.yml", desc: 'The configuration file to use'
|
9
|
-
class_option :stack_names, type: :array, desc: 'Target stack names'
|
10
|
+
class_option :stack_names, type: :array, aliases: 's', desc: 'Target stack names'
|
10
11
|
|
11
12
|
desc 'create', 'Create change set'
|
12
13
|
option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
|
@@ -15,11 +16,16 @@ module CFnDK
|
|
15
16
|
def create
|
16
17
|
CFnDK.logger.info 'create...'.color(:green)
|
17
18
|
data = load_config_data(options)
|
18
|
-
|
19
|
-
|
19
|
+
credentials = resolve_credential(data, options)
|
20
|
+
global_config = CFnDK::GlobalConfig.new(data, options)
|
20
21
|
stacks = CFnDK::Stacks.new(data, options, credentials)
|
22
|
+
|
23
|
+
global_config.pre_command_execute
|
24
|
+
stacks.pre_command_execute
|
21
25
|
stacks.validate
|
22
26
|
stacks.create_change_set
|
27
|
+
stacks.post_command_execute
|
28
|
+
global_config.post_command_execute
|
23
29
|
return 0
|
24
30
|
rescue => e
|
25
31
|
CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
|
@@ -35,10 +41,9 @@ module CFnDK
|
|
35
41
|
def execute
|
36
42
|
CFnDK.logger.info 'execute...'.color(:green)
|
37
43
|
data = load_config_data(options)
|
38
|
-
|
39
|
-
credentials = CFnDK::CredentialProviderChain.new.resolve
|
44
|
+
credentials = resolve_credential(data, options)
|
40
45
|
stacks = CFnDK::Stacks.new(data, options, credentials)
|
41
|
-
|
46
|
+
|
42
47
|
stacks.execute_change_set
|
43
48
|
return 0
|
44
49
|
rescue => e
|
@@ -56,8 +61,8 @@ module CFnDK
|
|
56
61
|
def destroy
|
57
62
|
CFnDK.logger.info 'destroy...'.color(:green)
|
58
63
|
data = load_config_data(options)
|
64
|
+
credentials = resolve_credential(data, options)
|
59
65
|
|
60
|
-
credentials = CFnDK::CredentialProviderChain.new.resolve
|
61
66
|
stacks = CFnDK::Stacks.new(data, options, credentials)
|
62
67
|
|
63
68
|
if options[:force] || yes?('Are you sure you want to destroy? (y/n)', :yellow)
|
@@ -82,7 +87,8 @@ module CFnDK
|
|
82
87
|
def report
|
83
88
|
CFnDK.logger.info 'report...'.color(:green)
|
84
89
|
data = load_config_data(options)
|
85
|
-
credentials =
|
90
|
+
credentials = resolve_credential(data, options)
|
91
|
+
|
86
92
|
stacks = CFnDK::Stacks.new(data, options, credentials)
|
87
93
|
stacks.report_change_set
|
88
94
|
return 0
|
data/lib/cfndk/command.rb
CHANGED
@@ -2,6 +2,8 @@ module CFnDK
|
|
2
2
|
class Command < Thor
|
3
3
|
include Thor::Actions
|
4
4
|
include ConfigFileLoadable
|
5
|
+
include CredentialResolvable
|
6
|
+
|
5
7
|
class << self
|
6
8
|
def exit_on_failure?
|
7
9
|
true
|
@@ -44,19 +46,25 @@ module CFnDK
|
|
44
46
|
option :config_path, type: :string, aliases: 'c', default: "#{Dir.getwd}/cfndk.yml", desc: 'The configuration file to use'
|
45
47
|
option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
|
46
48
|
option :properties, type: :hash, aliases: 'p', default: {}, desc: 'Set property'
|
47
|
-
option :stack_names, type: :array, desc: 'Target stack names'
|
49
|
+
option :stack_names, type: :array, aliases: 's', desc: 'Target stack names'
|
48
50
|
option :keypair_names, type: :array, desc: 'Target keypair names'
|
49
51
|
def create
|
50
52
|
CFnDK.logger.info 'create...'.color(:green)
|
51
53
|
data = load_config_data(options)
|
52
|
-
|
53
|
-
|
54
|
+
credentials = resolve_credential(data, options)
|
55
|
+
global_config = CFnDK::GlobalConfig.new(data, options)
|
54
56
|
stacks = CFnDK::Stacks.new(data, options, credentials)
|
55
57
|
keypairs = CFnDK::KeyPairs.new(data, options, credentials)
|
56
58
|
|
59
|
+
global_config.pre_command_execute
|
60
|
+
stacks.pre_command_execute
|
57
61
|
stacks.validate
|
62
|
+
keypairs.pre_command_execute
|
58
63
|
keypairs.create
|
64
|
+
keypairs.post_command_execute
|
59
65
|
stacks.create
|
66
|
+
stacks.post_command_execute
|
67
|
+
global_config.post_command_execute
|
60
68
|
return 0
|
61
69
|
rescue => e
|
62
70
|
CFnDK.logger.error "#{e.class}: #{e.message}".color(:red)
|
@@ -73,8 +81,8 @@ module CFnDK
|
|
73
81
|
def destroy
|
74
82
|
CFnDK.logger.info 'destroy...'.color(:green)
|
75
83
|
data = load_config_data(options)
|
84
|
+
credentials = resolve_credential(data, options)
|
76
85
|
|
77
|
-
credentials = CFnDK::CredentialProviderChain.new.resolve
|
78
86
|
stacks = CFnDK::Stacks.new(data, options, credentials)
|
79
87
|
keypairs = CFnDK::KeyPairs.new(data, options, credentials)
|
80
88
|
|
@@ -97,14 +105,14 @@ module CFnDK
|
|
97
105
|
desc 'report', 'Report stack'
|
98
106
|
option :config_path, type: :string, aliases: 'c', default: "#{Dir.getwd}/cfndk.yml", desc: 'The configuration file to use'
|
99
107
|
option :uuid, type: :string, aliases: 'u', default: ENV['CFNDK_UUID'] || nil, desc: 'Use UUID'
|
100
|
-
option :stack_names, type: :array, desc: 'Target stack names'
|
108
|
+
option :stack_names, type: :array, aliases: 's', desc: 'Target stack names'
|
101
109
|
option :types, type: :array, default: %w(tag output parameter resource event), desc: 'Report type'
|
102
110
|
def report
|
103
111
|
CFnDK.logger.info 'report...'.color(:green)
|
104
112
|
|
105
113
|
data = load_config_data(options)
|
114
|
+
credentials = resolve_credential(data, options)
|
106
115
|
|
107
|
-
credentials = CFnDK::CredentialProviderChain.new.resolve
|
108
116
|
stacks = CFnDK::Stacks.new(data, options, credentials)
|
109
117
|
stacks.report
|
110
118
|
return 0
|
@@ -1,12 +1,14 @@
|
|
1
1
|
module CFnDK
|
2
2
|
class CredentialProviderChain
|
3
|
-
def initialize(
|
4
|
-
@
|
3
|
+
def initialize(profile = nil)
|
4
|
+
@profile = profile
|
5
5
|
end
|
6
6
|
|
7
7
|
def resolve
|
8
8
|
providers.each do |method_name, options|
|
9
|
-
|
9
|
+
CFnDK.logger.debug "resolving: #{method_name}"
|
10
|
+
provider = send(method_name, options)
|
11
|
+
CFnDK.logger.debug "resolved: #{method_name}" if provider && provider.set?
|
10
12
|
return provider if provider && provider.set?
|
11
13
|
end
|
12
14
|
nil
|
@@ -16,30 +18,17 @@ module CFnDK
|
|
16
18
|
|
17
19
|
def providers
|
18
20
|
[
|
19
|
-
[:static_credentials, {}],
|
20
21
|
[:env_credentials, {}],
|
21
22
|
[:assume_role_credentials, {}],
|
22
|
-
[:shared_credentials, {}],
|
23
|
-
[:process_credentials, {}],
|
23
|
+
[:shared_credentials, {profile: @profile}],
|
24
24
|
[:instance_profile_credentials, {
|
25
|
-
retries:
|
26
|
-
http_open_timeout:
|
27
|
-
http_read_timeout:
|
25
|
+
retries: 0,
|
26
|
+
http_open_timeout: 1,
|
27
|
+
http_read_timeout: 1,
|
28
28
|
}],
|
29
29
|
]
|
30
30
|
end
|
31
31
|
|
32
|
-
def static_credentials(options)
|
33
|
-
if options[:config]
|
34
|
-
::Aws::Credentials.new(
|
35
|
-
options[:config].access_key_id,
|
36
|
-
options[:config].secret_access_key,
|
37
|
-
options[:config].session_token)
|
38
|
-
else
|
39
|
-
nil
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
32
|
def env_credentials(options)
|
44
33
|
key = %w(AWS_ACCESS_KEY_ID AMAZON_ACCESS_KEY_ID AWS_ACCESS_KEY)
|
45
34
|
secret = %w(AWS_SECRET_ACCESS_KEY AMAZON_SECRET_ACCESS_KEY AWS_SECRET_KEY)
|
@@ -55,8 +44,8 @@ module CFnDK
|
|
55
44
|
end
|
56
45
|
|
57
46
|
def shared_credentials(options)
|
58
|
-
if options[:
|
59
|
-
::Aws::SharedCredentials.new(profile_name: options[:
|
47
|
+
if options[:profile]
|
48
|
+
::Aws::SharedCredentials.new(profile_name: options[:profile])
|
60
49
|
else
|
61
50
|
::Aws::SharedCredentials.new(
|
62
51
|
profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
|
@@ -65,29 +54,10 @@ module CFnDK
|
|
65
54
|
nil
|
66
55
|
end
|
67
56
|
|
68
|
-
def process_credentials(options)
|
69
|
-
profile_name = options[:config].profile if options[:config]
|
70
|
-
profile_name ||= ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE']
|
71
|
-
|
72
|
-
config = ::Aws.shared_config
|
73
|
-
if config.config_enabled? && process_provider = config.credentials_process(profile_name)
|
74
|
-
::Aws::ProcessCredentials.new(process_provider)
|
75
|
-
else
|
76
|
-
nil
|
77
|
-
end
|
78
|
-
rescue ::Aws::Errors::NoSuchProfileError
|
79
|
-
nil
|
80
|
-
end
|
81
|
-
|
82
57
|
def assume_role_credentials(options)
|
83
58
|
if ::Aws.shared_config.config_enabled?
|
84
59
|
profile = nil
|
85
60
|
region = nil
|
86
|
-
if options[:config]
|
87
|
-
profile = options[:config].profile
|
88
|
-
region = options[:config].region
|
89
|
-
assume_role_with_profile(options[:config].profile, options[:config].region)
|
90
|
-
end
|
91
61
|
assume_role_with_profile(profile, region)
|
92
62
|
else
|
93
63
|
nil
|
@@ -106,7 +76,7 @@ module CFnDK
|
|
106
76
|
::Aws.shared_config.assume_role_credentials_from_config(
|
107
77
|
profile: prof,
|
108
78
|
region: region,
|
109
|
-
chain_config:
|
79
|
+
chain_config: nil
|
110
80
|
)
|
111
81
|
end
|
112
82
|
end
|
data/lib/cfndk/diff.rb
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
module CFnDK
|
2
|
+
FORMAT = :unified
|
3
|
+
LINES = 3
|
4
|
+
|
5
|
+
def self.diff(data_old, data_new)
|
6
|
+
result = ''
|
7
|
+
|
8
|
+
file_length_difference = 0
|
9
|
+
|
10
|
+
data_old = data_old.split($/).map { |e| e.chomp }
|
11
|
+
data_new = data_new.split($/).map { |e| e.chomp }
|
12
|
+
|
13
|
+
diffs = Diff::LCS.diff(data_old, data_new)
|
14
|
+
diffs = nil if diffs.empty?
|
15
|
+
|
16
|
+
return '' unless diffs
|
17
|
+
|
18
|
+
oldhunk = hunk = nil
|
19
|
+
|
20
|
+
diffs.each do |piece|
|
21
|
+
begin
|
22
|
+
hunk = Diff::LCS::Hunk.new(data_old, data_new, piece, LINES, file_length_difference)
|
23
|
+
file_length_difference = hunk.file_length_difference
|
24
|
+
|
25
|
+
next unless oldhunk
|
26
|
+
next if LINES.positive? and hunk.merge(oldhunk)
|
27
|
+
|
28
|
+
result << oldhunk.diff(FORMAT) << "\n"
|
29
|
+
ensure
|
30
|
+
oldhunk = hunk
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
last = oldhunk.diff(FORMAT)
|
35
|
+
last << "\n" if last.respond_to?(:end_with?) && !last.end_with?("\n")
|
36
|
+
result << last
|
37
|
+
end
|
38
|
+
end
|
data/lib/cfndk/global_config.rb
CHANGED
@@ -1,15 +1,46 @@
|
|
1
1
|
module CFnDK
|
2
2
|
class GlobalConfig
|
3
|
-
attr_reader :timeout_in_minutes, :s3_template_bucket, :s3_template_hash, :region
|
3
|
+
attr_reader :timeout_in_minutes, :s3_template_bucket, :s3_template_hash, :region, :role_arn, :package, :profile, :pre_command, :post_command
|
4
4
|
def initialize(data, option)
|
5
5
|
@timeout_in_minutes = 1
|
6
6
|
@s3_template_bucket = 'cfndk-templates'
|
7
|
-
@s3_template_hash =
|
7
|
+
@s3_template_hash = Uuid.instance.uuid
|
8
8
|
@region = ENV['AWS_REGION'] || 'us-east-1'
|
9
|
+
@package = false
|
10
|
+
@profile = ENV['AWS_PROFILE'] || nil
|
9
11
|
return unless data['global'].is_a?(Hash)
|
10
12
|
@timeout_in_minutes = data['global']['timeout_in_minutes'] || 1
|
11
13
|
@s3_template_bucket = data['global']['s3_template_bucket'] || 'cfndk-templates'
|
12
14
|
@region = data['global']['region'] || ENV['AWS_REGION'] || 'us-east-1'
|
15
|
+
@package = data['global']['package'] === 'true' ? true : false
|
16
|
+
@role_arn = data['global']['role_arn'] || nil
|
17
|
+
@profile = ENV['AWS_PROFILE'] || data['global']['default_profile'] || nil
|
18
|
+
@pre_command = data['global']['pre_command'] || nil
|
19
|
+
@post_command = data['global']['post_command'] || nil
|
20
|
+
end
|
21
|
+
|
22
|
+
def pre_command_execute
|
23
|
+
if @pre_command
|
24
|
+
CFnDK.logger.info(('execute global pre command: ' + @pre_command).color(:green))
|
25
|
+
IO.popen(@pre_command, :err => [:child, :out]) do |io|
|
26
|
+
io.each_line do |line|
|
27
|
+
CFnDK.logger.info((line).color(:green))
|
28
|
+
end
|
29
|
+
end
|
30
|
+
raise 'global pre command is error. status: ' + $?.exitstatus.to_s + ' command: ' + @pre_command if $?.exitstatus != 0
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def post_command_execute
|
35
|
+
if @post_command
|
36
|
+
CFnDK.logger.info(('execute global post command: ' + @post_command).color(:green))
|
37
|
+
IO.popen(@post_command, :err => [:child, :out]) do |io|
|
38
|
+
io.each_line do |line|
|
39
|
+
CFnDK.logger.info((line).color(:green))
|
40
|
+
end
|
41
|
+
end
|
42
|
+
raise 'global post command is error. status: ' + $?.exitstatus.to_s + ' command: ' + @post_command if $?.exitstatus != 0
|
43
|
+
end
|
13
44
|
end
|
14
45
|
end
|
15
46
|
end
|