cfndsl-pipeline 0.1.4 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +3 -3
- data/Gemfile +0 -1
- data/bin/cfndsl_pipeline +5 -2
- data/cfndsl-pipeline.gemspec +1 -1
- data/lib/cfndsl-pipeline.rb +5 -3
- data/lib/cli_options.rb +8 -4
- data/lib/exec_cfn_nag.rb +22 -15
- data/lib/exec_cfndsl.rb +4 -2
- data/lib/exec_syntax.rb +6 -3
- data/lib/monkey-patches/cfndsl_patch.rb +6 -3
- data/lib/options.rb +2 -1
- data/lib/params.rb +2 -1
- data/lib/version.rb +4 -2
- metadata +4 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5ac916d2749dd8f2515364b954dc62dc40e2d9d8242c930bfc0807ae702c2528
|
4
|
+
data.tar.gz: fb3f8cef4fa7cd04b13cca323835e3f1fbe226e5dc1d051c54627c980e3e186e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ba4466092aede32b0161d0cb6dc10365dde94bd2ec31ba1a5c5c1f42dbc26cb8680c9eadf0758d525bb25428b9d99c8f5864fca88722b17c0a58a784cdfe39c5
|
7
|
+
data.tar.gz: 808e4b4a21329d741544a2241219a34449271607db408154f74a001509f9d682d1e736dfa7812b3795293450a36d6a499401ec44220653099aacb8ec825b2680
|
data/.rubocop.yml
CHANGED
@@ -11,11 +11,11 @@ Metrics/MethodLength:
|
|
11
11
|
Max: 25
|
12
12
|
|
13
13
|
# Due to our @Properties style instance names
|
14
|
-
|
14
|
+
Naming/VariableName:
|
15
15
|
Enabled: false
|
16
16
|
|
17
17
|
# We are a DSL
|
18
|
-
|
18
|
+
Naming/MethodName:
|
19
19
|
Enabled: false
|
20
20
|
|
21
21
|
# Lone String
|
@@ -26,7 +26,7 @@ AllCops:
|
|
26
26
|
Exclude:
|
27
27
|
- 'tmp/**/*'
|
28
28
|
- 'examples/**/*'
|
29
|
-
- 'spec
|
29
|
+
- 'spec/**/*'
|
30
30
|
- Gemfile
|
31
31
|
- Guardfile
|
32
32
|
- Rakefile
|
data/Gemfile
CHANGED
data/bin/cfndsl_pipeline
CHANGED
@@ -1,4 +1,6 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
require 'optparse'
|
3
5
|
require 'cfndsl-pipeline'
|
4
6
|
|
@@ -8,7 +10,7 @@ cli_options = {
|
|
8
10
|
}
|
9
11
|
|
10
12
|
pipe_options = CfnDslPipeline::Options.new
|
11
|
-
|
13
|
+
# rubocop:disable Metrics/BlockLength
|
12
14
|
op = OptionParser.new do |opts|
|
13
15
|
opts.banner = USAGE
|
14
16
|
|
@@ -66,6 +68,7 @@ op = OptionParser.new do |opts|
|
|
66
68
|
exit
|
67
69
|
end
|
68
70
|
end
|
71
|
+
# rubocop:enable Metrics/BlockLength
|
69
72
|
|
70
73
|
op.parse!
|
71
74
|
|
@@ -106,7 +109,7 @@ end
|
|
106
109
|
cfndsl_extras = []
|
107
110
|
ARGV.each do |arg|
|
108
111
|
cfndsl_extras << [:yaml, arg]
|
109
|
-
end
|
112
|
+
end
|
110
113
|
|
111
114
|
pipeline = CfnDslPipeline::Pipeline.new(cli_options[:output], pipe_options)
|
112
115
|
pipeline.build(cli_options[:template], cfndsl_extras)
|
data/cfndsl-pipeline.gemspec
CHANGED
@@ -30,7 +30,7 @@ Gem::Specification.new do |s|
|
|
30
30
|
|
31
31
|
s.executables << 'cfndsl_pipeline'
|
32
32
|
|
33
|
-
s.add_development_dependency "bundler", "~>
|
33
|
+
s.add_development_dependency "bundler", "~> 2.0"
|
34
34
|
s.add_development_dependency "rake"
|
35
35
|
s.add_development_dependency "rspec"
|
36
36
|
s.add_development_dependency "cfndsl"
|
data/lib/cfndsl-pipeline.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
|
-
|
2
|
-
#
|
1
|
+
# rubocop:disable Naming/FileName
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
3
4
|
# The MIT License
|
4
5
|
#
|
5
6
|
# Copyright (c) 2019 Cam Maxwell (cameron.maxwell@gmail.com)
|
@@ -53,7 +54,7 @@ module CfnDslPipeline
|
|
53
54
|
|
54
55
|
def build(input_filename, cfndsl_extras)
|
55
56
|
abort "Input file #{input_filename} doesn't exist!" unless File.file?(input_filename)
|
56
|
-
self.input_filename =
|
57
|
+
self.input_filename = input_filename.to_s
|
57
58
|
self.base_name = File.basename(input_filename, '.*')
|
58
59
|
self.output_filename = File.expand_path("#{output_dir}/#{base_name}.yaml")
|
59
60
|
exec_cfndsl cfndsl_extras
|
@@ -63,3 +64,4 @@ module CfnDslPipeline
|
|
63
64
|
end
|
64
65
|
end
|
65
66
|
end
|
67
|
+
# rubocop:enable Naming/FileName
|
data/lib/cli_options.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
|
2
3
|
require 'optparse'
|
3
4
|
|
@@ -19,6 +20,7 @@ module CfnDslPipeline
|
|
19
20
|
|
20
21
|
# rubocop:disable Metrics/AbcSize
|
21
22
|
# rubocop:disable Metrics/MethodLength
|
23
|
+
# rubocop:disable Metrics/BlockLength
|
22
24
|
def parse
|
23
25
|
@op = OptionParser.new do |opts|
|
24
26
|
opts.banner = USAGE
|
@@ -47,8 +49,8 @@ module CfnDslPipeline
|
|
47
49
|
pipeline.validate_cfn_nag = false
|
48
50
|
end
|
49
51
|
|
50
|
-
opts.on('--audit-rule-dir', 'cfn_nag audit custom rules directory') do
|
51
|
-
pipeline.cfn_nag[:rule_directory] =
|
52
|
+
opts.on('--audit-rule-dir', 'cfn_nag audit custom rules directory') do |rule_dir|
|
53
|
+
pipeline.cfn_nag[:rule_directory] = rule_dir
|
52
54
|
end
|
53
55
|
|
54
56
|
opts.on('--audit-report', 'Save cfn_nag audit report') do
|
@@ -86,15 +88,17 @@ module CfnDslPipeline
|
|
86
88
|
|
87
89
|
# first non-dash parameter is the mandatory input file
|
88
90
|
@template = ARGV.pop
|
89
|
-
|
91
|
+
# rubocop:disable Style/MultilineIfModifier
|
90
92
|
ARGV.each do |arg|
|
91
93
|
@cfndsl_extras << [:yaml, arg]
|
92
|
-
end
|
94
|
+
end unless ARGV.empty?
|
95
|
+
# rubocop:enable Style/MultilineIfModifier
|
93
96
|
|
94
97
|
pipeline
|
95
98
|
end
|
96
99
|
# rubocop:enable Metrics/AbcSize
|
97
100
|
# rubocop:enable Metrics/MethodLength
|
101
|
+
# rubocop:enable Metrics/BlockLength
|
98
102
|
|
99
103
|
def fatal(msg)
|
100
104
|
puts msg
|
data/lib/exec_cfn_nag.rb
CHANGED
@@ -1,9 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'cfn-nag'
|
2
4
|
require 'logging'
|
3
5
|
require 'colorize'
|
4
6
|
|
5
7
|
module CfnDslPipeline
|
6
|
-
#
|
8
|
+
# Interface to cfn_nag auditing
|
7
9
|
class Pipeline
|
8
10
|
def exec_cfn_nag
|
9
11
|
puts 'Auditing template with cfn-nag...'
|
@@ -22,23 +24,28 @@ module CfnDslPipeline
|
|
22
24
|
end
|
23
25
|
|
24
26
|
def display_report(result)
|
25
|
-
ColoredStdoutResults.new.render(
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
27
|
+
ColoredStdoutResults.new.render(
|
28
|
+
[
|
29
|
+
{
|
30
|
+
filename: @base_name.to_s,
|
31
|
+
file_results: result
|
32
|
+
}
|
33
|
+
]
|
34
|
+
)
|
31
35
|
end
|
32
36
|
|
33
37
|
def save_report(result)
|
34
38
|
return unless options.save_audit_report
|
39
|
+
|
35
40
|
report_data = Capture.capture do
|
36
|
-
SimpleStdoutResults.new.render(
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
41
|
+
SimpleStdoutResults.new.render(
|
42
|
+
[
|
43
|
+
{
|
44
|
+
filename: @base_name.to_s,
|
45
|
+
file_results: result
|
46
|
+
}
|
47
|
+
]
|
48
|
+
)
|
42
49
|
end
|
43
50
|
filename = "#{output_dir}/#{base_name}.audit"
|
44
51
|
File.open(File.expand_path(filename), 'w').puts report_data['stdout']
|
@@ -46,9 +53,9 @@ module CfnDslPipeline
|
|
46
53
|
end
|
47
54
|
|
48
55
|
def show_summary(result)
|
49
|
-
if result[:failure_count]
|
56
|
+
if result[:failure_count].positive?
|
50
57
|
puts "Audit failed. #{result[:failure_count]} error(s) found ( ಠ ʖ̯ ಠ) ".red
|
51
|
-
elsif result[:violations].count
|
58
|
+
elsif result[:violations].count.positive?
|
52
59
|
puts "Audit passed with #{result[:warning_count]} warnings. (._.) ".yellow
|
53
60
|
else
|
54
61
|
puts 'Audit passed! ヽ( ゚ヮ゚)/ ヽ(´ー`)ノ'.green
|
data/lib/exec_cfndsl.rb
CHANGED
@@ -1,14 +1,16 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'cfndsl'
|
2
4
|
require 'cfndsl/globals'
|
3
5
|
require 'cfndsl/version'
|
4
6
|
|
5
7
|
module CfnDslPipeline
|
6
|
-
#
|
8
|
+
# Interface to cfndsl
|
7
9
|
class Pipeline
|
8
10
|
def exec_cfndsl(cfndsl_extras)
|
9
11
|
puts 'Generating CloudFormation template...'
|
10
12
|
|
11
|
-
model = CfnDsl.eval_file_with_extras(
|
13
|
+
model = CfnDsl.eval_file_with_extras(@input_filename.to_s, cfndsl_extras, (options.debug_cfndsl ? STDOUT : nil))
|
12
14
|
@template = JSON.parse(model.to_json).to_yaml
|
13
15
|
File.open(@output_filename, 'w') do |file|
|
14
16
|
file.puts @template
|
data/lib/exec_syntax.rb
CHANGED
@@ -1,17 +1,18 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
require 'aws-sdk-cloudformation'
|
3
4
|
require 'aws-sdk-s3'
|
4
5
|
require 'uuid'
|
5
6
|
|
6
7
|
module CfnDslPipeline
|
7
|
-
#
|
8
|
+
# Interface to AWS SDK syntax checks
|
8
9
|
class Pipeline
|
9
10
|
attr_accessor :s3_client
|
10
11
|
|
11
12
|
def initialize
|
12
13
|
self.s3_client = Aws::S3::Client.new(region: aws_region)
|
13
14
|
end
|
14
|
-
|
15
|
+
|
15
16
|
def exec_syntax_validation
|
16
17
|
puts 'Validating template syntax...'
|
17
18
|
if options.estimate_cost || (output_file.size > 51_200)
|
@@ -31,7 +32,6 @@ module CfnDslPipeline
|
|
31
32
|
end
|
32
33
|
save_syntax_report
|
33
34
|
end
|
34
|
-
# rubocop:enable Metrics/AbcSize
|
35
35
|
|
36
36
|
private
|
37
37
|
|
@@ -51,6 +51,7 @@ module CfnDslPipeline
|
|
51
51
|
|
52
52
|
def save_syntax_report
|
53
53
|
return unless options.save_syntax_report
|
54
|
+
|
54
55
|
report_filename = "#{output_dir}/#{base_name}.report"
|
55
56
|
puts "Syntax validation report written to #{report_filename}"
|
56
57
|
File.open(File.expand_path(report_filename), 'w').puts syntax_report.to_hash.to_yaml
|
@@ -65,6 +66,7 @@ module CfnDslPipeline
|
|
65
66
|
|
66
67
|
def estimate_cost(bucket, object_name)
|
67
68
|
return unless options.estimate_cost
|
69
|
+
|
68
70
|
puts 'Estimate cost of template...'
|
69
71
|
client = Aws::CloudFormation::Client.new(region: options.aws_region)
|
70
72
|
costing = client.estimate_template_cost(template_url: "https://#{bucket.url}/#{object_name}")
|
@@ -73,6 +75,7 @@ module CfnDslPipeline
|
|
73
75
|
|
74
76
|
def s3_validate_syntax(bucket, object_name)
|
75
77
|
return unless options.validate_syntax
|
78
|
+
|
76
79
|
puts 'Validating template syntax in S3 Bucket...'
|
77
80
|
client = Aws::CloudFormation::Client.new(region: options.aws_region)
|
78
81
|
client.validate_template(template_url: "https://s3.amazonaws.com/#{bucket.url}/#{object_name}")
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
require 'cfndsl/globals'
|
3
4
|
require 'cfndsl/version'
|
4
5
|
require 'cfndsl/external_parameters'
|
@@ -13,7 +14,7 @@ HAS_MAPPED_TAGS = %w([CfnDsl::AWS::Types::AWS_Serverless_Function CfnDsl::AWS::T
|
|
13
14
|
# Automatically add Parameters for Tag values
|
14
15
|
CfnDsl::CloudFormationTemplate.class_eval do
|
15
16
|
def initialize
|
16
|
-
return unless
|
17
|
+
return unless external_parameters&.fetch(:TagStandard) && external_parameters[:TagStandard].is_a?(Hash)
|
17
18
|
|
18
19
|
# parameters for tagging standard
|
19
20
|
external_parameters[:TagStandard].each do |param_name, props|
|
@@ -25,7 +26,7 @@ CfnDsl::CloudFormationTemplate.class_eval do
|
|
25
26
|
send(key, props[key]) if props[key]
|
26
27
|
end
|
27
28
|
end
|
28
|
-
end
|
29
|
+
end
|
29
30
|
end
|
30
31
|
end
|
31
32
|
|
@@ -48,9 +49,10 @@ module CfnDsl
|
|
48
49
|
|
49
50
|
def fix_substitutions(val)
|
50
51
|
return val unless defined? val.class.to_s.downcase
|
51
|
-
meth = "fix_#{val.class.to_s.downcase}"
|
52
52
|
|
53
|
+
meth = "fix_#{val.class.to_s.downcase}"
|
53
54
|
return send(meth, val) if respond_to?(meth.to_sym)
|
55
|
+
|
54
56
|
val
|
55
57
|
end
|
56
58
|
|
@@ -79,6 +81,7 @@ module CfnDsl
|
|
79
81
|
def apply_tag_standard
|
80
82
|
return unless defined? external_parameters[:TagStandard]
|
81
83
|
return unless external_parameters[:TagStandard].is_a?(Hash)
|
84
|
+
|
82
85
|
apply_tags(external_parameters[:TagStandard]) if defined? self.Tag
|
83
86
|
apply_tags_map(external_parameters[:TagStandard]) if HAS_MAPPED_TAGS.include? self.class.to_s
|
84
87
|
end
|
data/lib/options.rb
CHANGED
@@ -1,9 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
require 'cfn-nag/custom_rule_loader'
|
3
4
|
require 'cfn-nag/cfn_nag_config'
|
4
5
|
|
5
6
|
module CfnDslPipeline
|
6
|
-
#
|
7
|
+
# Main pipeline options
|
7
8
|
class Options
|
8
9
|
attr_accessor :aws_region, :validation_bucket, :estimate_cost, :dump_deploy_params, :cfn_nag
|
9
10
|
attr_accessor :validate_cfn_nag, :save_audit_report, :validate_syntax, :save_syntax_report, :validate_output
|
data/lib/params.rb
CHANGED
data/lib/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfndsl-pipeline
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Cam Maxwell
|
@@ -100,14 +100,14 @@ dependencies:
|
|
100
100
|
requirements:
|
101
101
|
- - "~>"
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: '
|
103
|
+
version: '2.0'
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: '
|
110
|
+
version: '2.0'
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: rake
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -221,8 +221,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
221
221
|
- !ruby/object:Gem::Version
|
222
222
|
version: '0'
|
223
223
|
requirements: []
|
224
|
-
|
225
|
-
rubygems_version: 2.7.10
|
224
|
+
rubygems_version: 3.0.6
|
226
225
|
signing_key:
|
227
226
|
specification_version: 4
|
228
227
|
summary: Integrated build pipeline for building CloudFormation with CfnDsl
|