cfndsl-pipeline 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +3 -3
- data/Gemfile +0 -1
- data/bin/cfndsl_pipeline +5 -2
- data/cfndsl-pipeline.gemspec +1 -1
- data/lib/cfndsl-pipeline.rb +5 -3
- data/lib/cli_options.rb +8 -4
- data/lib/exec_cfn_nag.rb +22 -15
- data/lib/exec_cfndsl.rb +4 -2
- data/lib/exec_syntax.rb +6 -3
- data/lib/monkey-patches/cfndsl_patch.rb +6 -3
- data/lib/options.rb +2 -1
- data/lib/params.rb +2 -1
- data/lib/version.rb +4 -2
- metadata +4 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5ac916d2749dd8f2515364b954dc62dc40e2d9d8242c930bfc0807ae702c2528
|
|
4
|
+
data.tar.gz: fb3f8cef4fa7cd04b13cca323835e3f1fbe226e5dc1d051c54627c980e3e186e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ba4466092aede32b0161d0cb6dc10365dde94bd2ec31ba1a5c5c1f42dbc26cb8680c9eadf0758d525bb25428b9d99c8f5864fca88722b17c0a58a784cdfe39c5
|
|
7
|
+
data.tar.gz: 808e4b4a21329d741544a2241219a34449271607db408154f74a001509f9d682d1e736dfa7812b3795293450a36d6a499401ec44220653099aacb8ec825b2680
|
data/.rubocop.yml
CHANGED
|
@@ -11,11 +11,11 @@ Metrics/MethodLength:
|
|
|
11
11
|
Max: 25
|
|
12
12
|
|
|
13
13
|
# Due to our @Properties style instance names
|
|
14
|
-
|
|
14
|
+
Naming/VariableName:
|
|
15
15
|
Enabled: false
|
|
16
16
|
|
|
17
17
|
# We are a DSL
|
|
18
|
-
|
|
18
|
+
Naming/MethodName:
|
|
19
19
|
Enabled: false
|
|
20
20
|
|
|
21
21
|
# Lone String
|
|
@@ -26,7 +26,7 @@ AllCops:
|
|
|
26
26
|
Exclude:
|
|
27
27
|
- 'tmp/**/*'
|
|
28
28
|
- 'examples/**/*'
|
|
29
|
-
- 'spec
|
|
29
|
+
- 'spec/**/*'
|
|
30
30
|
- Gemfile
|
|
31
31
|
- Guardfile
|
|
32
32
|
- Rakefile
|
data/Gemfile
CHANGED
data/bin/cfndsl_pipeline
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
2
4
|
require 'optparse'
|
|
3
5
|
require 'cfndsl-pipeline'
|
|
4
6
|
|
|
@@ -8,7 +10,7 @@ cli_options = {
|
|
|
8
10
|
}
|
|
9
11
|
|
|
10
12
|
pipe_options = CfnDslPipeline::Options.new
|
|
11
|
-
|
|
13
|
+
# rubocop:disable Metrics/BlockLength
|
|
12
14
|
op = OptionParser.new do |opts|
|
|
13
15
|
opts.banner = USAGE
|
|
14
16
|
|
|
@@ -66,6 +68,7 @@ op = OptionParser.new do |opts|
|
|
|
66
68
|
exit
|
|
67
69
|
end
|
|
68
70
|
end
|
|
71
|
+
# rubocop:enable Metrics/BlockLength
|
|
69
72
|
|
|
70
73
|
op.parse!
|
|
71
74
|
|
|
@@ -106,7 +109,7 @@ end
|
|
|
106
109
|
cfndsl_extras = []
|
|
107
110
|
ARGV.each do |arg|
|
|
108
111
|
cfndsl_extras << [:yaml, arg]
|
|
109
|
-
end
|
|
112
|
+
end
|
|
110
113
|
|
|
111
114
|
pipeline = CfnDslPipeline::Pipeline.new(cli_options[:output], pipe_options)
|
|
112
115
|
pipeline.build(cli_options[:template], cfndsl_extras)
|
data/cfndsl-pipeline.gemspec
CHANGED
|
@@ -30,7 +30,7 @@ Gem::Specification.new do |s|
|
|
|
30
30
|
|
|
31
31
|
s.executables << 'cfndsl_pipeline'
|
|
32
32
|
|
|
33
|
-
s.add_development_dependency "bundler", "~>
|
|
33
|
+
s.add_development_dependency "bundler", "~> 2.0"
|
|
34
34
|
s.add_development_dependency "rake"
|
|
35
35
|
s.add_development_dependency "rspec"
|
|
36
36
|
s.add_development_dependency "cfndsl"
|
data/lib/cfndsl-pipeline.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
#
|
|
1
|
+
# rubocop:disable Naming/FileName
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
3
4
|
# The MIT License
|
|
4
5
|
#
|
|
5
6
|
# Copyright (c) 2019 Cam Maxwell (cameron.maxwell@gmail.com)
|
|
@@ -53,7 +54,7 @@ module CfnDslPipeline
|
|
|
53
54
|
|
|
54
55
|
def build(input_filename, cfndsl_extras)
|
|
55
56
|
abort "Input file #{input_filename} doesn't exist!" unless File.file?(input_filename)
|
|
56
|
-
self.input_filename =
|
|
57
|
+
self.input_filename = input_filename.to_s
|
|
57
58
|
self.base_name = File.basename(input_filename, '.*')
|
|
58
59
|
self.output_filename = File.expand_path("#{output_dir}/#{base_name}.yaml")
|
|
59
60
|
exec_cfndsl cfndsl_extras
|
|
@@ -63,3 +64,4 @@ module CfnDslPipeline
|
|
|
63
64
|
end
|
|
64
65
|
end
|
|
65
66
|
end
|
|
67
|
+
# rubocop:enable Naming/FileName
|
data/lib/cli_options.rb
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
1
2
|
|
|
2
3
|
require 'optparse'
|
|
3
4
|
|
|
@@ -19,6 +20,7 @@ module CfnDslPipeline
|
|
|
19
20
|
|
|
20
21
|
# rubocop:disable Metrics/AbcSize
|
|
21
22
|
# rubocop:disable Metrics/MethodLength
|
|
23
|
+
# rubocop:disable Metrics/BlockLength
|
|
22
24
|
def parse
|
|
23
25
|
@op = OptionParser.new do |opts|
|
|
24
26
|
opts.banner = USAGE
|
|
@@ -47,8 +49,8 @@ module CfnDslPipeline
|
|
|
47
49
|
pipeline.validate_cfn_nag = false
|
|
48
50
|
end
|
|
49
51
|
|
|
50
|
-
opts.on('--audit-rule-dir', 'cfn_nag audit custom rules directory') do
|
|
51
|
-
pipeline.cfn_nag[:rule_directory] =
|
|
52
|
+
opts.on('--audit-rule-dir', 'cfn_nag audit custom rules directory') do |rule_dir|
|
|
53
|
+
pipeline.cfn_nag[:rule_directory] = rule_dir
|
|
52
54
|
end
|
|
53
55
|
|
|
54
56
|
opts.on('--audit-report', 'Save cfn_nag audit report') do
|
|
@@ -86,15 +88,17 @@ module CfnDslPipeline
|
|
|
86
88
|
|
|
87
89
|
# first non-dash parameter is the mandatory input file
|
|
88
90
|
@template = ARGV.pop
|
|
89
|
-
|
|
91
|
+
# rubocop:disable Style/MultilineIfModifier
|
|
90
92
|
ARGV.each do |arg|
|
|
91
93
|
@cfndsl_extras << [:yaml, arg]
|
|
92
|
-
end
|
|
94
|
+
end unless ARGV.empty?
|
|
95
|
+
# rubocop:enable Style/MultilineIfModifier
|
|
93
96
|
|
|
94
97
|
pipeline
|
|
95
98
|
end
|
|
96
99
|
# rubocop:enable Metrics/AbcSize
|
|
97
100
|
# rubocop:enable Metrics/MethodLength
|
|
101
|
+
# rubocop:enable Metrics/BlockLength
|
|
98
102
|
|
|
99
103
|
def fatal(msg)
|
|
100
104
|
puts msg
|
data/lib/exec_cfn_nag.rb
CHANGED
|
@@ -1,9 +1,11 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'cfn-nag'
|
|
2
4
|
require 'logging'
|
|
3
5
|
require 'colorize'
|
|
4
6
|
|
|
5
7
|
module CfnDslPipeline
|
|
6
|
-
#
|
|
8
|
+
# Interface to cfn_nag auditing
|
|
7
9
|
class Pipeline
|
|
8
10
|
def exec_cfn_nag
|
|
9
11
|
puts 'Auditing template with cfn-nag...'
|
|
@@ -22,23 +24,28 @@ module CfnDslPipeline
|
|
|
22
24
|
end
|
|
23
25
|
|
|
24
26
|
def display_report(result)
|
|
25
|
-
ColoredStdoutResults.new.render(
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
27
|
+
ColoredStdoutResults.new.render(
|
|
28
|
+
[
|
|
29
|
+
{
|
|
30
|
+
filename: @base_name.to_s,
|
|
31
|
+
file_results: result
|
|
32
|
+
}
|
|
33
|
+
]
|
|
34
|
+
)
|
|
31
35
|
end
|
|
32
36
|
|
|
33
37
|
def save_report(result)
|
|
34
38
|
return unless options.save_audit_report
|
|
39
|
+
|
|
35
40
|
report_data = Capture.capture do
|
|
36
|
-
SimpleStdoutResults.new.render(
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
41
|
+
SimpleStdoutResults.new.render(
|
|
42
|
+
[
|
|
43
|
+
{
|
|
44
|
+
filename: @base_name.to_s,
|
|
45
|
+
file_results: result
|
|
46
|
+
}
|
|
47
|
+
]
|
|
48
|
+
)
|
|
42
49
|
end
|
|
43
50
|
filename = "#{output_dir}/#{base_name}.audit"
|
|
44
51
|
File.open(File.expand_path(filename), 'w').puts report_data['stdout']
|
|
@@ -46,9 +53,9 @@ module CfnDslPipeline
|
|
|
46
53
|
end
|
|
47
54
|
|
|
48
55
|
def show_summary(result)
|
|
49
|
-
if result[:failure_count]
|
|
56
|
+
if result[:failure_count].positive?
|
|
50
57
|
puts "Audit failed. #{result[:failure_count]} error(s) found ( ಠ ʖ̯ ಠ) ".red
|
|
51
|
-
elsif result[:violations].count
|
|
58
|
+
elsif result[:violations].count.positive?
|
|
52
59
|
puts "Audit passed with #{result[:warning_count]} warnings. (._.) ".yellow
|
|
53
60
|
else
|
|
54
61
|
puts 'Audit passed! ヽ( ゚ヮ゚)/ ヽ(´ー`)ノ'.green
|
data/lib/exec_cfndsl.rb
CHANGED
|
@@ -1,14 +1,16 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'cfndsl'
|
|
2
4
|
require 'cfndsl/globals'
|
|
3
5
|
require 'cfndsl/version'
|
|
4
6
|
|
|
5
7
|
module CfnDslPipeline
|
|
6
|
-
#
|
|
8
|
+
# Interface to cfndsl
|
|
7
9
|
class Pipeline
|
|
8
10
|
def exec_cfndsl(cfndsl_extras)
|
|
9
11
|
puts 'Generating CloudFormation template...'
|
|
10
12
|
|
|
11
|
-
model = CfnDsl.eval_file_with_extras(
|
|
13
|
+
model = CfnDsl.eval_file_with_extras(@input_filename.to_s, cfndsl_extras, (options.debug_cfndsl ? STDOUT : nil))
|
|
12
14
|
@template = JSON.parse(model.to_json).to_yaml
|
|
13
15
|
File.open(@output_filename, 'w') do |file|
|
|
14
16
|
file.puts @template
|
data/lib/exec_syntax.rb
CHANGED
|
@@ -1,17 +1,18 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'aws-sdk-cloudformation'
|
|
3
4
|
require 'aws-sdk-s3'
|
|
4
5
|
require 'uuid'
|
|
5
6
|
|
|
6
7
|
module CfnDslPipeline
|
|
7
|
-
#
|
|
8
|
+
# Interface to AWS SDK syntax checks
|
|
8
9
|
class Pipeline
|
|
9
10
|
attr_accessor :s3_client
|
|
10
11
|
|
|
11
12
|
def initialize
|
|
12
13
|
self.s3_client = Aws::S3::Client.new(region: aws_region)
|
|
13
14
|
end
|
|
14
|
-
|
|
15
|
+
|
|
15
16
|
def exec_syntax_validation
|
|
16
17
|
puts 'Validating template syntax...'
|
|
17
18
|
if options.estimate_cost || (output_file.size > 51_200)
|
|
@@ -31,7 +32,6 @@ module CfnDslPipeline
|
|
|
31
32
|
end
|
|
32
33
|
save_syntax_report
|
|
33
34
|
end
|
|
34
|
-
# rubocop:enable Metrics/AbcSize
|
|
35
35
|
|
|
36
36
|
private
|
|
37
37
|
|
|
@@ -51,6 +51,7 @@ module CfnDslPipeline
|
|
|
51
51
|
|
|
52
52
|
def save_syntax_report
|
|
53
53
|
return unless options.save_syntax_report
|
|
54
|
+
|
|
54
55
|
report_filename = "#{output_dir}/#{base_name}.report"
|
|
55
56
|
puts "Syntax validation report written to #{report_filename}"
|
|
56
57
|
File.open(File.expand_path(report_filename), 'w').puts syntax_report.to_hash.to_yaml
|
|
@@ -65,6 +66,7 @@ module CfnDslPipeline
|
|
|
65
66
|
|
|
66
67
|
def estimate_cost(bucket, object_name)
|
|
67
68
|
return unless options.estimate_cost
|
|
69
|
+
|
|
68
70
|
puts 'Estimate cost of template...'
|
|
69
71
|
client = Aws::CloudFormation::Client.new(region: options.aws_region)
|
|
70
72
|
costing = client.estimate_template_cost(template_url: "https://#{bucket.url}/#{object_name}")
|
|
@@ -73,6 +75,7 @@ module CfnDslPipeline
|
|
|
73
75
|
|
|
74
76
|
def s3_validate_syntax(bucket, object_name)
|
|
75
77
|
return unless options.validate_syntax
|
|
78
|
+
|
|
76
79
|
puts 'Validating template syntax in S3 Bucket...'
|
|
77
80
|
client = Aws::CloudFormation::Client.new(region: options.aws_region)
|
|
78
81
|
client.validate_template(template_url: "https://s3.amazonaws.com/#{bucket.url}/#{object_name}")
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'cfndsl/globals'
|
|
3
4
|
require 'cfndsl/version'
|
|
4
5
|
require 'cfndsl/external_parameters'
|
|
@@ -13,7 +14,7 @@ HAS_MAPPED_TAGS = %w([CfnDsl::AWS::Types::AWS_Serverless_Function CfnDsl::AWS::T
|
|
|
13
14
|
# Automatically add Parameters for Tag values
|
|
14
15
|
CfnDsl::CloudFormationTemplate.class_eval do
|
|
15
16
|
def initialize
|
|
16
|
-
return unless
|
|
17
|
+
return unless external_parameters&.fetch(:TagStandard) && external_parameters[:TagStandard].is_a?(Hash)
|
|
17
18
|
|
|
18
19
|
# parameters for tagging standard
|
|
19
20
|
external_parameters[:TagStandard].each do |param_name, props|
|
|
@@ -25,7 +26,7 @@ CfnDsl::CloudFormationTemplate.class_eval do
|
|
|
25
26
|
send(key, props[key]) if props[key]
|
|
26
27
|
end
|
|
27
28
|
end
|
|
28
|
-
end
|
|
29
|
+
end
|
|
29
30
|
end
|
|
30
31
|
end
|
|
31
32
|
|
|
@@ -48,9 +49,10 @@ module CfnDsl
|
|
|
48
49
|
|
|
49
50
|
def fix_substitutions(val)
|
|
50
51
|
return val unless defined? val.class.to_s.downcase
|
|
51
|
-
meth = "fix_#{val.class.to_s.downcase}"
|
|
52
52
|
|
|
53
|
+
meth = "fix_#{val.class.to_s.downcase}"
|
|
53
54
|
return send(meth, val) if respond_to?(meth.to_sym)
|
|
55
|
+
|
|
54
56
|
val
|
|
55
57
|
end
|
|
56
58
|
|
|
@@ -79,6 +81,7 @@ module CfnDsl
|
|
|
79
81
|
def apply_tag_standard
|
|
80
82
|
return unless defined? external_parameters[:TagStandard]
|
|
81
83
|
return unless external_parameters[:TagStandard].is_a?(Hash)
|
|
84
|
+
|
|
82
85
|
apply_tags(external_parameters[:TagStandard]) if defined? self.Tag
|
|
83
86
|
apply_tags_map(external_parameters[:TagStandard]) if HAS_MAPPED_TAGS.include? self.class.to_s
|
|
84
87
|
end
|
data/lib/options.rb
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'cfn-nag/custom_rule_loader'
|
|
3
4
|
require 'cfn-nag/cfn_nag_config'
|
|
4
5
|
|
|
5
6
|
module CfnDslPipeline
|
|
6
|
-
#
|
|
7
|
+
# Main pipeline options
|
|
7
8
|
class Options
|
|
8
9
|
attr_accessor :aws_region, :validation_bucket, :estimate_cost, :dump_deploy_params, :cfn_nag
|
|
9
10
|
attr_accessor :validate_cfn_nag, :save_audit_report, :validate_syntax, :save_syntax_report, :validate_output
|
data/lib/params.rb
CHANGED
data/lib/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cfndsl-pipeline
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cam Maxwell
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: '
|
|
103
|
+
version: '2.0'
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: '
|
|
110
|
+
version: '2.0'
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: rake
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -221,8 +221,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
221
221
|
- !ruby/object:Gem::Version
|
|
222
222
|
version: '0'
|
|
223
223
|
requirements: []
|
|
224
|
-
|
|
225
|
-
rubygems_version: 2.7.10
|
|
224
|
+
rubygems_version: 3.0.6
|
|
226
225
|
signing_key:
|
|
227
226
|
specification_version: 4
|
|
228
227
|
summary: Integrated build pipeline for building CloudFormation with CfnDsl
|