RubyGems - cloud-mu - Versions diffs - 3.1.1 → 3.1.2beta2 - Mend

cloud-mu 3.1.1 → 3.1.2beta2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

checksums.yaml +4 -4
data/Berksfile.lock +179 -0
data/bin/mu-adopt +1 -1
data/bin/mu-azure-tests +46 -0
data/bin/mu-cleanup +3 -1
data/bin/mu-configure +7 -0
data/cloud-mu.gemspec +4 -3
data/cookbooks/mu-tools/files/default/Mu_CA.pem +33 -0
data/extras/clean-stock-amis +0 -0
data/extras/generate-stock-images +0 -0
data/extras/list-stock-amis +0 -0
data/extras/vault_tools/export_vaults.sh +0 -0
data/extras/vault_tools/recreate_vaults.sh +0 -0
data/extras/vault_tools/test_vaults.sh +0 -0
data/modules/mu/cleanup.rb +15 -3
data/modules/mu/clouds/aws/bucket.rb +6 -0
data/modules/mu/clouds/aws/endpoint.rb +2 -0
data/modules/mu/clouds/aws/firewall_rule.rb +31 -0
data/modules/mu/clouds/aws/function.rb +45 -2
data/modules/mu/clouds/aws/loadbalancer.rb +3 -1
data/modules/mu/clouds/aws/role.rb +3 -1
data/modules/mu/clouds/aws/server.rb +10 -4
data/modules/mu/clouds/aws/server_pool.rb +4 -3
data/modules/mu/clouds/aws/vpc.rb +28 -3
data/modules/mu/clouds/google/function.rb +679 -0
data/modules/mu/clouds/google/vpc.rb +1 -1
data/modules/mu/clouds/google.rb +54 -9
data/modules/mu/config/function.rb +12 -40
data/modules/mu/config.rb +2 -1
data/modules/mu/groomers/ansible.rb +7 -5
data/modules/mu/kittens.rb +22134 -0
data/modules/mu/mu.yaml.rb +282 -0
data/modules/mu.rb +4 -1
metadata +41 -20

data/modules/mu/clouds/aws/vpc.rb CHANGED Viewed

@@ -1924,24 +1924,46 @@ MU.log "association I don't understand in #{@cloud_id}", MU::WARN, details: rtb_
         # Remove all network interfaces associated with the currently loaded deployment.
         # @param noop [Boolean]: If true, will only print what would be done
-        # @param tagfilters [Array<Hash>]: EC2 tags to filter against when search for resources to purge
+        # @param filters [Array<Hash>]: EC2 tags to filter against when search for resources to purge
         # @param region [String]: The cloud provider region
         # @return [void]
-        def self.purge_interfaces(noop = false, tagfilters = [{name: "tag:MU-ID", values: [MU.deploy_id]}], region: MU.curRegion, credentials: nil)
+        def self.purge_interfaces(noop = false, filters = [{name: "tag:MU-ID", values: [MU.deploy_id]}], region: MU.curRegion, credentials: nil)
           resp = MU::Cloud::AWS.ec2(credentials: credentials, region: region).describe_network_interfaces(
-            filters: tagfilters
+            filters: filters
           )
           ifaces = resp.data.network_interfaces
           return if ifaces.nil? or ifaces.size == 0
           ifaces.each { |iface|
+            if iface.vpc_id
+              default_sg_resp = MU::Cloud::AWS.ec2(region: region, credentials: credentials).describe_security_groups(
+                filters: [
+                  { name: "group-name", values: ["default"] },
+                  { name: "vpc-id", values: [iface.vpc_id] }
+                ]
+              ).security_groups
+              if default_sg_resp and default_sg_resp.size == 1
+                default_sg = default_sg_resp.first.group_id
+                if iface.groups.size != 1 or
+                   iface.groups.first.group_id != default_sg
+                  MU.log "Removing extra security groups from ENI #{iface.network_interface_id}"
+                  MU::Cloud::AWS.ec2(credentials: credentials, region: region).modify_network_interface_attribute(
+                    network_interface_id: iface.network_interface_id,
+                    groups: [default_sg]
+                  )
+                end
+              end
+            end
             begin
               if iface.attachment and iface.attachment.status == "attached"
                 MU.log "Detaching Network Interface #{iface.network_interface_id} from #{iface.attachment.instance_owner_id}"
                 tried_lbs = false
                 begin
                   MU::Cloud::AWS.ec2(credentials: credentials, region: region).detach_network_interface(attachment_id: iface.attachment.attachment_id) if !noop
+                rescue Aws::EC2::Errors::OperationNotPermitted => e
+                  MU.log "Can't detach #{iface.network_interface_id}: #{e.message}", MU::WARN, details: iface.attachment
+                  next
                 rescue Aws::EC2::Errors::InvalidAttachmentIDNotFound => e
                   # suits me just fine
                 rescue Aws::EC2::Errors::AuthFailure => e
@@ -1997,6 +2019,9 @@ MU.log "association I don't understand in #{@cloud_id}", MU::WARN, details: rtb_
               if retries < 19
                 loglevel = (retries > 0 and (retries % 3) == 0) ? MU::NOTICE : MU::DEBUG
                 MU.log "#{e.message} (retry #{retries.to_s}/20)", loglevel
+                if loglevel == MU::NOTICE
+                  MU::Cloud::AWS::VPC.purge_interfaces(noop, [{name: "subnet-id", values: [subnet.subnet_id]}], region: region, credentials: credentials)
+                end
                 sleep 30
                 retries = retries + 1
                 retry