RubyGems - cloud-mu - Versions diffs - 3.1.5 → 3.3.2 - Mend

cloud-mu 3.1.5 → 3.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (185) hide show

checksums.yaml +4 -4
data/Dockerfile +5 -1
data/ansible/roles/mu-windows/files/LaunchConfig.json +9 -0
data/ansible/roles/mu-windows/files/config.xml +76 -0
data/ansible/roles/mu-windows/tasks/main.yml +16 -0
data/bin/mu-adopt +16 -12
data/bin/mu-azure-tests +57 -0
data/bin/mu-cleanup +2 -4
data/bin/mu-configure +52 -0
data/bin/mu-deploy +3 -3
data/bin/mu-findstray-tests +25 -0
data/bin/mu-gen-docs +2 -4
data/bin/mu-load-config.rb +2 -1
data/bin/mu-node-manage +15 -16
data/bin/mu-run-tests +37 -12
data/cloud-mu.gemspec +3 -3
data/cookbooks/mu-activedirectory/resources/domain.rb +4 -4
data/cookbooks/mu-activedirectory/resources/domain_controller.rb +4 -4
data/cookbooks/mu-tools/libraries/helper.rb +1 -1
data/cookbooks/mu-tools/recipes/apply_security.rb +14 -14
data/cookbooks/mu-tools/recipes/aws_api.rb +9 -0
data/cookbooks/mu-tools/recipes/eks.rb +2 -2
data/cookbooks/mu-tools/recipes/windows-client.rb +25 -22
data/extras/clean-stock-amis +25 -19
data/extras/generate-stock-images +1 -0
data/extras/image-generators/AWS/win2k12.yaml +2 -0
data/extras/image-generators/AWS/win2k16.yaml +2 -0
data/extras/image-generators/AWS/win2k19.yaml +2 -0
data/modules/mommacat.ru +1 -1
data/modules/mu.rb +86 -98
data/modules/mu/adoption.rb +373 -58
data/modules/mu/cleanup.rb +214 -303
data/modules/mu/cloud.rb +128 -1733
data/modules/mu/cloud/database.rb +49 -0
data/modules/mu/cloud/dnszone.rb +44 -0
data/modules/mu/cloud/machine_images.rb +212 -0
data/modules/mu/cloud/providers.rb +81 -0
data/modules/mu/cloud/resource_base.rb +929 -0
data/modules/mu/cloud/server.rb +40 -0
data/modules/mu/cloud/server_pool.rb +1 -0
data/modules/mu/cloud/ssh_sessions.rb +228 -0
data/modules/mu/cloud/winrm_sessions.rb +237 -0
data/modules/mu/cloud/wrappers.rb +169 -0
data/modules/mu/config.rb +123 -81
data/modules/mu/config/alarm.rb +2 -6
data/modules/mu/config/bucket.rb +32 -3
data/modules/mu/config/cache_cluster.rb +2 -2
data/modules/mu/config/cdn.rb +100 -0
data/modules/mu/config/collection.rb +1 -1
data/modules/mu/config/container_cluster.rb +7 -2
data/modules/mu/config/database.rb +84 -105
data/modules/mu/config/database.yml +1 -2
data/modules/mu/config/dnszone.rb +5 -4
data/modules/mu/config/doc_helpers.rb +5 -6
data/modules/mu/config/endpoint.rb +2 -1
data/modules/mu/config/firewall_rule.rb +3 -19
data/modules/mu/config/folder.rb +1 -1
data/modules/mu/config/function.rb +17 -8
data/modules/mu/config/group.rb +1 -1
data/modules/mu/config/habitat.rb +1 -1
data/modules/mu/config/job.rb +89 -0
data/modules/mu/config/loadbalancer.rb +57 -11
data/modules/mu/config/log.rb +1 -1
data/modules/mu/config/msg_queue.rb +1 -1
data/modules/mu/config/nosqldb.rb +1 -1
data/modules/mu/config/notifier.rb +8 -19
data/modules/mu/config/ref.rb +92 -14
data/modules/mu/config/role.rb +1 -1
data/modules/mu/config/schema_helpers.rb +38 -37
data/modules/mu/config/search_domain.rb +1 -1
data/modules/mu/config/server.rb +12 -13
data/modules/mu/config/server_pool.rb +3 -7
data/modules/mu/config/storage_pool.rb +1 -1
data/modules/mu/config/tail.rb +11 -0
data/modules/mu/config/user.rb +1 -1
data/modules/mu/config/vpc.rb +27 -23
data/modules/mu/config/vpc.yml +0 -1
data/modules/mu/defaults/AWS.yaml +90 -90
data/modules/mu/defaults/Azure.yaml +1 -0
data/modules/mu/defaults/Google.yaml +1 -0
data/modules/mu/deploy.rb +34 -20
data/modules/mu/groomer.rb +16 -1
data/modules/mu/groomers/ansible.rb +69 -4
data/modules/mu/groomers/chef.rb +51 -4
data/modules/mu/logger.rb +120 -144
data/modules/mu/master.rb +97 -4
data/modules/mu/mommacat.rb +160 -874
data/modules/mu/mommacat/daemon.rb +23 -14
data/modules/mu/mommacat/naming.rb +110 -3
data/modules/mu/mommacat/search.rb +497 -0
data/modules/mu/mommacat/storage.rb +252 -194
data/modules/mu/{clouds → providers}/README.md +1 -1
data/modules/mu/{clouds → providers}/aws.rb +258 -57
data/modules/mu/{clouds → providers}/aws/alarm.rb +3 -3
data/modules/mu/{clouds → providers}/aws/bucket.rb +275 -41
data/modules/mu/{clouds → providers}/aws/cache_cluster.rb +14 -50
data/modules/mu/providers/aws/cdn.rb +782 -0
data/modules/mu/{clouds → providers}/aws/collection.rb +5 -5
data/modules/mu/{clouds → providers}/aws/container_cluster.rb +95 -84
data/modules/mu/providers/aws/database.rb +1744 -0
data/modules/mu/{clouds → providers}/aws/dnszone.rb +26 -12
data/modules/mu/providers/aws/endpoint.rb +1072 -0
data/modules/mu/{clouds → providers}/aws/firewall_rule.rb +39 -32
data/modules/mu/{clouds → providers}/aws/folder.rb +1 -1
data/modules/mu/{clouds → providers}/aws/function.rb +289 -134
data/modules/mu/{clouds → providers}/aws/group.rb +18 -20
data/modules/mu/{clouds → providers}/aws/habitat.rb +3 -3
data/modules/mu/providers/aws/job.rb +466 -0
data/modules/mu/{clouds → providers}/aws/loadbalancer.rb +77 -47
data/modules/mu/{clouds → providers}/aws/log.rb +5 -5
data/modules/mu/{clouds → providers}/aws/msg_queue.rb +14 -11
data/modules/mu/{clouds → providers}/aws/nosqldb.rb +96 -5
data/modules/mu/{clouds → providers}/aws/notifier.rb +135 -63
data/modules/mu/{clouds → providers}/aws/role.rb +76 -48
data/modules/mu/{clouds → providers}/aws/search_domain.rb +172 -41
data/modules/mu/{clouds → providers}/aws/server.rb +66 -98
data/modules/mu/{clouds → providers}/aws/server_pool.rb +42 -60
data/modules/mu/{clouds → providers}/aws/storage_pool.rb +21 -38
data/modules/mu/{clouds → providers}/aws/user.rb +12 -16
data/modules/mu/{clouds → providers}/aws/userdata/README.md +0 -0
data/modules/mu/{clouds → providers}/aws/userdata/linux.erb +5 -4
data/modules/mu/{clouds → providers}/aws/userdata/windows.erb +0 -0
data/modules/mu/{clouds → providers}/aws/vpc.rb +143 -74
data/modules/mu/{clouds → providers}/aws/vpc_subnet.rb +0 -0
data/modules/mu/{clouds → providers}/azure.rb +13 -0
data/modules/mu/{clouds → providers}/azure/container_cluster.rb +1 -5
data/modules/mu/{clouds → providers}/azure/firewall_rule.rb +8 -1
data/modules/mu/{clouds → providers}/azure/habitat.rb +0 -0
data/modules/mu/{clouds → providers}/azure/loadbalancer.rb +0 -0
data/modules/mu/{clouds → providers}/azure/role.rb +0 -0
data/modules/mu/{clouds → providers}/azure/server.rb +32 -24
data/modules/mu/{clouds → providers}/azure/user.rb +1 -1
data/modules/mu/{clouds → providers}/azure/userdata/README.md +0 -0
data/modules/mu/{clouds → providers}/azure/userdata/linux.erb +0 -0
data/modules/mu/{clouds → providers}/azure/userdata/windows.erb +0 -0
data/modules/mu/{clouds → providers}/azure/vpc.rb +4 -6
data/modules/mu/{clouds → providers}/cloudformation.rb +10 -0
data/modules/mu/{clouds → providers}/cloudformation/alarm.rb +3 -3
data/modules/mu/{clouds → providers}/cloudformation/cache_cluster.rb +3 -3
data/modules/mu/{clouds → providers}/cloudformation/collection.rb +3 -3
data/modules/mu/{clouds → providers}/cloudformation/database.rb +6 -17
data/modules/mu/{clouds → providers}/cloudformation/dnszone.rb +3 -3
data/modules/mu/{clouds → providers}/cloudformation/firewall_rule.rb +3 -3
data/modules/mu/{clouds → providers}/cloudformation/loadbalancer.rb +3 -3
data/modules/mu/{clouds → providers}/cloudformation/log.rb +3 -3
data/modules/mu/{clouds → providers}/cloudformation/server.rb +7 -7
data/modules/mu/{clouds → providers}/cloudformation/server_pool.rb +5 -5
data/modules/mu/{clouds → providers}/cloudformation/vpc.rb +3 -3
data/modules/mu/{clouds → providers}/docker.rb +0 -0
data/modules/mu/{clouds → providers}/google.rb +29 -6
data/modules/mu/{clouds → providers}/google/bucket.rb +4 -4
data/modules/mu/{clouds → providers}/google/container_cluster.rb +38 -20
data/modules/mu/{clouds → providers}/google/database.rb +5 -12
data/modules/mu/{clouds → providers}/google/firewall_rule.rb +5 -5
data/modules/mu/{clouds → providers}/google/folder.rb +5 -9
data/modules/mu/{clouds → providers}/google/function.rb +6 -6
data/modules/mu/{clouds → providers}/google/group.rb +9 -17
data/modules/mu/{clouds → providers}/google/habitat.rb +4 -8
data/modules/mu/{clouds → providers}/google/loadbalancer.rb +5 -5
data/modules/mu/{clouds → providers}/google/role.rb +50 -31
data/modules/mu/{clouds → providers}/google/server.rb +41 -24
data/modules/mu/{clouds → providers}/google/server_pool.rb +14 -14
data/modules/mu/{clouds → providers}/google/user.rb +34 -24
data/modules/mu/{clouds → providers}/google/userdata/README.md +0 -0
data/modules/mu/{clouds → providers}/google/userdata/linux.erb +0 -0
data/modules/mu/{clouds → providers}/google/userdata/windows.erb +0 -0
data/modules/mu/{clouds → providers}/google/vpc.rb +45 -14
data/modules/tests/aws-jobs-functions.yaml +46 -0
data/modules/tests/centos6.yaml +15 -0
data/modules/tests/centos7.yaml +15 -0
data/modules/tests/centos8.yaml +12 -0
data/modules/tests/ecs.yaml +2 -2
data/modules/tests/eks.yaml +1 -1
data/modules/tests/functions/node-function/lambda_function.js +10 -0
data/modules/tests/functions/python-function/lambda_function.py +12 -0
data/modules/tests/microservice_app.yaml +288 -0
data/modules/tests/rds.yaml +108 -0
data/modules/tests/regrooms/rds.yaml +123 -0
data/modules/tests/server-with-scrub-muisms.yaml +1 -1
data/modules/tests/super_complex_bok.yml +2 -2
data/modules/tests/super_simple_bok.yml +3 -5
data/spec/mu/clouds/azure_spec.rb +2 -2
metadata +122 -92
data/modules/mu/clouds/aws/database.rb +0 -1974
data/modules/mu/clouds/aws/endpoint.rb +0 -596

data/modules/mu/{clouds → providers}/azure/user.rb RENAMED

@@ -107,7 +107,7 @@ module MU
         def groom
           if @config['roles']
             @config['roles'].each { |role|
-              MU::Cloud::Azure::Role.assignTo(cloud_desc.principal_id, role_name: role, credentials: @config['credentials'])
+              MU::Cloud.resourceClass("Azure", "Role").assignTo(cloud_desc.principal_id, role_name: role, credentials: @config['credentials'])
             }
           end
         end

data/modules/mu/{clouds → providers}/azure/userdata/README.md RENAMED

File without changes

data/modules/mu/{clouds → providers}/azure/userdata/linux.erb RENAMED

File without changes

data/modules/mu/{clouds → providers}/azure/userdata/windows.erb RENAMED

File without changes

data/modules/mu/{clouds → providers}/azure/vpc.rb RENAMED

@@ -335,8 +335,10 @@ module MU
           return nil if cloud_desc.name == "default" # parent project builds these
           bok = {
             "cloud" => "Azure",
+            "name" => cloud_desc.name,
             "project" => @config['project'],
-            "credentials" => @config['credentials']
+            "credentials" => @config['credentials'],
+            "cloud_id" => @cloud_id.to_s
           }
           bok
@@ -424,11 +426,7 @@ module MU
               }
             ]
           }
-          vpc["dependencies"] ||= []
-          vpc["dependencies"] << {
-            "type" => "firewall_rule",
-            "name" => vpc['name']+"-defaultfw"
-          }
+          MU::Config.addDependency(vpc, vpc['name']+"-defaultfw", "firewall_rule")
           if !configurator.insertKitten(default_acl, "firewall_rules", true)
             ok = false

data/modules/mu/{clouds → providers}/cloudformation.rb RENAMED

@@ -28,6 +28,16 @@ module MU
       @@cloudformation_mode = false
+      # Is this a "real" cloud provider, or a stub like CloudFormation?
+      def self.virtual?
+        true
+      end
+      # List all AWS projects available to our credentials
+      def self.listHabitats(credentials = nil, use_cache: true)
+        MU::Cloud::AWS.listHabitats(credentials)
+      end
       # Return what we think of as a cloud object's habitat. In AWS, this means
       # the +account_number+ in which it's resident. If this is not applicable,
       # such as for a {Habitat} or {Folder}, returns nil.

data/modules/mu/{clouds → providers}/cloudformation/alarm.rb RENAMED

@@ -129,7 +129,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::Alarm.schema(config)
+          MU::Cloud.resourceClass("AWS", "Alarm").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -137,14 +137,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::Alarm.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "Alarm").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::Alarm.isGlobal?
+          MU::Cloud.resourceClass("AWS", "Alarm").isGlobal?
         end

data/modules/mu/{clouds → providers}/cloudformation/cache_cluster.rb RENAMED

@@ -150,7 +150,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::CacheCluster.schema(config)
+          MU::Cloud.resourceClass("AWS", "CacheCluster").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -158,14 +158,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::CacheCluster.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "CacheCluster").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::CacheCluster.isGlobal?
+          MU::Cloud.resourceClass("AWS", "CacheCluster").isGlobal?
         end
       end

data/modules/mu/{clouds → providers}/cloudformation/collection.rb RENAMED

@@ -100,7 +100,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::Collection.schema(config)
+          MU::Cloud.resourceClass("AWS", "Collection").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -108,14 +108,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::Collection.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "Collection").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::Collection.isGlobal?
+          MU::Cloud.resourceClass("AWS", "Collection").isGlobal?
         end
       end

data/modules/mu/{clouds → providers}/cloudformation/database.rb RENAMED

@@ -64,8 +64,8 @@ module MU
           basename = @config["name"].to_s
           basename = basename+@deploy.timestamp+MU.seed.downcase if !@config['scrub_mu_isms']
           basename.gsub!(/[^a-z0-9]/i, "")
-          @config["db_name"] = MU::Cloud::AWS::Database.getName(basename, type: "dbname", config: @config)
-          @config['master_user'] = MU::Cloud::AWS::Database.getName(basename, type: "dbuser", config: @config)
+          @config["db_name"] = MU::Cloud.resourceClass("AWS", "Database").getName(basename, type: "dbname", config: @config)
+          @config['master_user'] = MU::Cloud.resourceClass("AWS", "Database").getName(basename, type: "dbuser", config: @config)
           if @config["create_cluster"]
             @cfm_name, @cfm_template = MU::Cloud::CloudFormation.cloudFormationBase("dbcluster", self, tags: @config['tags'], scrub_mu_isms: @config['scrub_mu_isms']) if @cfm_template.nil?
@@ -214,18 +214,7 @@ module MU
             elsif @config['db_name']
               MU::Cloud::CloudFormation.setCloudFormationProp(@cfm_template[@cfm_name], "DBName", @config['db_name'])
             end
-            if @config['password'].nil?
-              if @config['auth_vault'] && !@config['auth_vault'].empty?
-                @config['password'] = @groomclass.getSecret(
-                  vault: @config['auth_vault']['vault'],
-                  item: @config['auth_vault']['item'],
-                  field: @config['auth_vault']['password_field']
-                )
-              else
-                # Should we use random instead?
-                @config['password'] = Password.pronounceable(10..12)
-              end
-            end
+            getPassword
             MU::Cloud::CloudFormation.setCloudFormationProp(@cfm_template[@cfm_name], "MasterUserPassword", @config['password'])
           end
         end
@@ -260,7 +249,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::Database.schema(config)
+          MU::Cloud.resourceClass("AWS", "Database").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -268,14 +257,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::Database.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "Database").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::Database.isGlobal?
+          MU::Cloud.resourceClass("AWS", "Database").isGlobal?
         end

data/modules/mu/{clouds → providers}/cloudformation/dnszone.rb RENAMED

@@ -257,7 +257,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::DNSZone.schema(config)
+          MU::Cloud.resourceClass("AWS", "DNSZone").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -265,14 +265,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::DNSZone.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "DNSZone").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::DNSZone.isGlobal?
+          MU::Cloud.resourceClass("AWS", "DNSZone").isGlobal?
         end
       end

data/modules/mu/{clouds → providers}/cloudformation/firewall_rule.rb RENAMED

@@ -137,7 +137,7 @@ module MU
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(acl, config)
           # Just use the AWS implemention
-          MU::Cloud::AWS::FirewallRule.validateConfig(acl, config)
+          MU::Cloud.resourceClass("AWS", "FirewallRule").validateConfig(acl, config)
         end
         private
@@ -291,14 +291,14 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::FirewallRule.schema(config)
+          MU::Cloud.resourceClass("AWS", "FirewallRule").schema(config)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::FirewallRule.isGlobal?
+          MU::Cloud.resourceClass("AWS", "FirewallRule").isGlobal?
         end
       end #class

data/modules/mu/{clouds → providers}/cloudformation/loadbalancer.rb RENAMED

@@ -176,7 +176,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::LoadBalancer.schema(config)
+          MU::Cloud.resourceClass("AWS", "LoadBalancer").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -184,14 +184,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::LoadBalancer.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "LoadBalancer").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::LoadBalancer.isGlobal?
+          MU::Cloud.resourceClass("AWS", "LoadBalancer").isGlobal?
         end
       end

data/modules/mu/{clouds → providers}/cloudformation/log.rb RENAMED

@@ -153,7 +153,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::Log.schema(config)
+          MU::Cloud.resourceClass("AWS", "Log").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -161,14 +161,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::Log.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "Log").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::Log.isGlobal?
+          MU::Cloud.resourceClass("AWS", "Log").isGlobal?
         end
       end

data/modules/mu/{clouds → providers}/cloudformation/server.rb RENAMED

@@ -55,8 +55,8 @@ module MU
             scrub_mu_isms: @config['scrub_mu_isms']
           )
-          @disk_devices = MU::Cloud::AWS::Server.disk_devices
-          @ephemeral_mappings = MU::Cloud::AWS::Server.ephemeral_mappings
+          @disk_devices = MU::Cloud.resourceClass("AWS", "Server").disk_devices
+          @ephemeral_mappings = MU::Cloud.resourceClass("AWS", "Server").ephemeral_mappings
           if !mu_name.nil?
             @mu_name = mu_name
@@ -190,7 +190,7 @@ module MU
           cfm_volume_map = {}
           if @config["storage"]
             @config["storage"].each { |vol|
-              mapping, cfm_mapping = MU::Cloud::AWS::Server.convertBlockDeviceMapping(vol)
+              mapping, cfm_mapping = MU::Cloud.resourceClass("AWS", "Server").convertBlockDeviceMapping(vol)
               configured_storage << mapping
 #                vol_name, vol_template = MU::Cloud::CloudFormation.cloudFormationBase("volume", name: "volume"+@cfm_name+mapping[:device_name])
 #                MU::Cloud::CloudFormation.setCloudFormationProp(vol_template[vol_name], "Size", mapping[:ebs][:volume_size].to_s)
@@ -353,7 +353,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::Server.schema(config)
+          MU::Cloud.resourceClass("AWS", "Server").schema(config)
         end
         # Confirm that the given instance size is valid for the given region.
@@ -362,7 +362,7 @@ module MU
         # @param region [String]: Region to check against
         # @return [String,nil]
         def self.validateInstanceType(size, region)
-          MU::Cloud::AWS::Server.validateInstanceType(size, region)
+          MU::Cloud.resourceClass("AWS", "Server").validateInstanceType(size, region)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -370,14 +370,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::Server.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "Server").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::Server.isGlobal?
+          MU::Cloud.resourceClass("AWS", "Server").isGlobal?
         end
       end #class

data/modules/mu/{clouds → providers}/cloudformation/server_pool.rb RENAMED

@@ -129,13 +129,13 @@ module MU
             if launch_desc["storage"]
               launch_desc["storage"].each { |vol|
-                mapping, cfm_mapping = MU::Cloud::AWS::Server.convertBlockDeviceMapping(vol)
+                mapping, cfm_mapping = MU::Cloud.resourceClass("AWS", "Server").convertBlockDeviceMapping(vol)
                 if cfm_mapping.size > 0
                   MU::Cloud::CloudFormation.setCloudFormationProp(@cfm_template[@cfm_launch_name], "BlockDeviceMappings", cfm_mapping)
                 end
               }
             end
-            MU::Cloud::AWS::Server.ephemeral_mappings.each { |mapping|
+            MU::Cloud.resourceClass("AWS", "Server.ephemeral_mappings").each { |mapping|
               MU::Cloud::CloudFormation.setCloudFormationProp(@cfm_template[@cfm_launch_name], "BlockDeviceMappings", { "DeviceName" => mapping[:device_name], "VirtualName" => mapping[:virtual_name] })
             }
@@ -263,7 +263,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::ServerPool.schema(config)
+          MU::Cloud.resourceClass("AWS", "ServerPool").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -271,14 +271,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::ServerPool.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "ServerPool").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::ServerPool.isGlobal?
+          MU::Cloud.resourceClass("AWS", "ServerPool").isGlobal?
         end
       end

data/modules/mu/{clouds → providers}/cloudformation/vpc.rb RENAMED

@@ -301,7 +301,7 @@ module MU
         # @param config [MU::Config]: The calling MU::Config object
         # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
         def self.schema(config)
-          MU::Cloud::AWS::VPC.schema(config)
+          MU::Cloud.resourceClass("AWS", "VPC").schema(config)
         end
         # Cloud-specific pre-processing of {MU::Config::BasketofKittens::servers}, bare and unvalidated.
@@ -309,14 +309,14 @@ module MU
         # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
         # @return [Boolean]: True if validation succeeded, False otherwise
         def self.validateConfig(server, configurator)
-          MU::Cloud::AWS::VPC.validateConfig(server, configurator)
+          MU::Cloud.resourceClass("AWS", "VPC").validateConfig(server, configurator)
         end
         # Does this resource type exist as a global (cloud-wide) artifact, or
         # is it localized to a region/zone?
         # @return [Boolean]
         def self.isGlobal?
-          MU::Cloud::AWS::VPC.isGlobal?
+          MU::Cloud.resourceClass("AWS", "VPC").isGlobal?
         end
       end #class

data/modules/mu/{clouds → providers}/docker.rb RENAMED

File without changes

data/modules/mu/{clouds → providers}/google.rb RENAMED

@@ -52,6 +52,11 @@ module MU
         [:url]
       end
+      # Is this a "real" cloud provider, or a stub like CloudFormation?
+      def self.virtual?
+        false
+      end
       # Most of our resource implementation +find+ methods have to mangle their
       # args to make sure they've extracted a project or location argument from
       # other available information. This does it for them.
@@ -231,7 +236,7 @@ module MU
       # @param sibling_only [Boolean]
       # @return [MU::Config::Habitat,nil]
       def self.projectLookup(name, deploy = MU.mommacat, raise_on_fail: true, sibling_only: false)
-        project_obj = deploy.findLitterMate(type: "habitats", name: name) if deploy
+        project_obj = deploy.findLitterMate(type: "habitats", name: name) if deploy if !caller.grep(/`findLitterMate'/) # XXX the dumbest
         if !project_obj and !sibling_only
           resp = MU::MommaCat.findStray(
@@ -337,6 +342,7 @@ module MU
       # etc)
       # @param deploy_id [MU::MommaCat]
       def self.cleanDeploy(deploy_id, credentials: nil, noop: false)
+        removeDeploySecretsAndRoles(deploy_id, noop: noop, credentials: credentials)
       end
       # Plant a Mu deploy secret into a storage bucket somewhere for so our kittens can consume it
@@ -548,7 +554,7 @@ MU.log e.message, MU::WARN, details: e.inspect
             begin
               listRegions(credentials: credentials)
               listInstanceTypes(credentials: credentials)
-              listProjects(credentials)
+              listHabitats(credentials)
             rescue ::Google::Apis::ClientError
               MU.log "Found machine credentials #{@@svc_account_name}, but these don't appear to have sufficient permissions or scopes", MU::WARN, details: scopes
               @@authorizers.delete(credentials)
@@ -700,13 +706,26 @@ MU.log e.message, MU::WARN, details: e.inspect
         nil
       end
+      @allprojects = []
       # List all Google Cloud Platform projects available to our credentials
-      def self.listProjects(credentials = nil)
+      def self.listHabitats(credentials = nil, use_cache: true)
         cfg = credConfig(credentials)
-        return [] if !cfg or !cfg['project']
+        return [] if !cfg
+        if cfg['restrict_to_habitats'] and cfg['restrict_to_habitats'].is_a?(Array)
+          cfg['restrict_to_habitats'] << cfg['project'] if cfg['project']
+          return cfg['restrict_to_habitats'].uniq
+        end
+        if @allprojects and !@allprojects.empty? and use_cache
+          return @allprojects
+        end
         result = MU::Cloud::Google.resource_manager(credentials: credentials).list_projects
         result.projects.reject! { |p| p.lifecycle_state == "DELETE_REQUESTED" }
-        result.projects.map { |p| p.project_id }
+        @allprojects = result.projects.map { |p| p.project_id }
+        if cfg['ignore_habitats'] and cfg['ignore_habitats'].is_a?(Array)
+          @allprojects.reject! { |p| cfg['ignore_habitats'].include?(p) }
+        end
+        @allprojects
       end
       @@regions = {}
@@ -1005,14 +1024,17 @@ MU.log e.message, MU::WARN, details: e.inspect
       # @return [Array<OpenStruct>],nil]
       def self.getOrg(credentials = nil, with_id: nil)
         creds = MU::Cloud::Google.credConfig(credentials)
+        return nil if !creds
         credname = if creds and creds['name']
           creds['name']
         else
           "default"
         end
+        with_id ||= creds['org'] if creds['org']
         return @@orgmap[credname] if @@orgmap.has_key?(credname)
         resp = MU::Cloud::Google.resource_manager(credentials: credname).search_organizations
         if resp and resp.organizations
           # XXX no idea if it's possible to be a member of multiple orgs
           if !with_id
@@ -1020,7 +1042,8 @@ MU.log e.message, MU::WARN, details: e.inspect
             return resp.organizations.first
           else
             resp.organizations.each { |org|
-              if org.name == with_id
+              if org.name == with_id or org.display_name == with_id or
+                 org.name == "organizations/#{with_id}"
                 @@orgmap[credname] = org
                 return org
               end