cloud-mu 3.3.0 → 3.5.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ansible/roles/mu-nat/tasks/main.yml +3 -0
- data/bin/mu-aws-setup +41 -7
- data/bin/mu-azure-setup +36 -2
- data/bin/mu-configure +214 -119
- data/bin/mu-gcp-setup +37 -2
- data/bin/mu-node-manage +3 -0
- data/bin/mu-refresh-ssl +67 -0
- data/bin/mu-run-tests +14 -4
- data/bin/mu-self-update +30 -10
- data/bin/mu-upload-chef-artifacts +30 -26
- data/cloud-mu.gemspec +9 -7
- data/cookbooks/mu-master/attributes/default.rb +5 -1
- data/cookbooks/mu-master/metadata.rb +2 -2
- data/cookbooks/mu-master/recipes/default.rb +81 -26
- data/cookbooks/mu-master/recipes/init.rb +197 -62
- data/cookbooks/mu-master/recipes/update_nagios_only.rb +1 -1
- data/cookbooks/mu-master/recipes/vault.rb +78 -77
- data/cookbooks/mu-master/templates/default/mods/rewrite.conf.erb +1 -0
- data/cookbooks/mu-master/templates/default/nagios.conf.erb +103 -0
- data/cookbooks/mu-master/templates/default/web_app.conf.erb +14 -30
- data/cookbooks/mu-tools/attributes/default.rb +12 -0
- data/cookbooks/mu-tools/files/centos-6/CentOS-Base.repo +47 -0
- data/cookbooks/mu-tools/libraries/helper.rb +98 -4
- data/cookbooks/mu-tools/libraries/monkey.rb +1 -1
- data/cookbooks/mu-tools/recipes/apply_security.rb +31 -9
- data/cookbooks/mu-tools/recipes/aws_api.rb +8 -2
- data/cookbooks/mu-tools/recipes/base_repositories.rb +1 -1
- data/cookbooks/mu-tools/recipes/gcloud.rb +2 -9
- data/cookbooks/mu-tools/recipes/google_api.rb +7 -0
- data/cookbooks/mu-tools/recipes/rsyslog.rb +8 -1
- data/cookbooks/mu-tools/resources/disk.rb +113 -42
- data/cookbooks/mu-tools/resources/mommacat_request.rb +1 -2
- data/cookbooks/mu-tools/templates/centos-8/sshd_config.erb +215 -0
- data/extras/Gemfile.lock.bootstrap +394 -0
- data/extras/bucketstubs/error.html +0 -0
- data/extras/bucketstubs/index.html +0 -0
- data/extras/clean-stock-amis +11 -3
- data/extras/generate-stock-images +6 -3
- data/extras/git_rpm/build.sh +20 -0
- data/extras/git_rpm/mugit.spec +53 -0
- data/extras/image-generators/AWS/centos7.yaml +19 -16
- data/extras/image-generators/AWS/{rhel7.yaml → rhel71.yaml} +0 -0
- data/extras/image-generators/AWS/{win2k12.yaml → win2k12r2.yaml} +0 -0
- data/extras/image-generators/VMWare/centos8.yaml +15 -0
- data/extras/openssl_rpm/build.sh +19 -0
- data/extras/openssl_rpm/mussl.spec +46 -0
- data/extras/python_rpm/muthon.spec +14 -4
- data/extras/ruby_rpm/muby.spec +9 -5
- data/extras/sqlite_rpm/build.sh +19 -0
- data/extras/sqlite_rpm/muqlite.spec +47 -0
- data/install/installer +7 -5
- data/modules/mommacat.ru +2 -2
- data/modules/mu.rb +12 -5
- data/modules/mu/cloud/machine_images.rb +1 -1
- data/modules/mu/cloud/providers.rb +6 -1
- data/modules/mu/cloud/resource_base.rb +7 -4
- data/modules/mu/cloud/ssh_sessions.rb +5 -1
- data/modules/mu/cloud/wrappers.rb +16 -7
- data/modules/mu/config.rb +28 -12
- data/modules/mu/config/database.rb +2 -2
- data/modules/mu/config/firewall_rule.rb +1 -1
- data/modules/mu/config/ref.rb +3 -3
- data/modules/mu/config/schema_helpers.rb +12 -3
- data/modules/mu/config/server.rb +10 -4
- data/modules/mu/config/server_pool.rb +2 -2
- data/modules/mu/config/vpc.rb +10 -10
- data/modules/mu/defaults/AWS.yaml +96 -96
- data/modules/mu/deploy.rb +27 -14
- data/modules/mu/groomers/chef.rb +2 -2
- data/modules/mu/master.rb +49 -3
- data/modules/mu/mommacat.rb +27 -9
- data/modules/mu/mommacat/naming.rb +2 -2
- data/modules/mu/mommacat/search.rb +16 -5
- data/modules/mu/mommacat/storage.rb +67 -32
- data/modules/mu/providers/aws.rb +185 -71
- data/modules/mu/providers/aws/alarm.rb +3 -3
- data/modules/mu/providers/aws/bucket.rb +19 -19
- data/modules/mu/providers/aws/cache_cluster.rb +22 -22
- data/modules/mu/providers/aws/cdn.rb +2 -2
- data/modules/mu/providers/aws/collection.rb +14 -14
- data/modules/mu/providers/aws/container_cluster.rb +27 -27
- data/modules/mu/providers/aws/database.rb +49 -45
- data/modules/mu/providers/aws/dnszone.rb +5 -5
- data/modules/mu/providers/aws/endpoint.rb +35 -35
- data/modules/mu/providers/aws/firewall_rule.rb +26 -23
- data/modules/mu/providers/aws/function.rb +35 -32
- data/modules/mu/providers/aws/group.rb +7 -7
- data/modules/mu/providers/aws/habitat.rb +2 -2
- data/modules/mu/providers/aws/job.rb +35 -32
- data/modules/mu/providers/aws/loadbalancer.rb +58 -37
- data/modules/mu/providers/aws/log.rb +14 -14
- data/modules/mu/providers/aws/msg_queue.rb +10 -10
- data/modules/mu/providers/aws/nosqldb.rb +8 -8
- data/modules/mu/providers/aws/notifier.rb +7 -7
- data/modules/mu/providers/aws/role.rb +69 -47
- data/modules/mu/providers/aws/search_domain.rb +10 -10
- data/modules/mu/providers/aws/server.rb +198 -110
- data/modules/mu/providers/aws/server_pool.rb +71 -119
- data/modules/mu/providers/aws/storage_pool.rb +17 -9
- data/modules/mu/providers/aws/user.rb +1 -1
- data/modules/mu/providers/aws/vpc.rb +106 -51
- data/modules/mu/providers/aws/vpc_subnet.rb +43 -39
- data/modules/mu/providers/azure.rb +82 -16
- data/modules/mu/providers/azure/server.rb +18 -3
- data/modules/mu/providers/cloudformation/server.rb +1 -1
- data/modules/mu/providers/google.rb +20 -5
- data/modules/mu/providers/google/folder.rb +6 -2
- data/modules/mu/providers/google/function.rb +65 -30
- data/modules/mu/providers/google/role.rb +2 -1
- data/modules/mu/providers/google/vpc.rb +27 -2
- data/modules/tests/aws-servers-with-handrolled-iam.yaml +37 -0
- data/modules/tests/k8s.yaml +1 -1
- metadata +32 -15
@@ -265,8 +265,12 @@ module MU
|
|
265
265
|
|
266
266
|
if args[:cloud_id]
|
267
267
|
raw_id = args[:cloud_id].sub(/^folders\//, "")
|
268
|
-
|
269
|
-
|
268
|
+
begin
|
269
|
+
resp = MU::Cloud::Google.folder(credentials: args[:credentials]).get_folder("folders/"+raw_id)
|
270
|
+
found[resp.name] = resp if resp
|
271
|
+
rescue ::Google::Apis::ClientError => e
|
272
|
+
raise e if e.message !~ /forbidden: /
|
273
|
+
end
|
270
274
|
|
271
275
|
elsif args[:flags] and args[:flags]['display_name']
|
272
276
|
|
@@ -119,6 +119,9 @@ module example.com/cloudfunction
|
|
119
119
|
# Called automatically by {MU::Deploy#createResources}
|
120
120
|
def groom
|
121
121
|
desc = {}
|
122
|
+
|
123
|
+
func_obj = buildDesc
|
124
|
+
|
122
125
|
labels = Hash[@tags.keys.map { |k|
|
123
126
|
[k.downcase, @tags[k].downcase.gsub(/[^-_a-z0-9]/, '-')] }
|
124
127
|
]
|
@@ -140,6 +143,10 @@ module example.com/cloudfunction
|
|
140
143
|
if cloud_desc.available_memory_mb != @config['memory']
|
141
144
|
need_update = true
|
142
145
|
end
|
146
|
+
if cloud_desc.service_account_email != func_obj.service_account_email
|
147
|
+
need_update = true
|
148
|
+
end
|
149
|
+
|
143
150
|
if @config['environment_variable']
|
144
151
|
@config['environment_variable'].each { |var|
|
145
152
|
if !cloud_desc.environment_variables or
|
@@ -161,7 +168,17 @@ module example.com/cloudfunction
|
|
161
168
|
File.read("#{dir}/current.zip")
|
162
169
|
}
|
163
170
|
|
164
|
-
|
171
|
+
tempfile = nil
|
172
|
+
new = if @config['code']['zip_file'] or @config['code']['path']
|
173
|
+
if @config['code']['path']
|
174
|
+
tempfile = Tempfile.new(["function", ".zip"])
|
175
|
+
MU.log "#{@mu_name} using code at #{@config['code']['path']}"
|
176
|
+
MU::Master.zipDir(@config['code']['path'], tempfile.path)
|
177
|
+
@config['code']['zip_file'] = tempfile.path
|
178
|
+
else
|
179
|
+
MU.log "#{@mu_name} using code packaged at #{@config['code']['zip_file']}"
|
180
|
+
end
|
181
|
+
# @code_sha256 = Base64.encode64(Digest::SHA256.digest(zip)).chomp
|
165
182
|
File.read(@config['code']['zip_file'])
|
166
183
|
elsif @config['code']['gs_url']
|
167
184
|
@config['code']['gs_url'].match(/^gs:\/\/([^\/]+)\/(.*)/)
|
@@ -172,25 +189,31 @@ module example.com/cloudfunction
|
|
172
189
|
File.read(dir+"/new.zip")
|
173
190
|
}
|
174
191
|
end
|
192
|
+
|
175
193
|
if @config['code']['gs_url'] and
|
176
194
|
(@config['code']['gs_url'] != cloud_desc.source_archive_url or
|
177
195
|
current != new)
|
178
196
|
need_update = true
|
179
|
-
elsif @config['code']['zip_file'] and current != new
|
197
|
+
elsif (@config['code']['zip_file'] or @config['code']['path']) and current != new
|
180
198
|
need_update = true
|
181
|
-
|
199
|
+
end
|
200
|
+
|
201
|
+
if @config['vpc_connector']
|
202
|
+
if cloud_desc.vpc_connector != @config['vpc_connector'] or
|
203
|
+
cloud_desc.vpc_connector_egress_settings != (@config['vpc_connector_allow_all_egress'] ? "ALL_TRAFFIC" : "PRIVATE_RANGES_ONLY")
|
204
|
+
need_update = true
|
205
|
+
end
|
182
206
|
end
|
183
207
|
|
184
208
|
if need_update
|
185
|
-
|
186
|
-
MU.log "Updating Cloud Function #{@mu_name}", MU::NOTICE, details: func_obj
|
209
|
+
MU.log "Updating Cloud Function #{@cloud_id}", MU::NOTICE, details: func_obj
|
187
210
|
begin
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
rescue ::Google::Apis::ClientError
|
193
|
-
MU.log "Error updating Cloud Function #{@mu_name}.", MU::ERR
|
211
|
+
MU::Cloud::Google.function(credentials: @credentials).patch_project_location_function(
|
212
|
+
@cloud_id,
|
213
|
+
func_obj
|
214
|
+
)
|
215
|
+
rescue ::Google::Apis::ClientError => e
|
216
|
+
MU.log "Error updating Cloud Function #{@mu_name}.", MU::ERR, e.message
|
194
217
|
if desc[:source_archive_url]
|
195
218
|
main_file = nil
|
196
219
|
HELLO_WORLDS.each_pair { |runtime, code|
|
@@ -207,6 +230,11 @@ module example.com/cloudfunction
|
|
207
230
|
# service_account_email: sa.kitten.cloud_desc.email,
|
208
231
|
# labels: labels,
|
209
232
|
|
233
|
+
if tempfile
|
234
|
+
tempfile.close
|
235
|
+
tempfile.unlink
|
236
|
+
end
|
237
|
+
|
210
238
|
end
|
211
239
|
|
212
240
|
# Return the metadata for this project's configuration
|
@@ -354,6 +382,7 @@ module example.com/cloudfunction
|
|
354
382
|
def self.schema(config)
|
355
383
|
toplevel_required = ["runtime"]
|
356
384
|
schema = {
|
385
|
+
"roles" => MU::Cloud.resourceClass("Google", "User").schema(config)[1]["roles"],
|
357
386
|
"triggers" => {
|
358
387
|
"type" => "array",
|
359
388
|
"items" => {
|
@@ -448,6 +477,7 @@ module example.com/cloudfunction
|
|
448
477
|
content_type: "application/zip",
|
449
478
|
name: filename
|
450
479
|
)
|
480
|
+
|
451
481
|
MU::Cloud::Google.storage(credentials: credentials).insert_object(
|
452
482
|
bucket,
|
453
483
|
obj_obj,
|
@@ -487,7 +517,7 @@ module example.com/cloudfunction
|
|
487
517
|
end
|
488
518
|
# XXX list_project_locations
|
489
519
|
|
490
|
-
if !function['code'] or (!function['code']['zip_file'] and !function['code']['gs_url'])
|
520
|
+
if !function['code'] or (!function['code']['zip_file'] and !function['code']['gs_url'] and !function['code']['path'])
|
491
521
|
MU.log "Must specify a code source in Cloud Function #{function['name']}", MU::ERR
|
492
522
|
ok = false
|
493
523
|
elsif function['code']['zip_file']
|
@@ -557,22 +587,14 @@ module example.com/cloudfunction
|
|
557
587
|
|
558
588
|
location = "projects/"+@config['project']+"/locations/"+@config['region']
|
559
589
|
sa = nil
|
560
|
-
|
561
|
-
|
562
|
-
|
563
|
-
|
564
|
-
|
565
|
-
|
566
|
-
end
|
567
|
-
rescue ::Google::Apis::ClientError => e
|
568
|
-
if e.message.match(/notFound:/)
|
569
|
-
sleep 10
|
570
|
-
retries += 1
|
571
|
-
retry
|
572
|
-
end
|
573
|
-
end while !sa or !sa.cloud_desc and retries < 5
|
590
|
+
need_sa = Proc.new {
|
591
|
+
!sa or !sa.kitten or !sa.kitten.cloud_desc
|
592
|
+
}
|
593
|
+
MU.retrier(loop_if: need_sa, wait: 10, max: 6) { |retries, _wait|
|
594
|
+
sa = MU::Config::Ref.get(@config['service_account'])
|
595
|
+
}
|
574
596
|
|
575
|
-
if
|
597
|
+
if need_sa.call()
|
576
598
|
raise MuError, "Failed to get service account cloud id from #{@config['service_account'].to_s}"
|
577
599
|
end
|
578
600
|
|
@@ -583,7 +605,7 @@ module example.com/cloudfunction
|
|
583
605
|
# entry_point: "hello_world",
|
584
606
|
entry_point: @config['handler'],
|
585
607
|
description: @deploy.deploy_id,
|
586
|
-
service_account_email: sa.cloud_desc.email,
|
608
|
+
service_account_email: sa.kitten.cloud_desc.email,
|
587
609
|
labels: labels,
|
588
610
|
available_memory_mb: @config['memory']
|
589
611
|
}
|
@@ -596,7 +618,6 @@ module example.com/cloudfunction
|
|
596
618
|
if @config['vpc_connector']
|
597
619
|
desc[:vpc_connector] = @config['vpc_connector']
|
598
620
|
desc[:vpc_connector_egress_settings] = @config['vpc_connector_allow_all_egress'] ? "ALL_TRAFFIC" : "PRIVATE_RANGES_ONLY"
|
599
|
-
pp desc
|
600
621
|
elsif @vpc
|
601
622
|
desc[:network] = @vpc.url.sub(/^.*?\/projects\//, 'projects/')
|
602
623
|
end
|
@@ -627,8 +648,22 @@ module example.com/cloudfunction
|
|
627
648
|
# }
|
628
649
|
if @config['code']['gs_url']
|
629
650
|
desc[:source_archive_url] = @config['code']['gs_url']
|
630
|
-
elsif @config['code']['zip_file']
|
651
|
+
elsif @config['code']['zip_file'] or @config['code']['path']
|
652
|
+
tempfile = nil
|
653
|
+
if @config['code']['path']
|
654
|
+
tempfile = Tempfile.new(["function", ".zip"])
|
655
|
+
MU.log "#{@mu_name} using code at #{@config['code']['path']}"
|
656
|
+
MU::Master.zipDir(@config['code']['path'], tempfile.path)
|
657
|
+
@config['code']['zip_file'] = tempfile.path
|
658
|
+
else
|
659
|
+
MU.log "#{@mu_name} using code packaged at #{@config['code']['zip_file']}"
|
660
|
+
end
|
631
661
|
desc[:source_archive_url] = MU::Cloud::Google::Function.uploadPackage(@config['code']['zip_file'], @mu_name+"-cloudfunction.zip", credentials: @credentials)
|
662
|
+
|
663
|
+
if tempfile
|
664
|
+
tempfile.close
|
665
|
+
tempfile.unlink
|
666
|
+
end
|
632
667
|
end
|
633
668
|
|
634
669
|
# Dir.mktmpdir(@mu_name) { |dir|
|
@@ -581,7 +581,7 @@ module MU
|
|
581
581
|
}
|
582
582
|
end
|
583
583
|
if args[:cloud_id]
|
584
|
-
found.reject! { |k, _v| k !=
|
584
|
+
found.reject! { |k, _v| k != args[:cloud_id] }
|
585
585
|
end
|
586
586
|
|
587
587
|
# Now go get everything that's bound here
|
@@ -745,6 +745,7 @@ module MU
|
|
745
745
|
end
|
746
746
|
|
747
747
|
entity_types.each_pair { |entity_type, entities|
|
748
|
+
next if entity_type == "deleted"
|
748
749
|
mu_entitytype = (entity_type == "serviceAccount" ? "user" : entity_type)+"s"
|
749
750
|
entities.each { |entity|
|
750
751
|
next if entity.nil?
|
@@ -364,6 +364,12 @@ end
|
|
364
364
|
}
|
365
365
|
end
|
366
366
|
|
367
|
+
|
368
|
+
# The API is filled with lies
|
369
|
+
@subnets.reject! { |s|
|
370
|
+
!MU::Cloud::Google.listRegions(credentials: @credentials).include?(s.az)
|
371
|
+
}
|
372
|
+
|
367
373
|
return @subnets
|
368
374
|
end
|
369
375
|
|
@@ -442,14 +448,19 @@ end
|
|
442
448
|
|
443
449
|
# Check for a subnet in this VPC matching one or more of the specified
|
444
450
|
# criteria, and return it if found.
|
445
|
-
def getSubnet(cloud_id: nil, name: nil, tag_key: nil, tag_value: nil, ip_block: nil, region: nil)
|
451
|
+
def getSubnet(cloud_id: nil, name: nil, tag_key: nil, tag_value: nil, ip_block: nil, region: nil, subnet_mu_name: nil)
|
446
452
|
if !cloud_id.nil? and cloud_id.match(/^https:\/\//)
|
447
453
|
cloud_id.match(/\/regions\/([^\/]+)\/subnetworks\/([^\/]+)$/)
|
448
454
|
region = Regexp.last_match[1]
|
449
455
|
cloud_id = Regexp.last_match[2]
|
450
456
|
cloud_id.gsub!(/.*?\//, "")
|
451
457
|
end
|
452
|
-
|
458
|
+
|
459
|
+
if name
|
460
|
+
subnet_mu_name ||= @config['scrub_mu_isms'] ? @cloud_id+name.downcase : MU::Cloud::Google.nameStr(@deploy.getResourceName(name, max_length: 61))
|
461
|
+
end
|
462
|
+
|
463
|
+
MU.log "getSubnet(cloud_id: #{cloud_id}, name: #{name}, tag_key: #{tag_key}, tag_value: #{tag_value}, ip_block: #{ip_block}, region: #{region}, subnet_mu_name: #{subnet_mu_name})", MU::DEBUG, details: caller[0]
|
453
464
|
subnets.each { |subnet|
|
454
465
|
next if region and subnet.az != region
|
455
466
|
if !cloud_id.nil? and !subnet.cloud_id.nil? and subnet.cloud_id.to_s == cloud_id.to_s
|
@@ -457,6 +468,9 @@ end
|
|
457
468
|
elsif !name.nil? and !subnet.name.nil? and
|
458
469
|
subnet.name.downcase.to_s == name.downcase.to_s
|
459
470
|
return subnet
|
471
|
+
elsif !subnet_mu_name.nil? and !subnet.name.nil? and
|
472
|
+
subnet.name.downcase.to_s == subnet_mu_name.downcase.to_s
|
473
|
+
return subnet
|
460
474
|
end
|
461
475
|
}
|
462
476
|
return nil
|
@@ -931,6 +945,14 @@ MU.log "ROUTES TO #{target_instance.name}", MU::WARN, details: resp
|
|
931
945
|
else
|
932
946
|
route['nat_host_name'] = nat['name']
|
933
947
|
route['priority'] = 100
|
948
|
+
MU::Config.addDependency(vpc, nat['name'], "server", their_phase: "groom", my_phase: "groom")
|
949
|
+
vpc["bastion"] = MU::Config::Ref.get(
|
950
|
+
name: nat['name'],
|
951
|
+
cloud: vpc['cloud'],
|
952
|
+
credentials: vpc['credentials'],
|
953
|
+
type: "servers"
|
954
|
+
)
|
955
|
+
|
934
956
|
end
|
935
957
|
end
|
936
958
|
}
|
@@ -1172,6 +1194,9 @@ MU.log "ROUTES TO #{target_instance.name}", MU::WARN, details: resp
|
|
1172
1194
|
if e.message.match(/notFound: /)
|
1173
1195
|
MU.log "Failed to fetch cloud description for Google subnet #{@cloud_id}", MU::WARN, details: { "project" => @parent.habitat_id, "region" => @az, "name" => @cloud_id }
|
1174
1196
|
return nil
|
1197
|
+
elsif e.message.match(/Unknown region\. /)
|
1198
|
+
MU.log "Google subnet #{@cloud_id} seems like it should live in #{@az}, but that's not a valid region", MU::WARN, details: { "project" => @parent.habitat_id, "region" => @az, "name" => @cloud_id }
|
1199
|
+
return nil
|
1175
1200
|
else
|
1176
1201
|
raise e
|
1177
1202
|
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
# clouds: AWS
|
2
|
+
# groomers: Chef
|
3
|
+
---
|
4
|
+
appname: smoketest
|
5
|
+
vpcs:
|
6
|
+
- name: svrtest
|
7
|
+
roles:
|
8
|
+
- name: handrolled
|
9
|
+
scrub_mu_isms: true
|
10
|
+
can_assume:
|
11
|
+
- entity_id: ec2.amazonaws.com
|
12
|
+
entity_type: service
|
13
|
+
import:
|
14
|
+
- arn:aws:iam::aws:policy/AmazonRDSFullAccess
|
15
|
+
servers:
|
16
|
+
- name: iamtest1
|
17
|
+
size: t3.medium
|
18
|
+
iam_role: handrolled
|
19
|
+
platform: centos6
|
20
|
+
generate_iam_role: false
|
21
|
+
vpc:
|
22
|
+
name: svrtest
|
23
|
+
server_pools:
|
24
|
+
- name: iamtest2
|
25
|
+
scrub_mu_isms: true
|
26
|
+
min_size: 1
|
27
|
+
max_size: 1
|
28
|
+
wait_for_nodes: 1
|
29
|
+
platform: centos6
|
30
|
+
vpc:
|
31
|
+
name: svrtest
|
32
|
+
basis:
|
33
|
+
launch-config:
|
34
|
+
name: iamtest2
|
35
|
+
size: t3.medium
|
36
|
+
iam_role: handrolled
|
37
|
+
generate_iam_role: false
|
data/modules/tests/k8s.yaml
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cloud-mu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.5.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- John Stange
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2021-02-25 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: addressable
|
@@ -28,47 +28,47 @@ dependencies:
|
|
28
28
|
- !ruby/object:Gem::Version
|
29
29
|
version: '2.5'
|
30
30
|
- !ruby/object:Gem::Dependency
|
31
|
-
name: aws-sdk
|
31
|
+
name: aws-sdk
|
32
32
|
requirement: !ruby/object:Gem::Requirement
|
33
33
|
requirements:
|
34
|
-
- - "
|
34
|
+
- - "~>"
|
35
35
|
- !ruby/object:Gem::Version
|
36
|
-
version: '3'
|
36
|
+
version: '3.0'
|
37
37
|
type: :runtime
|
38
38
|
prerelease: false
|
39
39
|
version_requirements: !ruby/object:Gem::Requirement
|
40
40
|
requirements:
|
41
|
-
- - "
|
41
|
+
- - "~>"
|
42
42
|
- !ruby/object:Gem::Version
|
43
|
-
version: '3'
|
43
|
+
version: '3.0'
|
44
44
|
- !ruby/object:Gem::Dependency
|
45
45
|
name: azure_sdk
|
46
46
|
requirement: !ruby/object:Gem::Requirement
|
47
47
|
requirements:
|
48
48
|
- - "~>"
|
49
49
|
- !ruby/object:Gem::Version
|
50
|
-
version: '0.
|
50
|
+
version: '0.65'
|
51
51
|
type: :runtime
|
52
52
|
prerelease: false
|
53
53
|
version_requirements: !ruby/object:Gem::Requirement
|
54
54
|
requirements:
|
55
55
|
- - "~>"
|
56
56
|
- !ruby/object:Gem::Version
|
57
|
-
version: '0.
|
57
|
+
version: '0.65'
|
58
58
|
- !ruby/object:Gem::Dependency
|
59
59
|
name: bundler
|
60
60
|
requirement: !ruby/object:Gem::Requirement
|
61
61
|
requirements:
|
62
62
|
- - "~>"
|
63
63
|
- !ruby/object:Gem::Version
|
64
|
-
version:
|
64
|
+
version: 2.1.4
|
65
65
|
type: :runtime
|
66
66
|
prerelease: false
|
67
67
|
version_requirements: !ruby/object:Gem::Requirement
|
68
68
|
requirements:
|
69
69
|
- - "~>"
|
70
70
|
- !ruby/object:Gem::Version
|
71
|
-
version:
|
71
|
+
version: 2.1.4
|
72
72
|
- !ruby/object:Gem::Dependency
|
73
73
|
name: chronic_duration
|
74
74
|
requirement: !ruby/object:Gem::Requirement
|
@@ -131,14 +131,14 @@ dependencies:
|
|
131
131
|
requirements:
|
132
132
|
- - "~>"
|
133
133
|
- !ruby/object:Gem::Version
|
134
|
-
version: 0.
|
134
|
+
version: 0.50.0
|
135
135
|
type: :runtime
|
136
136
|
prerelease: false
|
137
137
|
version_requirements: !ruby/object:Gem::Requirement
|
138
138
|
requirements:
|
139
139
|
- - "~>"
|
140
140
|
- !ruby/object:Gem::Version
|
141
|
-
version: 0.
|
141
|
+
version: 0.50.0
|
142
142
|
- !ruby/object:Gem::Dependency
|
143
143
|
name: googleauth
|
144
144
|
requirement: !ruby/object:Gem::Requirement
|
@@ -448,6 +448,7 @@ executables:
|
|
448
448
|
- mu-gen-docs
|
449
449
|
- mu-tunnel-nagios
|
450
450
|
- mu-ssh
|
451
|
+
- mu-refresh-ssl
|
451
452
|
- mu-gen-env
|
452
453
|
- mu-configure
|
453
454
|
- mu-momma-cat
|
@@ -524,6 +525,7 @@ files:
|
|
524
525
|
- bin/mu-load-config.rb
|
525
526
|
- bin/mu-momma-cat
|
526
527
|
- bin/mu-node-manage
|
528
|
+
- bin/mu-refresh-ssl
|
527
529
|
- bin/mu-run-tests
|
528
530
|
- bin/mu-self-update
|
529
531
|
- bin/mu-ssh
|
@@ -663,8 +665,10 @@ files:
|
|
663
665
|
- cookbooks/mu-master/templates/default/389-directory-setup.inf.erb
|
664
666
|
- cookbooks/mu-master/templates/default/chef-server.rb.erb
|
665
667
|
- cookbooks/mu-master/templates/default/dhclient-eth0.conf.erb
|
668
|
+
- cookbooks/mu-master/templates/default/mods/rewrite.conf.erb
|
666
669
|
- cookbooks/mu-master/templates/default/mu-momma-cat.erb
|
667
670
|
- cookbooks/mu-master/templates/default/mu.rc.erb
|
671
|
+
- cookbooks/mu-master/templates/default/nagios.conf.erb
|
668
672
|
- cookbooks/mu-master/templates/default/openssl.cnf.erb
|
669
673
|
- cookbooks/mu-master/templates/default/sssd.conf.erb
|
670
674
|
- cookbooks/mu-master/templates/default/web_app.conf.erb
|
@@ -736,6 +740,7 @@ files:
|
|
736
740
|
- cookbooks/mu-tools/attributes/default.rb
|
737
741
|
- cookbooks/mu-tools/attributes/ebs_rolling_snapshots.rb
|
738
742
|
- cookbooks/mu-tools/files/amazon/etc/freshclam.conf
|
743
|
+
- cookbooks/mu-tools/files/centos-6/CentOS-Base.repo
|
739
744
|
- cookbooks/mu-tools/files/centos-6/README_MU
|
740
745
|
- cookbooks/mu-tools/files/centos-6/etc/audit/stig.rules
|
741
746
|
- cookbooks/mu-tools/files/centos-6/etc/bashrc
|
@@ -841,6 +846,7 @@ files:
|
|
841
846
|
- cookbooks/mu-tools/templates/amazon/sshd_config.erb
|
842
847
|
- cookbooks/mu-tools/templates/centos-6/sshd_config.erb
|
843
848
|
- cookbooks/mu-tools/templates/centos-7/sshd_config.erb
|
849
|
+
- cookbooks/mu-tools/templates/centos-8/sshd_config.erb
|
844
850
|
- cookbooks/mu-tools/templates/default/0-mu-log-client.conf.erb
|
845
851
|
- cookbooks/mu-tools/templates/default/conf.maldet.erb
|
846
852
|
- cookbooks/mu-tools/templates/default/etc_hosts.erb
|
@@ -907,34 +913,44 @@ files:
|
|
907
913
|
- environments/dev.json
|
908
914
|
- environments/development.json
|
909
915
|
- environments/prod.json
|
916
|
+
- extras/Gemfile.lock.bootstrap
|
910
917
|
- extras/README.md
|
911
918
|
- extras/admin-role-binding.yaml
|
912
919
|
- extras/admin-user.yaml
|
913
920
|
- extras/alpha.png
|
914
921
|
- extras/aws-auth-cm.yaml.erb
|
915
922
|
- extras/beta.png
|
923
|
+
- extras/bucketstubs/error.html
|
924
|
+
- extras/bucketstubs/index.html
|
916
925
|
- extras/clean-stock-amis
|
917
926
|
- extras/generate-stock-images
|
918
927
|
- extras/git-fix-permissions-hook
|
928
|
+
- extras/git_rpm/build.sh
|
929
|
+
- extras/git_rpm/mugit.spec
|
919
930
|
- extras/gitlab-eks-helper.sh.erb
|
920
931
|
- extras/image-generators/AWS/centos6.yaml
|
921
932
|
- extras/image-generators/AWS/centos7-govcloud.yaml
|
922
933
|
- extras/image-generators/AWS/centos7.yaml
|
923
|
-
- extras/image-generators/AWS/
|
924
|
-
- extras/image-generators/AWS/
|
934
|
+
- extras/image-generators/AWS/rhel71.yaml
|
935
|
+
- extras/image-generators/AWS/win2k12r2.yaml
|
925
936
|
- extras/image-generators/AWS/win2k16.yaml
|
926
937
|
- extras/image-generators/AWS/win2k19.yaml
|
927
938
|
- extras/image-generators/Google/centos6.yaml
|
928
939
|
- extras/image-generators/Google/centos7.yaml
|
929
940
|
- extras/image-generators/README.md
|
941
|
+
- extras/image-generators/VMWare/centos8.yaml
|
930
942
|
- extras/lambda_waf_domain_blacklist.py
|
931
943
|
- extras/list-stock-amis
|
944
|
+
- extras/openssl_rpm/build.sh
|
945
|
+
- extras/openssl_rpm/mussl.spec
|
932
946
|
- extras/platform_berksfile_base
|
933
947
|
- extras/python_rpm/build.sh
|
934
948
|
- extras/python_rpm/muthon.spec
|
935
949
|
- extras/release.png
|
936
950
|
- extras/ruby_rpm/build.sh
|
937
951
|
- extras/ruby_rpm/muby.spec
|
952
|
+
- extras/sqlite_rpm/build.sh
|
953
|
+
- extras/sqlite_rpm/muqlite.spec
|
938
954
|
- extras/vault_tools/README.md
|
939
955
|
- extras/vault_tools/export_vaults.sh
|
940
956
|
- extras/vault_tools/recreate_vaults.sh
|
@@ -1114,6 +1130,7 @@ files:
|
|
1114
1130
|
- modules/tests/auto_scaling.inc
|
1115
1131
|
- modules/tests/aws-iam.yaml
|
1116
1132
|
- modules/tests/aws-jobs-functions.yaml
|
1133
|
+
- modules/tests/aws-servers-with-handrolled-iam.yaml
|
1117
1134
|
- modules/tests/aws-sgs.yaml
|
1118
1135
|
- modules/tests/bucket.yml
|
1119
1136
|
- modules/tests/centos6.yaml
|