cloud-mu 2.0.0.pre.alpha3 → 2.0.0.pre.alpha4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 674e427624161a3b7026346a10320e7dcf5331222d8cc683d186c3d648fc0c77
-  data.tar.gz: 71c6ddb375bf199f767fa2b8143b98f7de422d6095921c5db0d0cf191bac39bb
+  metadata.gz: fc4fa3ace543abb312bf853be83b0b229a61cf4cd1dbb00f7a4ac1c383fe2538
+  data.tar.gz: 35ed1769840efedaa2b2408e0f0c24c07417c77aeaf8cb43dd11f758970a9d47
 SHA512:
-  metadata.gz: 8cac89b0d850377f39635f40aafc4fe148fc6b38c971da05592a55dba83a7f8847c3734eddbdb830724e2cda51c7c3968c38facd22eab15814b892913641b2ab
-  data.tar.gz: bce36278c7e00872d5f1f553d41f24abf0593d0a8f1bf076e071d472932e1aa727f196a8e34b37dc4ba3465068420305c3079cd472d9c8a26a9ed65edc06ddc0
+  metadata.gz: 38feb71676cf984e102f90e41b96849521762f3cf0bcfc2e06af0b69a45e9255b02ff503f84ca27346dedb501e362b07b26be172cec0e4e118302cd9af5853b9
+  data.tar.gz: 2cdacd00b476374c45a94dddf0ee5e60b018200dbf58e34510bef8cb0169ea03a7edc1f7726c7f742304687cdeade991b05a71f40cb0326590e1091e757aada1

data/cloud-mu.gemspec

@@ -17,7 +17,7 @@ end
 
 Gem::Specification.new do |s|
   s.name        = 'cloud-mu'
-  s.version     = '2.0.0-alpha3'
+  s.version     = '2.0.0-alpha4'
   s.date        = '2018-12-11'
   s.require_paths = ['modules']
   s.required_ruby_version = '>= 2.4'

data/cookbooks/mu-firewall/Berksfile

@@ -6,4 +6,4 @@ metadata
 # Mu Cookbooks
 
 # Supermarket Cookbooks
-cookbook	'firewall', '~> 2.6.5'
+cookbook	'firewall', '~> 2.7.0'

data/install/installer

@@ -4,7 +4,7 @@ BOLD=`tput bold`
 NORM=`tput sgr0`
 CHEF_CLIENT_VERSION="14.4.56"
 if [ "$MU_BRANCH" == "" ];then
-  MU_BRANCH="i_yam_what_i_yam" # GIT HOOK EDITABLE DO NOT TOUCH
+  MU_BRANCH="Azure_you_want_azure" # GIT HOOK EDITABLE DO NOT TOUCH
   mydir="`dirname $0`"
   cd $mydir
   if git rev-parse --abbrev-ref HEAD > /dev/null 2>&1;then

data/modules/mu/cloud.rb

@@ -1424,7 +1424,6 @@ MU.log "in dependencies() and findLitterMate gave me "+sib_by_name.to_s+" on beh
         # Wrapper for the cleanup class method of underlying cloud object implementations.
         def self.cleanup(*flags)
           params = flags.first
-
           clouds = MU::Cloud.supportedClouds
           if params[:cloud]
             clouds = [params[:cloud]]

data/modules/mu/clouds/aws.rb

@@ -327,6 +327,11 @@ module MU
       # cloud.
       # @return [Boolean]
       def self.hosted?
+        if $MU_CFG.has_key?("aws_is_hosted")
+          @@is_in_aws = $MU_CFG["aws_is_hosted"]
+          return $MU_CFG["aws_is_hosted"]
+        end
+
         require 'open-uri'
 
         if !@@is_in_aws.nil?

data/modules/mu/clouds/aws/dnszone.rb

@@ -514,7 +514,7 @@ module MU
             sleep 10
             retry
           rescue Aws::Route53::Errors::InvalidChangeBatch, Aws::Route53::Errors::InvalidInput, Exception => e
-            return if e.message.match(/ but it already exists$/) and !delete
+            return if e.message.match(/ but it already exists/) and !delete
             MU.log "Failed to change DNS records, #{e.inspect}", MU::ERR, details: params
             raise e if !delete
             MU.log "Record #{name} (#{type}) in #{id} can't be deleted. Already removed? #{e.inspect}", MU::WARN, details: params if delete

data/modules/mu/clouds/aws/habitat.rb

@@ -104,14 +104,11 @@ module MU
 
           if resp and resp.accounts
             resp.accounts.each { |acct|
-              if acct.name.match(/^#{Regexp.quote(MU.deploy_id)}/)
-                MU.log "Would delete account #{acct.name} if that was a thing"
+              if acct.name.match(/^#{Regexp.quote(MU.deploy_id)}/) or acct.name.match(/BUNS/)
                 if !noop
                   pp acct
                 end
-else
-pp acct if acct.name.match(/BUNS/)
-#https://687950501457.signin.aws.amazon.com/console/organizations/complete-signup
+                MU.log "AWS accounts cannot be deleted via the API. To delete #{acct.name}, you must sign in with its root user #{acct.email}, ensure that its signup process has been completed, then visit ", MU::NOTICE, details: ["https://console.aws.amazon.com/", acct.email, acct.id]
               end
             }
           end

data/modules/mu/clouds/azure.rb

@@ -31,6 +31,11 @@ module MU
       # Determine whether we (the Mu master, presumably) are hosted in Azure.
       # @return [Boolean]
       def self.hosted?
+        if $MU_CFG.has_key?("azure_is_hosted")
+          @@is_in_aws = $MU_CFG["azure_is_hosted"]
+          return $MU_CFG["azure_is_hosted"]
+        end
+
         if !@@is_in_azure.nil?
           return @@is_in_azure
         end

data/modules/mu/clouds/google.rb

@@ -242,6 +242,10 @@ module MU
       # cloud.
       # @return [Boolean]
       def self.hosted?
+        if $MU_CFG.has_key?("google_is_hosted")
+          @@is_in_aws = $MU_CFG["google_is_hosted"]
+          return $MU_CFG["google_is_hosted"]
+        end
         if !@@is_in_gcp.nil?
           return @@is_in_gcp
         end
@@ -411,6 +415,8 @@ module MU
       # Our credentials map to a project, an organizational structure in Google
       # Cloud. This fetches the identifier of the project associated with our
       # default credentials.
+      # @param credentials [String]
+      # @return [String]
       def self.defaultProject(credentials = nil)
         cfg = credConfig(credentials)
         return myProject if !cfg or !cfg['project']
@@ -418,6 +424,21 @@ module MU
         cfg['project']
       end
 
+      # We want a default place to put new projects for the Habitat resource,
+      # so if we have a root folder, we can go ahead and use that.
+      # @param credentials [String]
+      # @return [String]
+      def self.defaultFolder(credentials = nil)
+        project = defaultProject(credentials)
+        resp = MU::Cloud::Google.resource_manager(credentials: credentials).get_project_ancestry(project)
+        resp.ancestor.each { |a|
+          if a.resource_id.type == "folder"
+            return a.resource_id.id
+          end
+        }
+        nil
+      end
+
       # List all Google Cloud Platform projects available to our credentials
       def self.listProjects(credentials = nil)
         cfg = credConfig(credentials)
@@ -575,6 +596,19 @@ module MU
         end
       end
 
+      # Google's Cloud Resource Manager API V2, which apparently has all the folder bits
+      # @param subclass [<Google::Apis::CloudresourcemanagerV2beta1>]: If specified, will return the class ::Google::Apis::CloudresourcemanagerV2beta1::subclass instead of an API client instance
+      def self.folder(subclass = nil, credentials: nil)
+        require 'google/apis/cloudresourcemanager_v2beta1'
+
+        if subclass.nil?
+          @@resource2_api[credentials] ||= MU::Cloud::Google::Endpoint.new(api: "CloudresourcemanagerV2beta1::CloudResourceManagerService", scopes: ['https://www.googleapis.com/auth/cloud-platform'], credentials: credentials)
+          return @@resource2_api[credentials]
+        elsif subclass.is_a?(Symbol)
+          return Object.const_get("::Google").const_get("Apis").const_get("CloudresourcemanagerV2beta1").const_get(subclass)
+        end
+      end
+
       # Google's Container API
       # @param subclass [<Google::Apis::ContainerV1>]: If specified, will return the class ::Google::Apis::ContainerV1::subclass instead of an API client instance
       def self.container(subclass = nil, credentials: nil)
@@ -909,6 +943,7 @@ module MU
       @@iam_api = {}
       @@logging_api = {}
       @@resource_api = {}
+      @@resource2_api = {}
       @@service_api = {}
       @@admin_directory_api = {}
     end

data/modules/mu/clouds/google/folder.rb

@@ -0,0 +1,120 @@
+# Copyright:: Copyright (c) 2019 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module MU
+  class Cloud
+    class Google
+      # Creates an Google project as configured in {MU::Config::BasketofKittens::folders}
+      class Folder < MU::Cloud::Folder
+        @deploy = nil
+        @config = nil
+
+        attr_reader :mu_name
+        attr_reader :config
+        attr_reader :cloud_id
+
+        # @param mommacat [MU::MommaCat]: A {MU::Mommacat} object containing the deploy of which this resource is/will be a member.
+        # @param kitten_cfg [Hash]: The fully parsed and resolved {MU::Config} resource descriptor as defined in {MU::Config::BasketofKittens::folders}
+        def initialize(mommacat: nil, kitten_cfg: nil, mu_name: nil, cloud_id: nil)
+          @deploy = mommacat
+          @config = MU::Config.manxify(kitten_cfg)
+          @cloud_id ||= cloud_id
+          @mu_name ||= @deploy.getResourceName(@config["name"])
+        end
+
+        # Called automatically by {MU::Deploy#createResources}
+        def create
+
+          name_string = @deploy.getResourceName(@config["name"], max_length: 30).downcase
+
+          folder_obj = MU::Cloud::Google.folder(:Folder).new(
+            name: name_string,
+            display_name: name_string
+          )
+pp folder_obj
+          MU.log "Creating folder #{@mu_name}", details: folder_obj
+          resp = MU::Cloud::Google.folder(credentials: @config['credentials']).create_folder(folder_obj)
+
+          @cloud_id = name_string.downcase
+        end
+
+        # Return the cloud descriptor for the Folder
+        def cloud_desc
+          MU::Cloud::Google::Folder.find(cloud_id: @cloud_id).values.first
+        end
+
+        # Return the metadata for this project's configuration
+        # @return [Hash]
+        def notify
+          desc = MU.structToHash(MU::Cloud::Google.folder(credentials: credentials).get_folder(@cloud_id))
+          desc["mu_name"] = @mu_name
+          desc["cloud_id"] = @cloud_id
+          desc
+        end
+
+        # Does this resource type exist as a global (cloud-wide) artifact, or
+        # is it localized to a region/zone?
+        # @return [Boolean]
+        def self.isGlobal?
+          true
+        end
+
+        # Remove all Google projects associated with the currently loaded deployment. Try to, anyway.
+        # @param noop [Boolean]: If true, will only print what would be done
+        # @param ignoremaster [Boolean]: If true, will remove resources not flagged as originating from this Mu server
+        # @param region [String]: The cloud provider region
+        # @return [void]
+        def self.cleanup(noop: false, ignoremaster: false, region: MU.curRegion, credentials: nil, flags: {})
+        end
+
+        # Locate an existing project
+        # @param cloud_id [String]: The cloud provider's identifier for this resource.
+        # @param region [String]: The cloud provider region.
+        # @param flags [Hash]: Optional flags
+        # @return [OpenStruct]: The cloud provider's complete descriptions of matching project
+        def self.find(cloud_id: nil, region: MU.curRegion, credentials: nil, flags: {})
+          found = {}
+          if cloud_id
+            found[cloud_id] = MU::Cloud::Google.folder(credentials: credentials).get_folder(cloud_id)
+          else
+          end
+          
+          found
+        end
+
+        # Cloud-specific configuration properties.
+        # @param config [MU::Config]: The calling MU::Config object
+        # @return [Array<Array,Hash>]: List of required fields, and json-schema Hash of cloud-specific configuration parameters for this resource
+        def self.schema(config)
+          toplevel_required = []
+          schema = {
+          }
+          [toplevel_required, schema]
+        end
+
+        # Cloud-specific pre-processing of {MU::Config::BasketofKittens::folders}, bare and unvalidated.
+        # @param folder [Hash]: The resource to process and validate
+        # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
+        # @return [Boolean]: True if validation succeeded, False otherwise
+        def self.validateConfig(folder, configurator)
+          ok = true
+
+
+          ok
+        end
+
+      end
+    end
+  end
+end

data/modules/mu/clouds/google/habitat.rb

@@ -35,6 +35,31 @@ module MU
 
         # Called automatically by {MU::Deploy#createResources}
         def create
+          labels = {}
+
+          name_string = @deploy.getResourceName(@config["name"], max_length: 30).downcase
+
+          MU::MommaCat.listStandardTags.each_pair { |name, value|
+            if !value.nil?
+              labels[name.downcase] = value.downcase.gsub(/[^a-z0-9\-\_]/i, "_")
+            end
+          }
+
+          desc = {
+            name: name_string,
+            project_id: name_string,
+            labels: labels
+          }
+          if @config['folder'] and @config['folder']['id']
+            desc["parent"] = @config['folder']['id']
+          end
+
+          project_obj = MU::Cloud::Google.resource_manager(:Project).new(desc)
+pp project_obj
+          MU.log "Creating project #{@mu_name}", details: project_obj
+          resp = MU::Cloud::Google.resource_manager(credentials: @config['credentials']).create_project(project_obj)
+
+          @cloud_id = name_string.downcase
         end
 
         # Return the cloud descriptor for the Habitat
@@ -42,17 +67,15 @@ module MU
           MU::Cloud::Google::Habitat.find(cloud_id: @cloud_id).values.first
         end
 
-        # Canonical Amazon Resource Number for this resource
-        # @return [String]
-        def arn
-          nil
-        end
-
         # Return the metadata for this project's configuration
         # @return [Hash]
         def notify
-          {
-          }
+          desc = MU.structToHash(MU::Cloud::Google.resource_manager(credentials: credentials).list_projects(
+              filter: "name:#{cloud_id}"
+            ).projects.first)
+          desc["mu_name"] = @mu_name
+          desc["cloud_id"] = @cloud_id
+          desc
         end
 
         # Does this resource type exist as a global (cloud-wide) artifact, or
@@ -76,7 +99,20 @@ module MU
         # @param flags [Hash]: Optional flags
         # @return [OpenStruct]: The cloud provider's complete descriptions of matching project
         def self.find(cloud_id: nil, region: MU.curRegion, credentials: nil, flags: {})
-          {}
+          found = {}
+          if cloud_id
+            resp = MU::Cloud::Google.resource_manager(credentials: credentials).list_projects(
+              filter: "name:#{cloud_id}"
+            ).projects.first
+            found[resp.name] = resp
+          else
+            resp = MU::Cloud::Google.resource_manager(credentials: credentials).list_projects().projects
+            resp.each { |p|
+              found[p.name] = p
+            }
+          end
+          
+          found
         end
 
         # Cloud-specific configuration properties.
@@ -96,6 +132,14 @@ module MU
         def self.validateConfig(habitat, configurator)
           ok = true
 
+          if habitat['folder'] and habitat['folder']['name'] and !habitat['folder']['deploy_id']
+            habitat["dependencies"] ||= []
+            habitat["dependencies"] << {
+              "type" => "folder",
+              "name" => habitat['folder']['name']
+            }
+          end
+
           ok
         end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cloud-mu
 version: !ruby/object:Gem::Version
-  version: 2.0.0.pre.alpha3
+  version: 2.0.0.pre.alpha4
 platform: ruby
 authors:
 - John Stange
@@ -863,6 +863,7 @@ files:
 - modules/mu/clouds/google/container_cluster.rb
 - modules/mu/clouds/google/database.rb
 - modules/mu/clouds/google/firewall_rule.rb
+- modules/mu/clouds/google/folder.rb
 - modules/mu/clouds/google/group.rb
 - modules/mu/clouds/google/habitat.rb
 - modules/mu/clouds/google/loadbalancer.rb