cloud-mu 3.1.0 → 3.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/cloud-mu.gemspec +2 -2
- data/cookbooks/mu-tools/recipes/gcloud.rb +1 -0
- data/modules/mu/adoption.rb +1 -0
- data/modules/mu/clouds/aws.rb +1 -0
- data/modules/mu/clouds/google/user.rb +8 -13
- data/modules/mu/config.rb +4 -4
- data/modules/mu/config/storage_pool.rb +0 -1
- data/modules/mu/mommacat.rb +4 -4
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e410b5b2d1b9bb3bb28993cda8852ba50bc0d4a32218a64226af3e66ae86465a
|
4
|
+
data.tar.gz: ec28f00264ebea17f917428b12b44f2eaf2361711c1ee8ab0b8db6ac94d4bad8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5232f7dc31462aa58f307ded9bb7f46d7dd63a7b373ba88d4546620b8531ae5e71167d8d86d29a49638f159ea21dd5fd2e88a7bb7529c8df350e8627ca29fd71
|
7
|
+
data.tar.gz: '09b513e485274453b5a3242e9747c9bc0cd41e06ea9a6744ffe4ab7cab38b43845c8ca124159d0ab418f39441d894f626b48505992de913615a1fb2a8c4b77cf'
|
data/cloud-mu.gemspec
CHANGED
@@ -17,8 +17,8 @@ end
|
|
17
17
|
|
18
18
|
Gem::Specification.new do |s|
|
19
19
|
s.name = 'cloud-mu'
|
20
|
-
s.version = '3.1.
|
21
|
-
s.date = '
|
20
|
+
s.version = '3.1.1'
|
21
|
+
s.date = '2020-01-11'
|
22
22
|
s.require_paths = ['modules']
|
23
23
|
s.required_ruby_version = '>= 2.4'
|
24
24
|
s.summary = "The eGTLabs Mu toolkit for unified cloud deployments"
|
@@ -40,6 +40,7 @@ if platform_family?("rhel") or platform_family?("amazon")
|
|
40
40
|
bash "install gcloud-cli" do
|
41
41
|
cwd "/opt"
|
42
42
|
code <<-EOH
|
43
|
+
rm -rf /opt/google-cloud-sdk/
|
43
44
|
tar -xzf #{Chef::Config[:file_cache_path]}/gcloud-cli.tar.gz
|
44
45
|
if [ -f /opt/rh/python27/root/usr/bin/python ];then
|
45
46
|
if [ ! -f /etc/ld.so.conf.d/python27.conf ];then
|
data/modules/mu/adoption.rb
CHANGED
@@ -388,6 +388,7 @@ module MU
|
|
388
388
|
}
|
389
389
|
obj = deploy.findLitterMate(type: attrs[:cfg_plural], name: resource['name'])
|
390
390
|
begin
|
391
|
+
raise Incomplete if obj.nil?
|
391
392
|
new_cfg = resolveReferences(resource, deploy, obj)
|
392
393
|
new_cfg.delete("cloud_id")
|
393
394
|
cred_cfg = MU::Cloud.const_get(obj.cloud).credConfig(obj.credentials)
|
data/modules/mu/clouds/aws.rb
CHANGED
@@ -1362,6 +1362,7 @@ module MU
|
|
1362
1362
|
# Catch-all for AWS client methods. Essentially a pass-through with some
|
1363
1363
|
# rescues for known silly endpoint behavior.
|
1364
1364
|
def method_missing(method_sym, *arguments)
|
1365
|
+
require "aws-sdk-core"
|
1365
1366
|
|
1366
1367
|
retries = 0
|
1367
1368
|
begin
|
@@ -357,14 +357,9 @@ module MU
|
|
357
357
|
name.match(/\b\d+@cloudbuild\.gserviceaccount\.com$/) or
|
358
358
|
name.match(/\bservice-\d+@containerregistry\.iam\.gserviceaccount\.com$/) or
|
359
359
|
name.match(/\bservice-\d+@container-analysis\.iam\.gserviceaccount\.com$/) or
|
360
|
-
name.match(/\bservice-\d+@gcp-sa-bigquerydatatransfer\.iam\.gserviceaccount\.com$/) or
|
361
|
-
name.match(/\bservice-\d+@gcp-sa-cloudasset\.iam\.gserviceaccount\.com$/) or
|
362
|
-
name.match(/\bservice-\d+@gcp-sa-cloudiot\.iam\.gserviceaccount\.com$/) or
|
363
|
-
name.match(/\bservice-\d+@gcp-sa-cloudscheduler\.iam\.gserviceaccount\.com$/) or
|
364
360
|
name.match(/\bservice-\d+@compute-system\.iam\.gserviceaccount\.com$/) or
|
365
361
|
name.match(/\bservice-\d+@container-engine-robot\.iam\.gserviceaccount\.com$/) or
|
366
|
-
name.match(/\bservice-\d+@
|
367
|
-
name.match(/\bservice-\d+@gcp-sa-containerscanning\.iam\.gserviceaccount\.com$/) or
|
362
|
+
name.match(/\bservice-\d+@gc[pf]-admin-robot\.iam\.gserviceaccount\.com$/) or
|
368
363
|
name.match(/\bservice-\d+@dataflow-service-producer-prod\.iam\.gserviceaccount\.com$/) or
|
369
364
|
name.match(/\bservice-\d+@dataproc-accounts\.iam\.gserviceaccount\.com$/) or
|
370
365
|
name.match(/\bservice-\d+@endpoints-portal\.iam\.gserviceaccount\.com$/) or
|
@@ -372,9 +367,8 @@ module MU
|
|
372
367
|
name.match(/\bservice-\d+@cloud-redis\.iam\.gserviceaccount\.com$/) or
|
373
368
|
name.match(/\bservice-\d+@firebase-rules\.iam\.gserviceaccount\.com$/) or
|
374
369
|
name.match(/\bservice-\d+@cloud-tpu\.iam\.gserviceaccount\.com$/) or
|
375
|
-
name.match(/\bservice-\d+@gcp-sa-vpcaccess\.iam\.gserviceaccount\.com$/) or
|
376
|
-
name.match(/\bservice-\d+@gcp-sa-websecurityscanner\.iam\.gserviceaccount\.com$/) or
|
377
370
|
name.match(/\bservice-\d+@sourcerepo-service-accounts\.iam\.gserviceaccount\.com$/) or
|
371
|
+
name.match(/\bservice-\d+@gcp-sa-[^\.]+\.iam\.gserviceaccount\.com$/) or
|
378
372
|
name.match(/\bp\d+\-\d+@gcp-sa-logging\.iam\.gserviceaccount\.com$/)
|
379
373
|
end
|
380
374
|
|
@@ -409,12 +403,13 @@ module MU
|
|
409
403
|
MU.log "FAILED TO FIND CLOUD DESCRIPTOR FOR #{self}", MU::ERR, details: @config
|
410
404
|
return nil
|
411
405
|
end
|
412
|
-
|
413
406
|
bok['name'] = @config['name']
|
414
407
|
bok['cloud_id'] = @cloud_id
|
415
408
|
bok['type'] = @config['type']
|
416
409
|
bok['type'] ||= "service"
|
410
|
+
|
417
411
|
if bok['type'] == "service"
|
412
|
+
bok['name'].gsub!(/@.*/, '')
|
418
413
|
bok['project'] = @project_id
|
419
414
|
keys = MU::Cloud::Google.iam(credentials: @config['credentials']).list_project_service_account_keys(@cloud_id)
|
420
415
|
|
@@ -433,8 +428,8 @@ module MU
|
|
433
428
|
user_roles["user"][bok['cloud_id']].size > 0
|
434
429
|
bok['roles'] = MU::Cloud::Google::Role.entityBindingsToSchema(user_roles["user"][bok['cloud_id']], credentials: @config['credentials'])
|
435
430
|
end
|
436
|
-
bok['given_name'] = cloud_desc.name.given_name
|
437
|
-
bok['family_name'] = cloud_desc.name.family_name
|
431
|
+
bok['given_name'] = cloud_desc.name.given_name if cloud_desc.name.given_name and !cloud_desc.name.given_name.empty?
|
432
|
+
bok['family_name'] = cloud_desc.name.family_name if cloud_desc.name.family_name and !cloud_desc.name.family_name.empty?
|
438
433
|
bok['email'] = cloud_desc.primary_email
|
439
434
|
bok['suspend'] = cloud_desc.suspended
|
440
435
|
bok['admin'] = cloud_desc.is_admin
|
@@ -532,8 +527,8 @@ If we are binding (rather than creating) a user and no roles are specified, we w
|
|
532
527
|
|
533
528
|
# Deal with these name alias fields, here for the convenience of your
|
534
529
|
# easily confused english-centric type of person
|
535
|
-
user['given_name'] ||= user['first_name']
|
536
|
-
user['family_name'] ||= user['last_name']
|
530
|
+
user['given_name'] ||= user['first_name'] if user['first_name']
|
531
|
+
user['family_name'] ||= user['last_name'] if user['last_name']
|
537
532
|
user.delete("first_name")
|
538
533
|
user.delete("last_name")
|
539
534
|
|
data/modules/mu/config.rb
CHANGED
@@ -348,7 +348,7 @@ module MU
|
|
348
348
|
@deploy_id = @mommacat.deploy_id
|
349
349
|
end
|
350
350
|
|
351
|
-
kitten if @mommacat # try to populate the actual cloud object for this
|
351
|
+
kitten(shallow: true) if @mommacat # try to populate the actual cloud object for this
|
352
352
|
end
|
353
353
|
|
354
354
|
# Comparison operator
|
@@ -476,7 +476,7 @@ module MU
|
|
476
476
|
# called in a live deploy, which is to say that if called during initial
|
477
477
|
# configuration parsing, results may be incorrect.
|
478
478
|
# @param mommacat [MU::MommaCat]: A deploy object which will be searched for the referenced resource if provided, before restoring to broader, less efficient searches.
|
479
|
-
def kitten(mommacat = @mommacat)
|
479
|
+
def kitten(mommacat = @mommacat, shallow: false)
|
480
480
|
return nil if !@cloud or !@type
|
481
481
|
|
482
482
|
if @obj
|
@@ -509,7 +509,7 @@ end
|
|
509
509
|
end
|
510
510
|
end
|
511
511
|
|
512
|
-
if !@obj and !(@cloud == "Google" and @id and @type == "users" and MU::Cloud::Google::User.cannedServiceAcctName?(@id))
|
512
|
+
if !@obj and !(@cloud == "Google" and @id and @type == "users" and MU::Cloud::Google::User.cannedServiceAcctName?(@id)) and !shallow
|
513
513
|
|
514
514
|
begin
|
515
515
|
hab_arg = if @habitat.nil?
|
@@ -1656,7 +1656,7 @@ $CONFIGURABLES
|
|
1656
1656
|
end
|
1657
1657
|
end
|
1658
1658
|
|
1659
|
-
descriptor["dependencies"].uniq!
|
1659
|
+
descriptor["dependencies"].uniq! if descriptor["dependencies"]
|
1660
1660
|
|
1661
1661
|
@kittencfg_semaphore.synchronize {
|
1662
1662
|
@kittens[cfg_plural] << descriptor if append
|
data/modules/mu/mommacat.rb
CHANGED
@@ -364,7 +364,7 @@ module MU
|
|
364
364
|
MU::Config::Ref.get(orig_cfg['vpc'])
|
365
365
|
end
|
366
366
|
orig_cfg['vpc'].delete('mommacat')
|
367
|
-
orig_cfg['vpc'] = ref if ref.kitten
|
367
|
+
orig_cfg['vpc'] = ref if ref.kitten(shallow: true)
|
368
368
|
end
|
369
369
|
|
370
370
|
begin
|
@@ -416,7 +416,7 @@ module MU
|
|
416
416
|
seen << @original_config['cloud'] if @original_config['cloud']
|
417
417
|
MU::Cloud.resource_types.values.each { |attrs|
|
418
418
|
type = attrs[:cfg_plural]
|
419
|
-
if @original_config
|
419
|
+
if @original_config[type]
|
420
420
|
@original_config[type].each { |resource|
|
421
421
|
seen << resource['cloud'] if resource['cloud']
|
422
422
|
}
|
@@ -436,7 +436,7 @@ module MU
|
|
436
436
|
# defaultcloud = @original_config['cloud']
|
437
437
|
MU::Cloud.resource_types.values.each { |attrs|
|
438
438
|
type = attrs[:cfg_plural]
|
439
|
-
if @original_config
|
439
|
+
if @original_config[type]
|
440
440
|
@original_config[type].each { |resource|
|
441
441
|
if resource['credentials']
|
442
442
|
seen << resource['credentials']
|
@@ -466,7 +466,7 @@ module MU
|
|
466
466
|
regions << @original_config['region'] if @original_config['region']
|
467
467
|
MU::Cloud.resource_types.each_pair { |res_type, attrs|
|
468
468
|
type = attrs[:cfg_plural]
|
469
|
-
if @original_config
|
469
|
+
if @original_config[type]
|
470
470
|
@original_config[type].each { |resource|
|
471
471
|
if resource['cloud']
|
472
472
|
cloudclass = Object.const_get("MU").const_get("Cloud").const_get(resource['cloud'])
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cloud-mu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.1.
|
4
|
+
version: 3.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- John Stange
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2020-01-11 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: erubis
|