convection 0.2.32 → 0.2.33
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +0 -1
- data/.rubocop_todo.yml +1 -2
- data/Gemfile +2 -1
- data/Rakefile +3 -7
- data/lib/convection.rb +2 -2
- data/lib/convection/control/stack.rb +49 -10
- data/lib/convection/model/event.rb +3 -2
- data/lib/convection/model/template.rb +13 -1
- data/lib/convection/model/template/metadata.rb +22 -0
- data/lib/convection/model/template/resource/aws_ec2_subnet.rb +1 -0
- data/lib/convection/model/template/resource/aws_events_rule.rb +4 -0
- data/spec/cf_client_context.rb +10 -0
- data/spec/collect_availability_zones_task_context.rb +17 -0
- data/spec/convection/control/stack/after_create_tasks_spec.rb +51 -0
- data/spec/convection/control/stack/after_delete_tasks_spec.rb +51 -0
- data/spec/convection/control/stack/after_update_tasks_spec.rb +54 -0
- data/spec/convection/control/stack/before_create_tasks_spec.rb +52 -0
- data/spec/convection/control/stack/before_delete_tasks_spec.rb +51 -0
- data/spec/convection/control/stack/before_update_tasks_spec.rb +55 -0
- data/spec/convection/dsl/intrinsic_functions_spec.rb +88 -0
- data/spec/convection/model/template/condition_spec.rb +38 -0
- data/spec/convection/model/template/resource/directoryservice_simple_ad_spec.rb +39 -0
- data/spec/convection/model/template/resource/ec2_security_group_spec.rb +39 -0
- data/spec/convection/model/template/resource/ec2_subnet_spec.rb +48 -0
- data/spec/convection/model/template/resource/elasticache_cache_cluster_spec.rb +52 -0
- data/spec/convection/model/template/resource/elasticache_parameter_group_spec.rb +38 -0
- data/spec/convection/model/template/resource/elasticache_security_group_ingress_spec.rb +40 -0
- data/spec/convection/model/template/resource/elasticache_security_group_spec.rb +32 -0
- data/spec/convection/model/template/resource/events_rule_spec.rb +44 -0
- data/spec/convection/model/template/resource/iam_role_spec.rb +37 -0
- data/spec/convection/model/template/resource/lambdas_spec.rb +70 -0
- data/spec/convection/model/template/resource/loggroups_spec.rb +34 -0
- data/spec/convection/model/template/resource/permission_spec.rb +43 -0
- data/spec/convection/model/template/resource/rds_security_groups_spec.rb +50 -0
- data/spec/convection/model/template/resource/vpc_endpoints_spec.rb +65 -0
- data/spec/convection/model/template/resource_attribute/update_policies_spec.rb +66 -0
- data/spec/convection/model/template/template_spec.rb +60 -0
- data/spec/convection/model/template/validate_bytesize_spec.rb +49 -0
- data/spec/convection/model/template/validate_description_spec.rb +31 -0
- data/spec/convection/model/template/validate_mappings_spec.rb +88 -0
- data/spec/convection/model/template/validate_outputs_spec.rb +62 -0
- data/spec/convection/model/template/validate_parameters_spec.rb +84 -0
- data/spec/convection/model/template/validate_resources_spec.rb +50 -0
- data/spec/ec2_client_context.rb +18 -0
- data/spec/spec_helper.rb +11 -0
- metadata +72 -40
- data/test/convection/model/test_conditions.rb +0 -121
- data/test/convection/model/test_directory_service.rb +0 -40
- data/test/convection/model/test_elasticache.rb +0 -97
- data/test/convection/model/test_lambdas.rb +0 -53
- data/test/convection/model/test_loggroups.rb +0 -25
- data/test/convection/model/test_permission.rb +0 -31
- data/test/convection/model/test_rds.rb +0 -76
- data/test/convection/model/test_template.rb +0 -64
- data/test/convection/model/test_trust.rb +0 -28
- data/test/convection/model/test_update_policies.rb +0 -54
- data/test/convection/model/test_validation.rb +0 -216
- data/test/convection/model/test_vpc_endpoint.rb +0 -51
- data/test/convection/tasks/test_after_create_tasks.rb +0 -66
- data/test/convection/tasks/test_after_delete_tasks.rb +0 -66
- data/test/convection/tasks/test_after_update_tasks.rb +0 -71
- data/test/convection/tasks/test_before_create_tasks.rb +0 -66
- data/test/convection/tasks/test_before_delete_tasks.rb +0 -66
- data/test/convection/tasks/test_before_update_tasks.rb +0 -71
- data/test/test_helper.rb +0 -72
@@ -0,0 +1,38 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe ElastiCacheParameterGroup do
|
5
|
+
let(:elasticache_template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'Elasticache Test Template'
|
8
|
+
|
9
|
+
elasticache_parameter_group 'MyRedisParamGroup' do
|
10
|
+
cache_parameter_group_family 'redis2.8'
|
11
|
+
description 'Redis cache parameter group'
|
12
|
+
parameter 'my_param_key', 'my_param_value'
|
13
|
+
parameter 'my_other_key', 'my_other_value'
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
subject do
|
19
|
+
template_json
|
20
|
+
.fetch('Resources')
|
21
|
+
.fetch('MyRedisParamGroup')
|
22
|
+
.fetch('Properties')
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'has multiple parameters ("Properties")' do
|
26
|
+
expect(subject['Properties']).to include(
|
27
|
+
'my_param_key' => 'my_param_value',
|
28
|
+
'my_other_key' => 'my_other_value'
|
29
|
+
)
|
30
|
+
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def template_json
|
35
|
+
JSON.parse(elasticache_template.to_json)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe ElastiCacheSecurityGroupIngress do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'Elasticache Test Template'
|
8
|
+
|
9
|
+
elasticache_security_group_ingress 'MyRedisSecGroupIngress' do
|
10
|
+
# NOTE: We do not have to actually be able to resolve these
|
11
|
+
# function references for unit testing.
|
12
|
+
cache_security_group_name fn_ref('MyRedisSecGroup')
|
13
|
+
ec2_security_group_name fn_ref('MyEC2SecGroup')
|
14
|
+
ec2_security_group_owner_id '123456789012'
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
subject do
|
20
|
+
template_json
|
21
|
+
.fetch('Resources')
|
22
|
+
.fetch('MyRedisSecGroupIngress')
|
23
|
+
.fetch('Properties')
|
24
|
+
end
|
25
|
+
|
26
|
+
it 'contains a reference to the specified cache security group name' do
|
27
|
+
expect(subject['CacheSecurityGroupName']).to eq('Ref' => 'MyRedisSecGroup')
|
28
|
+
end
|
29
|
+
|
30
|
+
it 'contains a reference to the specified EC2 security group name' do
|
31
|
+
expect(subject['EC2SecurityGroupName']).to eq('Ref' => 'MyEC2SecGroup')
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def template_json
|
37
|
+
JSON.parse(template.to_json)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe ElastiCacheSecurityGroup do
|
5
|
+
let(:elasticache_template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'Elasticache Test Template'
|
8
|
+
|
9
|
+
elasticache_security_group 'MyRedisSecGroup' do
|
10
|
+
description 'Redis cache security group'
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
subject do
|
16
|
+
template_json
|
17
|
+
.fetch('Resources')
|
18
|
+
.fetch('MyRedisSecGroup')
|
19
|
+
.fetch('Properties')
|
20
|
+
end
|
21
|
+
|
22
|
+
it 'has a description' do
|
23
|
+
expect(subject['Description']).to eq('Redis cache security group')
|
24
|
+
end
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
def template_json
|
29
|
+
JSON.parse(elasticache_template.to_json)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe EventsRule do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'EventsRule Test Template'
|
8
|
+
|
9
|
+
# TODO: Test simple properties of EventsRule as well?
|
10
|
+
events_rule 'MyEventsRule' do
|
11
|
+
event_pattern 'source', %w(aws.ec2)
|
12
|
+
event_pattern 'detail',
|
13
|
+
'state' => %w(shutting-down stopped stopping terminated),
|
14
|
+
'instance-id' => 'i-deadb33f'
|
15
|
+
event_pattern 'detail-type', ['EC2 Instance State-change Notification']
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
subject do
|
21
|
+
template_json
|
22
|
+
.fetch('Resources')
|
23
|
+
.fetch('MyEventsRule')
|
24
|
+
.fetch('Properties')
|
25
|
+
end
|
26
|
+
|
27
|
+
it 'combines all event pattern calls into a single event pattern JSON object' do
|
28
|
+
expect(subject['EventPattern']).to include(
|
29
|
+
'source' => %w(aws.ec2),
|
30
|
+
'detail' => {
|
31
|
+
'state' => %w(shutting-down stopped stopping terminated),
|
32
|
+
'instance-id' => 'i-deadb33f'
|
33
|
+
},
|
34
|
+
'detail-type' => ['EC2 Instance State-change Notification']
|
35
|
+
)
|
36
|
+
end
|
37
|
+
|
38
|
+
private
|
39
|
+
|
40
|
+
def template_json
|
41
|
+
JSON.parse(template.to_json)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe IAMRole do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'Trust Test Template'
|
8
|
+
|
9
|
+
iam_role 'FooRole' do
|
10
|
+
trust_service 'bar'
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
subject do
|
16
|
+
template_json
|
17
|
+
.fetch('Resources')
|
18
|
+
.fetch('FooRole')
|
19
|
+
.fetch('Properties')
|
20
|
+
.fetch('AssumeRolePolicyDocument')
|
21
|
+
end
|
22
|
+
|
23
|
+
it 'AssumeRolePolicyDocument is not nil' do
|
24
|
+
expect(subject).to_not eq(nil)
|
25
|
+
end
|
26
|
+
|
27
|
+
it 'the policy statement documents principal is bar.amazonaws.com' do
|
28
|
+
expect(subject['Statement']).to include(hash_including('Principal' => { 'Service' => 'bar.amazonaws.com' }))
|
29
|
+
end
|
30
|
+
|
31
|
+
private
|
32
|
+
|
33
|
+
def template_json
|
34
|
+
JSON.parse(template.to_json)
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe Lambda do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'Conditions Test Template'
|
8
|
+
|
9
|
+
lambda_function 'TestLambda' do
|
10
|
+
description 'Test description'
|
11
|
+
handler 'index.handler'
|
12
|
+
runtime 'nodejs'
|
13
|
+
role 'arn:aws:x:y:z'
|
14
|
+
|
15
|
+
code do
|
16
|
+
s3_bucket 'testbucket'
|
17
|
+
s3_key 'testkey'
|
18
|
+
end
|
19
|
+
|
20
|
+
vpc_config do
|
21
|
+
security_groups %w(group1 group2)
|
22
|
+
subnets %w(subnet1a subnet1b)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
subject do
|
29
|
+
template_json
|
30
|
+
.fetch('Resources')
|
31
|
+
.fetch('TestLambda')
|
32
|
+
.fetch('Properties')
|
33
|
+
end
|
34
|
+
|
35
|
+
it 's3 bucket configurations match what is defined in the template' do
|
36
|
+
expect(subject['Code']['S3Bucket']).to eq('testbucket')
|
37
|
+
expect(subject['Code']['S3Key']).to eq('testkey')
|
38
|
+
end
|
39
|
+
|
40
|
+
it 'the role matches the value defined in the template' do
|
41
|
+
expect(subject['Role']).to eq('arn:aws:x:y:z')
|
42
|
+
end
|
43
|
+
|
44
|
+
it 'vpc config parameters match the values defined in the template' do
|
45
|
+
expect(subject['VpcConfig']).to_not eq(nil)
|
46
|
+
end
|
47
|
+
|
48
|
+
it 'security group ids are stored in an array' do
|
49
|
+
expect(subject['VpcConfig']['SecurityGroupIds']).to be_a(Array)
|
50
|
+
end
|
51
|
+
|
52
|
+
it 'security groups is an array of 2 group ids' do
|
53
|
+
expect(subject['VpcConfig']['SecurityGroupIds'].size).to eq(2)
|
54
|
+
end
|
55
|
+
|
56
|
+
it 'subnet ids are stored in an array' do
|
57
|
+
expect(subject['VpcConfig']['SubnetIds']).to be_a(Array)
|
58
|
+
end
|
59
|
+
|
60
|
+
it 'SubnetIds is an array of 2 group ids' do
|
61
|
+
expect(subject['VpcConfig']['SubnetIds'].size).to eq(2)
|
62
|
+
end
|
63
|
+
|
64
|
+
private
|
65
|
+
|
66
|
+
def template_json
|
67
|
+
JSON.parse(template.to_json)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe Lambda do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'Logroups Test Template'
|
8
|
+
|
9
|
+
resource 'testgroup' do
|
10
|
+
type 'AWS::Logs::LogGroup'
|
11
|
+
property 'RetentionInDays', 365
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
subject do
|
17
|
+
template_json
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'template is defined' do
|
21
|
+
expect(subject).to_not eq(nil)
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'resource values are properly set' do
|
25
|
+
expect(subject['Resources']).to have_key('testgroup')
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
|
30
|
+
def template_json
|
31
|
+
JSON.parse(template.to_json)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe Lambda do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'Lambda Permission Test Template'
|
8
|
+
|
9
|
+
lambda_permission 'LambdaInvokePermission' do
|
10
|
+
action 'lambda:InvokeFunction'
|
11
|
+
function_name get_att('MyLambdaFunction', 'Arn')
|
12
|
+
principal 's3.amazonaws.com'
|
13
|
+
source_account fn_ref('AWS::AccountId')
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
subject do
|
19
|
+
template_json
|
20
|
+
.fetch('Resources')
|
21
|
+
.fetch('LambdaInvokePermission')
|
22
|
+
.fetch('Properties')
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'action parameter is set correctly' do
|
26
|
+
expect(subject['Action']).to eq('lambda:InvokeFunction')
|
27
|
+
end
|
28
|
+
|
29
|
+
it 'function name parameter is set with get_att' do
|
30
|
+
expect(subject['FunctionName']).to eq('Fn::GetAtt' => %w(MyLambdaFunction Arn))
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'source account fn ref sets param properly' do
|
34
|
+
expect(subject['SourceAccount']).to eq('Ref' => 'AWS::AccountId')
|
35
|
+
end
|
36
|
+
|
37
|
+
private
|
38
|
+
|
39
|
+
def template_json
|
40
|
+
JSON.parse(template.to_json)
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe RDSDBInstance do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'RDS Test Template'
|
8
|
+
|
9
|
+
rds_security_group 'MyRDSSecGroup' do
|
10
|
+
description 'Pulls in EC2 SGs'
|
11
|
+
ec2_security_group 'MyEC2SecGroup', '123456789012'
|
12
|
+
cidr_ip 'my_cidr_value'
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
subject do
|
18
|
+
template_json
|
19
|
+
.fetch('Resources')
|
20
|
+
.fetch('MyRDSSecGroup')
|
21
|
+
.fetch('Properties')
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'DBSecurityGroupIngress in a array' do
|
25
|
+
expect(subject['DBSecurityGroupIngress']).to be_a(Array)
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'ingress rules array contains 2 elements' do
|
29
|
+
expect(subject['DBSecurityGroupIngress'].size).to eq(2)
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'defines the cidr block correctly' do
|
33
|
+
expect(subject['DBSecurityGroupIngress']).to include(hash_including('CIDRIP' => 'my_cidr_value'))
|
34
|
+
end
|
35
|
+
|
36
|
+
it 'defines EC2SecurityGroupName correctly' do
|
37
|
+
expect(subject['DBSecurityGroupIngress']).to include(hash_including('EC2SecurityGroupName' => 'MyEC2SecGroup'))
|
38
|
+
end
|
39
|
+
|
40
|
+
it 'defines EC2SecurityGroupOwnerId correctly' do
|
41
|
+
expect(subject['DBSecurityGroupIngress']).to include(hash_including('EC2SecurityGroupOwnerId' => '123456789012'))
|
42
|
+
end
|
43
|
+
|
44
|
+
private
|
45
|
+
|
46
|
+
def template_json
|
47
|
+
JSON.parse(template.to_json)
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
@@ -0,0 +1,65 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class Convection::Model::Template::Resource
|
4
|
+
describe Lambda do
|
5
|
+
let(:template) do
|
6
|
+
Convection.template do
|
7
|
+
description 'VPC Endpoint Test Template'
|
8
|
+
|
9
|
+
ec2_vpc_endpoint 'TestVpcEndpoint' do
|
10
|
+
service 's3'
|
11
|
+
vpc 'vpc-foo'
|
12
|
+
route_tables %w(table1 table2)
|
13
|
+
|
14
|
+
allow do
|
15
|
+
s3_resource 'bucket-bar', '*'
|
16
|
+
action 's3:GetObject'
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
subject do
|
23
|
+
template_json
|
24
|
+
.fetch('Resources')
|
25
|
+
.fetch('TestVpcEndpoint')
|
26
|
+
.fetch('Properties')
|
27
|
+
end
|
28
|
+
|
29
|
+
it 'vpc endpoint config is not nil' do
|
30
|
+
expect(subject).to_not eq(nil)
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'vpc is correctly defined' do
|
34
|
+
expect(subject['VpcId']).to eq('vpc-foo')
|
35
|
+
end
|
36
|
+
|
37
|
+
it 'ServiceName is a hash' do
|
38
|
+
expect(subject['ServiceName']).to be_a(Hash)
|
39
|
+
end
|
40
|
+
|
41
|
+
# "ServiceName"=>
|
42
|
+
# {"Fn::Join"=>[".", ["com.amazonaws", {"Ref"=>"AWS::Region"}, "s3"]]},
|
43
|
+
it 'ServiceName Fn::Join is a array' do
|
44
|
+
expect(subject['ServiceName']['Fn::Join']).to be_a(Array)
|
45
|
+
end
|
46
|
+
|
47
|
+
it 'ServiceName Fn::Join array index 0 is correctly defined' do
|
48
|
+
expect(subject['ServiceName']['Fn::Join'][0]).to eq('.')
|
49
|
+
end
|
50
|
+
|
51
|
+
it 'ServiceName s3 path is an array' do
|
52
|
+
expect(subject['ServiceName']['Fn::Join'][1]).to be_a(Array)
|
53
|
+
end
|
54
|
+
|
55
|
+
it 'ServiceName s3 path last element is s3' do
|
56
|
+
expect(subject['ServiceName']['Fn::Join'][1].last).to eq('s3')
|
57
|
+
end
|
58
|
+
|
59
|
+
private
|
60
|
+
|
61
|
+
def template_json
|
62
|
+
JSON.parse(template.to_json)
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|