convox_installer 2.0.0 → 3.0.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -3,7 +3,7 @@
3
3
  require 'convox_installer'
4
4
 
5
5
  RSpec.describe ConvoxInstaller::Requirements do
6
- let(:convox_cli_version) { '20210208170413' }
6
+ let(:convox_cli_version) { '3.3.4' }
7
7
 
8
8
  before do
9
9
  allow_any_instance_of(
@@ -45,8 +45,8 @@ RSpec.describe ConvoxInstaller::Requirements do
45
45
  end
46
46
  end
47
47
 
48
- context 'with Convox CLI version 3.3.4' do
49
- let(:convox_cli_version) { '3.3.4' }
48
+ context 'with Convox CLI version 20210208170413' do
49
+ let(:convox_cli_version) { '20210208170413' }
50
50
 
51
51
  it 'shows the correct error message and quit' do
52
52
  req = described_class.new
@@ -55,11 +55,10 @@ RSpec.describe ConvoxInstaller::Requirements do
55
55
  expect(req).to receive(:quit!)
56
56
 
57
57
  expect(req.logger).to receive(:error).with(
58
- 'This script requires Convox CLI version 2.x.x. Your Convox CLI version is: 3.3.4'
58
+ 'This script requires Convox CLI version 3.x.x. Your Convox CLI version is: 20210208170413'
59
59
  )
60
60
  expect(req.logger).to receive(:error).with(
61
- 'Please follow the instructions here to downgrade your ' \
62
- 'Convox CLI version: https://docsv2.convox.com/introduction/installation'
61
+ "Please run 'brew update convox' or follow the instructions at https://docs.convox.com/getting-started/introduction"
63
62
  )
64
63
 
65
64
  req.ensure_requirements!
@@ -0,0 +1,46 @@
1
+ resource "aws_elasticache_cluster" "elasticache_cluster" {
2
+ cluster_id = "<%= config.fetch(:stack_name) %>-elasticache-<%= config.fetch(:random_id) %>"
3
+ engine = "<%= config[:elasticache_engine] || 'redis' %>"
4
+ engine_version = "<%= config[:elasticache_engine_version] || '6.x' %>"
5
+ node_type = "<%= config[:elasticache_node_type] || 'cache.t3.medium' %>"
6
+ num_cache_nodes = <%= config[:elasticache_num_cache_nodes] || 1 %>
7
+ port = <%= config[:elasticache_port] || 6379 %>
8
+
9
+ subnet_group_name = aws_elasticache_subnet_group.elasticache_subnet_group.name
10
+ security_group_ids = [aws_security_group.elasticache_security_group.id]
11
+
12
+ # Workaround for weird engine_version issue where 6.x works for creation, and fails for update
13
+ # See: https://github.com/hashicorp/terraform-provider-aws/issues/15625#issuecomment-727759811
14
+ # Fixed in version 3.38.0 of the Terraform AWS provider.
15
+ lifecycle {
16
+ ignore_changes = [engine_version]
17
+ }
18
+ }
19
+
20
+ resource "aws_elasticache_subnet_group" "elasticache_subnet_group" {
21
+ name = "<%= config.fetch(:stack_name) %>-elasticache-cluster-subnetgroup-<%= config.fetch(:random_id) %>"
22
+ subnet_ids = module.system.cluster.subnets
23
+ }
24
+
25
+ resource "aws_security_group" "elasticache_security_group" {
26
+ name = "<%= config.fetch(:stack_name) %>-elasticache-securitygroup-<%= config.fetch(:random_id) %>"
27
+
28
+ description = "Elasticache Security Group (Managed by Terraform)"
29
+ vpc_id = module.system.cluster.vpc
30
+
31
+ # Only Redis in
32
+ ingress {
33
+ from_port = 6379
34
+ to_port = 6379
35
+ protocol = "tcp"
36
+ cidr_blocks = ["10.1.0.0/16"]
37
+ }
38
+
39
+ # Allow all outbound traffic
40
+ egress {
41
+ from_port = 0
42
+ to_port = 0
43
+ protocol = "-1"
44
+ cidr_blocks = ["0.0.0.0/0"]
45
+ }
46
+ }
@@ -0,0 +1,45 @@
1
+ resource "aws_db_instance" "rds_database" {
2
+ allocated_storage = <%= config[:database_allocated_storage] || 30 %>
3
+ engine = "<%= config[:database_engine] || 'postgres' %>"
4
+ engine_version = "<%= config[:database_engine_version] || '14.2' %>"
5
+ instance_class = "<%= config[:database_instance_class] || 'db.t3.medium' %>"
6
+ name = "<%= config.fetch(:stack_name).gsub('-', '_') %>_database"
7
+ identifier = "<%= config.fetch(:stack_name) %>-rds-<%= config.fetch(:random_id) %>"
8
+ multi_az = <%= config[:database_multi_az] || true %>
9
+ username = "<%= config.fetch(:database_username) %>"
10
+ password = "<%= config.fetch(:database_password) %>"
11
+
12
+ final_snapshot_identifier = "<%= config.fetch(:stack_name) %>-rds-<%= config.fetch(:random_id) %>-final-snapshot"
13
+ skip_final_snapshot = false
14
+
15
+ db_subnet_group_name = aws_db_subnet_group.rds_subnet_group.name
16
+ vpc_security_group_ids = [aws_security_group.rds_security_group.id]
17
+ }
18
+
19
+ resource "aws_db_subnet_group" "rds_subnet_group" {
20
+ name = "<%= config.fetch(:stack_name) %>-rds-subnetgroup-<%= config.fetch(:random_id) %>"
21
+ subnet_ids = module.system.cluster.subnets
22
+ }
23
+
24
+ resource "aws_security_group" "rds_security_group" {
25
+ name = "<%= config.fetch(:stack_name) %>-rds-database-securitygroup-<%= config.fetch(:random_id) %>"
26
+
27
+ description = "RDS Security Group (Managed by Terraform)"
28
+ vpc_id = module.system.cluster.vpc
29
+
30
+ # Only Postgres in
31
+ ingress {
32
+ from_port = 5432
33
+ to_port = 5432
34
+ protocol = "tcp"
35
+ cidr_blocks = ["10.1.0.0/16"]
36
+ }
37
+
38
+ # Allow all outbound traffic
39
+ egress {
40
+ from_port = 0
41
+ to_port = 0
42
+ protocol = "-1"
43
+ cidr_blocks = ["0.0.0.0/0"]
44
+ }
45
+ }
@@ -0,0 +1,73 @@
1
+ # AWS provider version is 3.33.0
2
+ # https://registry.terraform.io/providers/hashicorp/aws/3.33.0
3
+
4
+ provider "aws" {
5
+ region = "<%= config[:aws_region] %>"
6
+ }
7
+
8
+ resource "aws_kms_key" "docs_kms_key" {
9
+ description = "This key is used to encrypt objects in the DocSpring S3 bucket"
10
+ deletion_window_in_days = 14
11
+ }
12
+
13
+ # Later versions of aws provider (e.g. 4.8.0) use separate resources for
14
+ # aws_s3_bucket_acl and aws_s3_bucket_cors_configuration.
15
+ # This will need to be updated in the future.
16
+ resource "aws_s3_bucket" "docs_s3_bucket" {
17
+ bucket = "<%= config.fetch(:stack_name) %>-<%= config.fetch(:s3_bucket_name) %>"
18
+ acl = "private"
19
+
20
+ server_side_encryption_configuration {
21
+ rule {
22
+ apply_server_side_encryption_by_default {
23
+ kms_master_key_id = aws_kms_key.docs_kms_key.arn
24
+ sse_algorithm = "aws:kms"
25
+ }
26
+ }
27
+ }
28
+
29
+ <%= config[:s3_bucket_cors_rule] %>
30
+ }
31
+
32
+ resource "aws_iam_user" "docspring_s3_user" {
33
+ name = "<%= config.fetch(:stack_name) %>-<%= config.fetch(:s3_bucket_name) %>"
34
+ }
35
+
36
+ resource "aws_iam_access_key" "docspring_user_access_key" {
37
+ user = aws_iam_user.docspring_s3_user.name
38
+ }
39
+
40
+ resource "aws_iam_user_policy" "docspring_user_s3_policy" {
41
+ name = "docspring_user_s3_policy"
42
+ user = aws_iam_user.docspring_s3_user.name
43
+
44
+ policy = jsonencode({
45
+ "Version": "2012-10-17",
46
+ "Statement": [
47
+ {
48
+ "Effect": "Allow",
49
+ "Action": [
50
+ "s3:PutObject",
51
+ "s3:PutObjectAcl",
52
+ "s3:GetObject",
53
+ "s3:GetObjectAcl",
54
+ "s3:DeleteObject"
55
+ ],
56
+ "Resource": [
57
+ "arn:aws:s3:::<%= config.fetch(:stack_name) %>-<%= config.fetch(:s3_bucket_name) %>/*",
58
+ ]
59
+ },
60
+ {
61
+ "Effect": "Allow",
62
+ "Action": [
63
+ "kms:Encrypt",
64
+ "kms:Decrypt",
65
+ "kms:ReEncrypt*",
66
+ "kms:GenerateDataKey*",
67
+ "kms:DescribeKey"
68
+ ],
69
+ "Resource": "*"
70
+ }
71
+ ]
72
+ })
73
+ }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: convox_installer
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 3.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Form Applications Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-04-02 00:00:00.000000000 Z
11
+ date: 2022-11-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -109,6 +109,9 @@ files:
109
109
  - spec/lib/convox_installer/config_spec.rb
110
110
  - spec/lib/convox_installer/requirements_spec.rb
111
111
  - spec/spec_helper.rb
112
+ - terraform/elasticache.tf.erb
113
+ - terraform/rds.tf.erb
114
+ - terraform/s3_bucket.tf.erb
112
115
  homepage: https://github.com/FormAPI/convox_installer
113
116
  licenses:
114
117
  - MIT
@@ -129,7 +132,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
129
132
  - !ruby/object:Gem::Version
130
133
  version: '0'
131
134
  requirements: []
132
- rubygems_version: 3.2.11
135
+ rubygems_version: 3.3.7
133
136
  signing_key:
134
137
  specification_version: 4
135
138
  summary: Build a Convox installation workflow