ec2 0.0.4

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 67a8f18079f6dcaab371130b7bb5719adde84853
+  data.tar.gz: 3507f5c9ef4d942386a463aac6561e6d6e9ae98e
+SHA512:
+  metadata.gz: 6aba022af5c0fd56b1cdcd944715bf30a60dfe376b4574e89494ff9bfb01d3365b77e36608d5701dd60cc17629c4f131f8b82436d637c57cd88dcff7f31254ff
+  data.tar.gz: 168ded50b3abd14b310a53c3f8afccaa02a5ca195a36e9cc2e61212a1e77be3d0ed9831de08a82f5b85fe7ef454179e562dcddf1a4c5c2689344928f393ba932

data/.gitignore

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ec2.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Neeraj Bhunwal
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,31 @@
+# Ec2
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'ec2'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install ec2
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it ( https://github.com/[my-github-username]/ec2/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/bin/ec2

@@ -0,0 +1,72 @@
+#!/usr/bin/env ruby 
+Signal.trap("INT") { exit 1 }
+
+require 'optparse'
+require 'ec2/version'
+require 'ec2/error'
+require 'ec2/logger'
+
+logger = ::Ec2::Logger.logger
+options = {}
+
+opts_parser = OptionParser.new do |opts| 
+    
+    banner = [] 
+    banner << "Usage: ec2 [global options] command [options] args"
+    banner << "Commands:"
+    banner << "    hosts"
+    
+    banner << "Options: "
+    opts.banner = banner.join("\n")
+
+    opts.on("-v", "--version", "Show version") do |v|
+      puts ::Ec2::VERSION
+      exit
+    end
+
+    opts.on("--debug", "Show debug messages") do
+      options[:debug] = true
+      logger.level = ::Logger::DEBUG
+    end
+
+    opts.on("--trace", "Show debug messages and exception stack trace") do
+      options[:debug] = true
+      options[:trace] = true
+      logger.level = ::Logger::DEBUG
+      logger.trace = true
+    end
+
+    opts.on_tail("-h", "--help", "Show this message") do 
+      puts opts
+      exit
+    end 
+end
+begin
+  opts_parser.order!(ARGV)
+  command = ( ARGV.shift || '').to_sym
+  case command
+  when :hosts
+    require 'ec2/cli/hosts'
+    cli = ::Ec2::Cli::Hosts.new(ARGV)
+    cli.run
+  when :resources
+    require 'ec2/cli/resources'
+    cli = ::Ec2::Cli::Resources.new(ARGV)
+    cli.run
+  when :''
+    puts opts_parser
+  else
+    raise ::Ec2::Error, "no such command #{command}"
+  end
+
+rescue OptionParser::InvalidOption, OptionParser::MissingArgument, Ec2::Error => e
+  cause = e.cause
+  if options[:trace]
+    puts cause
+    cause ? (raise cause) : (raise e)
+  else
+    logger.debug "#{cause.message}" if cause
+    logger.error "#{e.message}"
+    abort
+  end
+end

data/dev_bin/ec2

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby 
+lib = File.expand_path(File.dirname(__FILE__) + '/../lib')
+$LOAD_PATH.unshift(lib) if File.directory?(lib) && !$LOAD_PATH.include?(lib)
+load "#{__dir__}/../bin/ec2"

data/ec2.gemspec

@@ -0,0 +1,24 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'ec2/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "ec2"
+  spec.version       = Ec2::VERSION
+  spec.authors       = ["Neeraj Bhunwal"]
+  spec.email         = ["neeraj.bhunwal@gmail.com"]
+  spec.summary       = %q{Integrates ec2 resources with salt}
+  spec.description   = %q{Integrates ec2 resources with salt}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency 'aws-sdk', '2.0.23'
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+end

data/examples/profiles.rb

@@ -0,0 +1,10 @@
+import "templates.rb"
+
+base_subnet "dev"
+availability_zones "lol5", "lol3"
+
+use :app, :postgres
+
+mprofile :postgres_small, template: "postgres"  do
+  volume device: "/dev/xvdf", size: 100
+end

data/examples/templates.rb

@@ -0,0 +1,10 @@
+base_profile "centos"
+
+template "app" do
+  security_groups "ssh", "default"
+end
+
+template "postgres" do
+  security_groups "ssh", "default"
+  volume device: '/dev/xvdf', size: 150
+end

data/examples/test.rb

@@ -0,0 +1,18 @@
+require 'pry'
+lib = File.expand_path(__dir__ + '/../lib')
+$LOAD_PATH.unshift(lib) 
+
+require 'aws-sdk'
+require 'ec2/config'
+require 'ec2/query_api'
+require 'ec2/profile_dsl'
+
+config = Ec2::Config.new(".ec2.rb").config
+credentials = Aws::Credentials.new(config[:aws_key], config[:aws_secret])
+Aws.config[:credentials] = credentials
+Aws.config[:region] = config[:region]
+
+api = Ec2::QueryApi.new(vpc_id: config[:vpc_id])
+
+x = Ec2::ProfileDsl.new("profiles.rb", api: api)
+pry

data/lib/ec2/cli/hosts.rb

@@ -0,0 +1,51 @@
+require 'ec2/lock'
+require 'ec2/salt_cloud'
+require 'ec2/config'
+
+module Ec2
+  module Cli
+    class Hosts
+    
+      def initialize(argv)
+        @argv = argv
+      end
+
+      def run
+        lock.acquire
+        opts.parse!(@argv)
+        salt.config = config
+        salt.run
+        puts "ran hosts"
+      end
+
+      def salt
+        @salt ||= ::Ec2::SaltCloud.new
+      end
+
+      def lock
+        @lock ||= ::Ec2::Lock.new
+      end
+
+      def config
+        @config ||= ::Ec2::Config.new("ec2.conf").config
+      end
+
+      def opts
+        OptionParser.new do |opts|
+
+          opts.banner = "Usage: ec2 hosts [options] [target]"
+    
+          opts.on("-f", "--file FILE", "Specify hosts file") do |f|
+            salt.hosts_file = f
+          end
+          
+          opts.on("-h", "--help", "Help") do
+            puts opts
+            exit
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/ec2/cli/resources.rb

@@ -0,0 +1,56 @@
+require 'ec2/lock'
+require 'ec2/resources'
+require 'ec2/config'
+
+module Ec2
+  module Cli
+    class Resources
+    
+      def initialize(argv)
+        @argv = argv
+      end
+
+      def run
+        lock.acquire
+        opts.parse!(@argv)
+        init_aws
+        @argv.each do |file|
+          resources = ::Ec2::Resources.new(file)
+          resources.apply
+        end
+      end
+
+      def lock
+        @lock ||= ::Ec2::Lock.new
+      end
+
+
+      def init_aws
+        credentials = Aws::Credentials.new(config[:aws_key], config[:aws_secret])
+        Aws.config[:credentials] = credentials
+        Aws.config[:region] = config[:region]
+      end
+
+      def config
+        @config ||= ::Ec2::Config.new("ec2.conf").config
+      end
+
+      def opts
+        OptionParser.new do |opts|
+
+          opts.banner = "Usage: ec2 resources [options] [target]"
+    
+          opts.on("-f", "--file FILE", "Specify hosts file") do |f|
+            salt.hosts_file = f
+          end
+          
+          opts.on("-h", "--help", "Help") do
+            puts opts
+            exit
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/ec2/config.rb

@@ -0,0 +1,58 @@
+require 'ec2/helper'
+module Ec2
+  class Config
+
+    include Helper
+
+    def initialize(config_path)
+      @config_path = config_path
+    end
+
+    def config
+      return @config if @config
+      @config = {
+        region: "ap-southeast-1",
+      }
+      read_config
+      return @config
+    end
+
+    private
+
+    def region(region)
+      set :region, region
+    end
+
+    def vpc_id(vpc)
+      set :vpc_id, vpc
+    end
+
+    def aws_key(aws_key)
+      set :aws_key, aws_key
+    end
+
+    def aws_secret(aws_secret)
+      set :aws_secret, aws_secret
+    end
+
+    def set(key, value)
+      @config.store key, value
+    end
+
+    def read_config
+      read("#{Dir.home}/.ec2.rb", required: false)
+      read(@config_path, required: false)
+    end
+
+    def read(file, required: true)
+      if not File.readable? file
+        raise error "config: #{file} not readable" if required
+        return
+      end
+      instance_eval(File.read(file), file)
+    rescue NoMethodError => e
+      error "invalid option used in config: #{e.name}"
+    end
+  
+  end
+end

data/lib/ec2/custom_logger.rb

@@ -0,0 +1,34 @@
+require 'ec2/ext/string'
+module Ec2
+  class CustomLogger < ::Logger
+
+    attr_writer :trace
+
+    def initialize(file)
+      super(file)
+      @level = ::Logger::INFO
+    end 
+
+    def format_message(severity, timestamp, progname, msg)
+      case severity
+      when "INFO"
+        "#{msg}\n"
+      when "ERROR"
+        "#{severity.bold.red} #{msg}\n"
+      when "WARN"
+        "#{severity.downcase.bold.yellow} #{msg}\n"
+      else
+        "#{severity[0].bold.blue} #{msg}\n"
+      end 
+    end 
+
+    def bullet(msg)
+      puts "#{"\u2219".bold.blue} #{msg}"
+    end
+
+    def trace?
+      @trace
+    end
+
+  end 
+end

data/lib/ec2/erb_profile.rb

@@ -0,0 +1,30 @@
+require 'ec2/logger'
+require 'ec2/helper'
+require 'erb'
+
+module Ec2
+  class ErbProfile
+
+    include Logger
+    include Helper
+
+    attr_accessor :api
+
+    def initialize(file, api: nil)
+      @file = file
+      @api = api
+    end
+
+    def binding
+      api.instance_eval { binding }
+    end
+
+    def render
+      erb = ERB.new(File.read(@file), nil, '-')
+      erb.result(binding)
+    rescue => e
+      error "while rendering erb file #{@file}"
+    end
+
+  end
+end

data/lib/ec2/error.rb

@@ -0,0 +1,4 @@
+module Ec2
+  class Error < StandardError
+  end 
+end

data/lib/ec2/ext/string.rb

@@ -0,0 +1,33 @@
+class String
+  def colorize(color_code)
+    "\e[#{color_code}m#{self}\e[0m"
+  end 
+
+  def bold
+    "\e[1m#{self}\e[0m"
+  end 
+  
+  def white
+    colorize(37)
+  end 
+
+  def green
+    colorize(32)
+  end 
+
+  def yellow
+    colorize(33)
+  end 
+
+  def red 
+    colorize(31)
+  end 
+
+  def blue
+    colorize(34)
+  end 
+
+  def grey
+    colorize("90")
+  end 
+end

data/lib/ec2/helper.rb

@@ -0,0 +1,9 @@
+require 'ec2/error'
+
+module Ec2
+  module Helper
+    def error(msg)
+      raise ::Ec2::Error, msg
+    end 
+  end
+end

data/lib/ec2/lock.rb

@@ -0,0 +1,19 @@
+require 'ec2/logger'
+module Ec2
+  class Lock
+
+    include Logger
+
+    def acquire
+      logger.debug "acquiring lock"
+      lock_acquired = lock_file.flock(File::LOCK_NB | File::LOCK_EX)
+      raise "exclusive lock not available" if not lock_acquired
+    end
+
+    def lock_file
+      @lock_file ||= File.open(".ec2.lock", "a+")
+    end
+
+  end
+end
+

data/lib/ec2/logger.rb

@@ -0,0 +1,27 @@
+require 'logger'
+require 'ec2/custom_logger'
+module Ec2
+  module Logger
+    
+    def self.logger
+      @logger ||= CustomLogger.new(STDOUT)
+    end 
+
+    def self.stderr
+      @stderr ||= ::Logger.new(STDERR)
+    end 
+
+    def logger
+      ::Ec2::Logger.logger
+    end 
+
+    def stderr
+      ::Ec2::Logger.stderr
+    end 
+
+    def debug?
+      logger.level == ::Logger::DEBUG
+    end
+
+  end 
+end

data/lib/ec2/profile.rb

@@ -0,0 +1,92 @@
+require 'yaml'
+require 'ec2/logger'
+require 'ec2/helper'
+require 'json'
+
+module Ec2
+  class Profile
+
+    include Logger
+    include Helper
+
+    attr_reader :api, :data
+
+    def initialize(api: nil, data: nil)
+      @data = deep_copy(data) || {}
+      @api = api
+      init_network
+    end
+
+    def create(transform: true, &block)
+      instance_eval &block
+      transform_name_to_id if transform
+    end
+
+    def init_network
+      return if @data['network_interfaces'].is_a? Array
+      @data['network_interfaces'] = [
+        {
+          "DeviceIndex" => 0,
+          "AssociatePublicIpAddress" => true,
+          "SecurityGroupId" => []
+         }
+      ]
+    end
+
+    def extends(value)
+      @data.store "extends", value
+    end
+
+    def size(value)
+      @data.store "size", value
+    end
+    
+    def security_group(name, interface: 0)
+      @data["network_interfaces"][interface]["SecurityGroupId"] << name
+    end
+
+    def subnet(name, interface: 0)
+      @data["network_interfaces"][interface]["SubnetId"] = name
+    end
+
+    def security_groups(*names, interface: 0)
+      names.each { |name| security_group name, interface: interface }
+    end
+
+    def volume(device:, type: "gp2", size:)
+      @data["volumes"] ||= []
+      volumes = @data["volumes"]
+      volume = {
+        "device" => device,
+        "type" => type,
+        "size" => size
+      }
+      existing_volume = volumes.find { |v| v["device"] == device }
+      if existing_volume
+        existing_volume.merge! volume
+      else
+        volumes << volume
+      end
+    end
+
+    private
+
+    def deep_copy(hash)
+      return nil if not hash.is_a? Hash
+      Marshal.load(Marshal.dump hash)
+    end
+
+
+    def transform_name_to_id
+      @data["network_interfaces"].each do |n|
+        n["SubnetId"] = api.subnet(n["SubnetId"])
+        security_groups = n["SecurityGroupId"]
+
+        security_groups.each_with_index do |name, i|
+          logger.debug "resolving security_group #{name}"
+          security_groups[i] = api.security_group(name)
+        end
+      end
+    end
+  end
+end

data/lib/ec2/profile_dsl.rb

@@ -0,0 +1,96 @@
+require 'yaml'
+require 'ec2/logger'
+require 'ec2/helper'
+require 'ec2/profile'
+require 'set'
+
+module Ec2
+  class ProfileDsl
+
+    include Logger
+    include Helper
+
+    attr_reader :api
+
+    def initialize(file, api:)
+      @file = file
+      @profiles = {}
+      @api = api
+      @templates = {}
+      @availability_zones = ["a", "b"]
+      @required = Set.new
+    end
+
+    def use(*templates)
+      templates.each do |t|
+        t = t.to_s
+        mprofile(t, template: t){}
+      end
+    end
+
+    def template(name, &block)
+      profile = Profile.new(api: api)
+      profile.extends(@base_profile) if @base_profile
+      profile.create(transform: false, &block)
+      @templates[name] = profile.data
+      @templates[name].freeze
+    end
+
+    def mprofile(name, template: nil, &block)
+      data = @templates.fetch template if template
+      @availability_zones.each do |az|
+        profile = Profile.new(data: data, api: api)
+        profile.extends(@base_profile) if @base_profile
+        profile.subnet("#{@base_subnet}-#{az}")
+        profile.create &block
+        profile_name = "#{name}-#{az}"
+        profile.data.freeze
+        @profiles[profile_name] = profile.data
+      end
+    end
+
+    def profile(name, template: nil, &block)
+      data = @templates.fetch template if template
+      profile = Profile.new(data: data, api: api)
+      profile.extends(@base_profile) if @base_profile
+      profile.create &block
+      profile.data.freeze
+      @profiles[name] = profile.data
+    end
+
+    def base_profile(name)
+      @base_profile = name
+    end
+
+    def base_subnet(name)
+      @base_subnet = name
+    end
+
+    def availability_zones(*zones)
+      @availability_zones = zones
+    end
+
+    def render
+      if not File.readable? @file
+        logger.info "#{@file} not readable"
+        return
+      end
+      instance_eval(File.read(@file), @file)
+      YAML.dump @profiles
+    rescue NoMethodError => e
+      error "invalid option used in profiles config: #{e.name}"
+    end
+
+    def vpc_id(vpc_id)
+      @vpc_id = vpc_id
+    end
+
+    def import(path)
+      abs_path = File.realpath path
+      return if @required.include? abs_path
+      instance_eval((File.read abs_path), abs_path)
+      @required << abs_path
+    end
+
+  end
+end

data/lib/ec2/query_api.rb

@@ -0,0 +1,35 @@
+require 'ec2/helper'
+require 'ec2/security_group'
+require 'ec2/subnet'
+
+module Ec2
+  class QueryApi
+
+    include Helper
+
+    def initialize(vpc_id: nil)
+      @vpc_id = vpc_id
+    end
+
+    def security_group(name)
+      security_group = SecurityGroup.new(name, vpc_id: @vpc_id)
+      sg_cache[name] ||= security_group.id!
+    end
+
+    def subnet(name)
+      subnet = Subnet.new(name, vpc_id: @vpc_id)
+      subnet_cache[name] ||= subnet.id!
+    end
+
+    private
+
+    def sg_cache
+      @sg_cache ||= {}
+    end
+
+    def subnet_cache
+      @subnet_cache ||= {}
+    end
+
+  end
+end

data/lib/ec2/resources.rb

@@ -0,0 +1,30 @@
+require 'ec2/security_group'
+require 'ec2/subnet'
+module Ec2
+  class Resources
+
+
+    def initialize(file)
+      @file = file
+    end
+
+    def vpc_id(vpc_id)
+      @vpc_id = vpc_id
+    end
+
+    def security_group(name, &block)
+      sg = SecurityGroup.new(name, vpc_id: @vpc_id)
+      sg.created &block
+    end
+
+    def subnet(name, &block)
+      subnet = Subnet.new(name, vpc_id: @vpc_id)
+      subnet.created &block
+    end
+
+    def apply
+      instance_eval(File.read(@file), @file)
+    end
+
+  end
+end

data/lib/ec2/salt_cloud.rb

@@ -0,0 +1,112 @@
+require 'fileutils'
+require 'pathname'
+require 'aws-sdk'
+
+require 'ec2/query_api'
+require 'ec2/profile_dsl'
+require 'ec2/erb_profile'
+require 'ec2/logger'
+
+module Ec2
+  class SaltCloud
+
+    include Logger
+    attr_writer :hosts_file
+    attr_accessor :config
+
+    def initialize
+    end
+
+    def run
+      init_working_dir
+      copy_providers
+      copy_profiles
+      copy_master_config
+      copy_deploy_scripts
+      init_aws
+      render_global_profiles
+      render_local_profile
+      run_salt_cloud
+    end
+
+    private
+
+    def init_aws
+      credentials = Aws::Credentials.new(config[:aws_key], config[:aws_secret])
+      Aws.config[:credentials] = credentials
+      Aws.config[:region] = config[:region]
+    end
+
+    def api
+      @api ||= QueryApi.new(vpc_id: config[:vpc_id])
+    end
+
+    def working_dir
+      @working_dir ||= ".salt.tmp"
+    end
+
+    def hosts_file
+      @hosts_file ||= "hosts"
+    end 
+
+    def init_working_dir
+      FileUtils.rm_r working_dir if File.directory? working_dir
+      FileUtils.mkdir_p "#{working_dir}/cloud.profiles.d"
+    end
+
+    def copy_providers
+      return if not File.directory? "/etc/salt/cloud.providers.d"
+      FileUtils.cp_r "/etc/salt/cloud.providers.d", working_dir
+    end
+
+    def copy_profiles
+      return if not File.directory? "/etc/salt/cloud.profiles.d"
+      Dir["/etc/salt/cloud.profiles.d/*.conf"].each do |f|
+        path = Pathname.new f
+        FileUtils.cp path, "#{working_dir}/cloud.profiles.d/_#{path.basename}"
+      end
+    end
+
+    def copy_master_config
+      FileUtils.cp "/etc/salt/master", working_dir
+    end
+
+    def copy_deploy_scripts
+      return if not File.directory? "/etc/salt/cloud.deploy.d"
+      FileUtils.cp_r "/etc/salt/cloud.deploy.d", working_dir
+    end
+
+    def render_global_profiles
+      Dir["/etc/salt/cloud.profiles.d/*.erb"].each do |f|
+        render(f, prefix: "_")
+      end
+    end
+
+    def render_local_profile
+      local_profile = ["profiles.rb", "profiles.erb"].find { |f| File.readable? f }
+      render(local_profile) if local_profile
+    end
+
+    def render(path, prefix: nil)
+      extname = File.extname path
+      name = File.basename(path, extname)
+      outfile = "#{working_dir}/cloud.profiles.d/#{prefix}#{name}.conf"
+      case extname
+      when ".rb"
+        profile_dsl = ProfileDsl.new(path, api: api)
+        File.open(outfile, "w") { |f| f.write profile_dsl.render }
+      when ".erb"
+        erb = ErbProfile.new(path, api: api)
+        File.open(outfile, "w") { |f| f.write erb.render } 
+      end
+    end
+    
+    def run_salt_cloud
+      logger.debug "running salt cloud"
+      command =  %Q( salt-cloud -m #{hosts_file} -c #{working_dir} )
+      command << " -l debug" if logger.trace?
+      system command
+    end
+
+  end
+end

data/lib/ec2/security_group.rb

@@ -0,0 +1,196 @@
+require 'ec2/helper'
+require 'ec2/logger'
+require 'aws-sdk'
+require 'set'
+
+module Ec2
+  class SecurityGroup
+
+    include Helper
+    include Logger
+    attr_reader :desired_permissions
+
+    def initialize(name, vpc_id: nil)
+      error "vpc_id not specified for security group" if not vpc_id
+      @vpc_id = vpc_id.to_s
+      @name = name
+      @dry_run = false
+    end
+
+    def id
+      return @id unless @id.nil?
+      @id = load_id
+    end
+
+    def description(description)
+      @description = description
+    end
+
+    def id!
+      error "specified security_group #{@name} doesn't exist in vpc #{@vpc_id}" if not exists?
+      id
+    end
+
+    def created(&block)
+      clear_vars
+      instance_eval &block
+      create if not exists?
+      sync
+    end
+
+    private
+
+    def sg
+      @sg ||= ::Aws::EC2::SecurityGroup.new(id)
+    end
+
+    def create
+      resp = ec2.create_security_group(
+        group_name: @name, 
+        description: @description,
+        vpc_id: @vpc_id
+      )
+      @id = resp.group_id
+      logger.info "(#{@name}) created security group" 
+    rescue Aws::Errors::ServiceError, ArgumentError
+      error "while creating security_group #{@name}"
+    end
+
+    def load_id
+      filters = []
+      filters << { name: "group-name", values: [@name.to_s] }
+      filters << vpc_filter
+      result = ec2.describe_security_groups(filters: filters)
+      if result.security_groups.size == 1
+        return result.security_groups.first.group_id
+      else
+        return false
+      end
+    end
+
+    def exists?
+      id
+    end
+
+    def vpc_filter
+      { name: "vpc-id", values: [@vpc_id.to_s] } 
+    end
+
+    def outbound(&block)
+      @outbound = true
+      instance_eval &block 
+    ensure
+      @outbound = false
+    end
+
+    def parse_ports(port)
+      if port.is_a? Integer
+        return port, port
+      elsif port =~ /\A([0-9]+)\z/
+        return $1.to_i, $1.to_i
+      elsif port =~ /\A([0-9]+)\-([0-9]+)\z/
+        return $1.to_i, $2.to_i
+      else
+        error "invalid port specified #{port}"
+      end
+    end
+
+    def tcp(port, **args)
+      (from_port, to_port) = parse_ports(port)
+      rule(ip_protocol: "tcp", from_port: from_port, to_port: to_port, **args)
+    end
+
+    def udp(port, **args)
+      (from_port, to_port) = parse_ports(port)
+      rule(ip_protocol: "udp", from_port: from_port, to_port: to_port, **args)
+    end
+
+    def icmp(**args)
+      rule(ip_protocol: "icmp", from_port: -1, to_port: -1, **args)
+    end
+
+    def rule(ip_protocol: nil, from_port: nil, to_port: nil, cidr_ip: nil)
+      options = {
+        ip_protocol: ip_protocol,
+        from_port: from_port,
+        to_port: to_port,
+        cidr_ip: cidr_ip
+      }
+      if not @outbound
+        @desired_permissions ||= Set.new
+        @desired_permissions << options
+      end
+    end
+
+    def current_permissions
+      @current_permissions ||= begin
+        permissions = Set.new 
+        sg.ip_permissions.each do |permission|
+          rules = permission_to_rules(permission)
+          rules.each { |r| permissions << r }
+        end
+        permissions
+      end
+    end
+
+    def diff(current, desired)
+      to_add = desired - current
+      to_remove = current - desired
+      s = Struct.new(:to_add, :to_remove)
+      s.new(to_add, to_remove)
+    end
+
+    def sync
+      ingress_diff.to_add.each { |r| authorize_ingress r }
+      ingress_diff.to_remove.each { |r| revoke_ingress r }
+    end
+
+
+    def authorize_ingress(rule)
+      sg.authorize_ingress rule if not @dry_run
+      logger.info "(#{@name}) #{"+".green.bold} allow #{rule[:cidr_ip]} #{rule[:from_port]}-#{rule[:to_port]}"
+    rescue Aws::Errors::ServiceError
+      error "error authorizing rule #{rule}"
+    end
+
+    def revoke_ingress(rule)
+      sg.revoke_ingress rule if not @dry_run
+      logger.info "(#{@name}) #{"-".red.bold} allow #{rule[:cidr_ip]} #{rule[:from_port]}-#{rule[:to_port]}"
+    end
+
+    def ingress_diff
+      @ingress_diff ||= diff(current_permissions, desired_permissions)
+    end
+
+    def clear_vars
+      @desired_permissions = nil
+      @current_permissions = nil
+      @ingress_diff = nil
+    end
+
+    def permission_to_rules(permission)
+      rules = Set.new
+      permission.ip_ranges.each do |r|
+        rule = {
+          ip_protocol: permission.ip_protocol,
+          from_port: permission.from_port,
+          to_port: permission.to_port,
+          cidr_ip: r.cidr_ip
+        }
+        rules << rule
+      end
+      rules
+    end
+
+    def ec2
+      @ec2 ||= begin
+        if @region
+          Aws::EC2::Client.new(region: @region)
+        else
+          Aws::EC2::Client.new
+        end
+      end
+    end
+
+  end
+end

data/lib/ec2/subnet.rb

@@ -0,0 +1,105 @@
+require 'ec2/helper'
+require 'ec2/logger'
+module Ec2
+  class Subnet
+
+    include Helper
+    include Logger
+
+    def initialize(name, vpc_id: nil)
+      error "vpc_id not specified for subnet" if not vpc_id
+      @vpc_id = vpc_id.to_s
+      @name = name.to_s
+    end
+
+    def id!
+      load_id if not @id
+      error "specified subnet #{@name} doesn't exist in vpc #{@vpc_id}" if not exists?
+      @id
+    end
+
+    def created(&block)
+      instance_eval &block
+      load_id using_cidr: true
+      if exists?
+        tag if not tagged?
+        verify
+      else
+        create
+        tag
+      end
+    end
+
+    private
+
+    def subnet
+      @subnet ||= ::Aws::EC2::Subnet.new(@id)
+    end
+
+    def create
+      resp = ec2.create_subnet(
+        vpc_id: @vpc_id,
+        cidr_block: @cidr,
+        availability_zone: @availability_zone
+      )
+      @id = resp.subnet.subnet_id
+      logger.info "(#{@name}) created subnet: #{@cidr}" 
+    rescue Aws::Errors::ServiceError, ArgumentError
+      error "while creating subnet #{@name}"
+    end
+
+    def tag
+      subnet.create_tags(
+        tags: [ { key: "Name", value: @name } ]
+      )
+      subnet.load
+    end
+
+    def tagged?
+      subnet.tags.any? { |tag| tag.key == "Name"}
+    end
+
+    def verify
+      name_tag = subnet.tags.find { |tag| tag.key == "Name" }.value
+      error "availability zone mismatch for subnet #{@name}" if subnet.availability_zone != @availability_zone
+      error "subnet #{@name} already tagged with another name #{name_tag}" if @name != name_tag
+    end
+
+    def cidr(cidr)
+      @cidr = cidr
+    end
+
+    def availability_zone(availability_zone)
+      @availability_zone = availability_zone
+    end
+
+    alias_method :az, :availability_zone
+
+
+    def load_id(using_cidr: false)
+      filters = []
+      
+      if using_cidr
+        filters << { name: "cidr", values: [@cidr.to_s] }
+      else
+        filters << { name: "tag:Name", values: [@name.to_s] }
+      end
+
+      filters << { name: "vpc-id", values: [@vpc_id.to_s] }
+      result = ec2.describe_subnets(filters: filters)
+      error "mulitple subnets found with name #{@name}" if result.subnets.size > 1
+      @id = result.subnets.first.subnet_id if result.subnets.size == 1
+    end
+
+    def exists?
+      @id
+    end
+ 
+    def ec2
+      @ec2 ||= begin
+        @region ? Aws::EC2::Client.new(region: @region) : Aws::EC2::Client.new
+      end
+    end
+
+  end
+end

data/lib/ec2/version.rb

@@ -0,0 +1,3 @@
+module Ec2
+  VERSION = "0.0.4"
+end

data/lib/ec2.rb

@@ -0,0 +1,5 @@
+require "ec2/version"
+
+module Ec2
+  # Your code goes here...
+end

metadata

@@ -0,0 +1,117 @@
+--- !ruby/object:Gem::Specification
+name: ec2
+version: !ruby/object:Gem::Version
+  version: 0.0.4
+platform: ruby
+authors:
+- Neeraj Bhunwal
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-07-31 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: aws-sdk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.0.23
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.0.23
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: Integrates ec2 resources with salt
+email:
+- neeraj.bhunwal@gmail.com
+executables:
+- ec2
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/ec2
+- dev_bin/ec2
+- ec2.gemspec
+- examples/profiles.rb
+- examples/templates.rb
+- examples/test.rb
+- lib/ec2.rb
+- lib/ec2/cli/hosts.rb
+- lib/ec2/cli/resources.rb
+- lib/ec2/config.rb
+- lib/ec2/custom_logger.rb
+- lib/ec2/erb_profile.rb
+- lib/ec2/error.rb
+- lib/ec2/ext/string.rb
+- lib/ec2/helper.rb
+- lib/ec2/lock.rb
+- lib/ec2/logger.rb
+- lib/ec2/profile.rb
+- lib/ec2/profile_dsl.rb
+- lib/ec2/query_api.rb
+- lib/ec2/resources.rb
+- lib/ec2/salt_cloud.rb
+- lib/ec2/security_group.rb
+- lib/ec2/subnet.rb
+- lib/ec2/version.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.14
+signing_key: 
+specification_version: 4
+summary: Integrates ec2 resources with salt
+test_files: []