ecs_deployer 0.1.10 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +45 -3
  3. data/ecs_deployer.gemspec +1 -0
  4. data/example/sample.rb +2 -2
  5. data/lib/ecs_deployer.rb +1 -0
  6. data/lib/ecs_deployer/cli.rb +49 -3
  7. data/lib/ecs_deployer/client.rb +42 -18
  8. data/lib/ecs_deployer/version.rb +1 -1
  9. metadata +16 -3
  10. data/example/fixtures/task.yml +0 -20
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7389166ccf5aedfa60a4274b67ecc8e2a0e3faa7
4
- data.tar.gz: 9c226a64f7c98e0cdba90a18e5256f948a7c69a0
3
+ metadata.gz: f39f6fb29ced22c5963b3de48db83c401289d556
4
+ data.tar.gz: 6088d0a59625590d39742ab54898427ca51150a7
5
5
  SHA512:
6
- metadata.gz: 5a8af3bf684b549e10b389c413e6d6eb3b2c54f6747420f6604791b4a1a162601067efca5f2c4ea41f0c78bcec5c07674187eec1b215a8377a9276a3b42bd798
7
- data.tar.gz: 93d9eb11c24d830b3cb7949e334f66f4b0f728afe152c9e5fb7861a9790f8b8428e76b2e66b97603984c44b612894d5ac23308361dd14227db5a2322aefba55a
6
+ metadata.gz: 33720d4303bc71e4b47ab5ee364513a323a3c847399e19ef3a6a734724a0d9bb43f193723e64b76516b81087e32a5c1f67524f7a92a853c2f82500abaf896371
7
+ data.tar.gz: adcea48cfb981cc8743105667bb48cdfb285e763ba84c40290d402c8aeb6283d296c0e86b14d69f41e57d7d9b53724c781bf0a3e163ef28828da75f91b5bcf62
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # EcsDeployer
2
2
 
3
- This package provides the service deployment function of ECS.
3
+ This package provides service deployment function of ECS.
4
4
 
5
5
  ## Installation
6
6
 
@@ -22,7 +22,6 @@ Or install it yourself as:
22
22
 
23
23
  Write task definition in YAML format.
24
24
  For available parameters see [Task Definition Parameters](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html).
25
- The sample file is in `example/fixtures/task.yml`.
26
25
 
27
26
  ```
28
27
  container_definitions:
@@ -47,10 +46,53 @@ container_definitions:
47
46
  family: hello_world
48
47
  ```
49
48
 
50
- ## Usage
49
+ ### Encrypt of environment variables
50
+
51
+ `environment` parameter supports KMS encrypted values.
52
+ Encrypted values must be enclosed in `${XXX}`.
53
+
54
+ ```
55
+ - environment:
56
+ - name: MYSQL_ROOT_PASSWORD
57
+ value: ${fiSAIfIFxd...}
58
+ ```
59
+
60
+ Values are decrypted when task is created.
61
+
62
+ ## Usage (API)
63
+
64
+ This sample file is in `example/fixtures/task.yml`.
51
65
 
52
66
  ```
53
67
  ecs_deployer = EcsDeployer::Client.new
54
68
  ecs_deployer.register_task('development.yml')
55
69
  ecs_deployer.update_service('cluster', 'development')
56
70
  ```
71
+
72
+ ## Usage (CLI)
73
+
74
+ ### Register a new task
75
+
76
+ ```
77
+ $ bundle exec ecs_deployer task-register --path=example/fixtures/task.yml
78
+ ```
79
+
80
+ ### Encrypt environment value
81
+
82
+ ```
83
+ $ bundle exec ecs_deployer encrypt --master-key=master --value='test'
84
+ Encrypted value: ${xxx}
85
+ ```
86
+
87
+ ### Decrypt encironment value
88
+
89
+ ```
90
+ $ bundle exec ecs_deployer decrypt --value='${xxx}'
91
+ Decrypted value: xxx
92
+ ```
93
+
94
+ ### Update a service
95
+
96
+ ```
97
+ $ bundle exec ecs_deployer update-service --cluster=xxx --service=xxx --wait --timeout=600
98
+ ```
data/ecs_deployer.gemspec CHANGED
@@ -34,6 +34,7 @@ Gem::Specification.new do |spec|
34
34
  spec.add_dependency "thor"
35
35
  spec.add_dependency "aws-sdk"
36
36
  spec.add_dependency "aws_config"
37
+ spec.add_dependency "json_spec"
37
38
  spec.add_development_dependency "bundler", "~> 1.14"
38
39
  spec.add_development_dependency "rake", "~> 10.0"
39
40
  spec.add_development_dependency "rspec", "~> 3.0"
data/example/sample.rb CHANGED
@@ -1,8 +1,8 @@
1
1
  require 'bundler/setup'
2
2
  require 'ecs_deployer'
3
3
 
4
- task_path = File.expand_path('./fixtures/task.yml', File.dirname(File.realpath(__FILE__)))
4
+ path = File.expand_path('../spec/fixtures/task.yml', File.dirname(File.realpath(__FILE__)))
5
5
 
6
6
  deployer = EcsDeployer::Client.new
7
- deployer.register_task(task_path)
7
+ deployer.register_task(path)
8
8
  #deployer.update_service('sandbox', 'production')
data/lib/ecs_deployer.rb CHANGED
@@ -7,6 +7,7 @@ module EcsDeployer
7
7
  class ServiceNotFoundError < EcsDeployer::Error; end
8
8
  class TaskNotFoundError < EcsDeployer::Error; end
9
9
  class TaskDefinitionValidateError < EcsDeployer::Error; end
10
+ class KmsEncryptError < EcsDeployer::Error; end
10
11
  class KmsDecryptError < EcsDeployer::Error; end
11
12
  class DeployTimeoutError < EcsDeployer::Error; end
12
13
  end
data/lib/ecs_deployer/cli.rb CHANGED
@@ -2,9 +2,55 @@ require 'thor'
2
2
 
3
3
  module EcsDeployer
4
4
  class CLI < Thor
5
- desc 'hello', 'world'
6
- def update
7
- puts 'hello'
5
+ class_option :profile, type: :string
6
+ class_option :region, type: :string
7
+
8
+ def initialize(*args)
9
+ super
10
+
11
+ aws_options = {}
12
+ aws_options[:profile] = options[:profile] if options[:profile]
13
+ aws_options[:region] = options[:region] if options[:region]
14
+
15
+ @deployer = EcsDeployer::Client.new(aws_options)
16
+ end
17
+
18
+ desc 'task_register', 'Create new task definition'
19
+ option :path, required: true
20
+ def task_register
21
+ path = File.expand_path(options[:path], Dir.pwd)
22
+ result = @deployer.register_task(path)
23
+
24
+ puts "Registered task: #{result}"
25
+ end
26
+
27
+ desc 'update_service', 'Update service difinition.'
28
+ option :cluster, required: true
29
+ option :service, required: true
30
+ option :wait, type: :boolean, default: true
31
+ option :timeout, type: :numeric, default: EcsDeployer::Client::DEPLOY_TIMEOUT
32
+ def update_service
33
+ result = @deployer.update_service(
34
+ options[:cluster],
35
+ options[:service],
36
+ options[:wait],
37
+ options[:timeout]
38
+ )
39
+
40
+ puts "Update service: #{result}"
41
+ end
42
+
43
+ desc 'encrypt', 'Encrypt value of argument with KMS.'
44
+ option :master_key, required: true
45
+ option :value, required: true
46
+ def encrypt
47
+ puts "Encrypted value: #{@deployer.encrypt(options[:master_key], options[:value])}"
48
+ end
49
+
50
+ desc 'encrypt', 'Decrypt value of argument with KMS.'
51
+ option :value, required: true
52
+ def decrypt
53
+ puts "Decrypted value: #{@deployer.decrypt(options[:value])}"
8
54
  end
9
55
  end
10
56
  end
data/lib/ecs_deployer/client.rb CHANGED
@@ -6,26 +6,52 @@ require 'runtime_command'
6
6
  module EcsDeployer
7
7
  class Client
8
8
  PAULING_INTERVAL = 20
9
+ DEPLOY_TIMEOUT = 600
10
+ ENCRYPT_PATTERN = /^\${(.+)}$/
9
11
 
10
12
  attr_reader :cli
11
13
 
12
- # @param [Hash] options
13
- # @option options [String] :profile
14
- # @option options [String] :region
14
+ # @param [Hash] aws_options
15
+ # @option aws_options [String] :profile
16
+ # @option aws_options [String] :region
15
17
  # @return [EcsDeployer::Client]
16
- def initialize(options = {})
18
+ def initialize(aws_options = {})
17
19
  @command = RuntimeCommand::Builder.new
18
- @family = ''
19
- @revision = ''
20
- @new_task_definition_arn = ''
21
- @cli = Aws::ECS::Client.new(options)
22
- @kms = Aws::KMS::Client.new(options)
20
+ @cli = Aws::ECS::Client.new(aws_options)
21
+ @kms = Aws::KMS::Client.new(aws_options)
22
+ end
23
+
24
+ # @param [String] mater_key
25
+ # @param [String] value
26
+ # @return [String]
27
+ def encrypt(master_key, value)
28
+ begin
29
+ encode = @kms.encrypt(key_id: "alias/#{master_key}", plaintext: value)
30
+ "${#{Base64.strict_encode64(encode.ciphertext_blob)}}"
31
+ rescue => e
32
+ raise KmsEncryptError.new(e.to_s)
33
+ end
34
+ end
35
+
36
+ # @param [String] value
37
+ # @return [String]
38
+ def decrypt(value)
39
+ if match = value.match(ENCRYPT_PATTERN)
40
+ begin
41
+ @kms.decrypt(ciphertext_blob: Base64.strict_decode64(match[1])).plaintext
42
+ rescue => e
43
+ raise KmsDecryptError.new(e.to_s)
44
+ end
45
+ else
46
+ raise KmsDecryptError.new('Encrypted string is invalid.')
47
+ end
23
48
  end
24
49
 
25
50
  # @param [String] path
26
51
  # @return [String]
27
52
  def register_task(path)
28
53
  raise IOError.new("File does not exist. [#{path}]") if !File.exist?(path)
54
+
29
55
  register_task_hash(YAML.load(File.read(path)))
30
56
  end
31
57
 
@@ -76,15 +102,17 @@ module EcsDeployer
76
102
  # @param [String] cluster
77
103
  # @param [String] service
78
104
  # @param [Fixnum] timeout
79
- def update_service(cluster, service, wait = true, timeout = 600)
80
- register_clone_task(cluster, service) if @new_task_definition_arn.empty?
105
+ # @return [String]
106
+ def update_service(cluster, service, wait = true, timeout = DEPLOY_TIMEOUT)
107
+ register_clone_task(cluster, service) if @new_task_definition_arn.nil?
81
108
 
82
- @cli.update_service({
109
+ result = @cli.update_service({
83
110
  cluster: cluster,
84
111
  service: service,
85
112
  task_definition: @family + ':' + @revision.to_s
86
113
  })
87
114
  wait_for_deploy(cluster, service, timeout) if wait
115
+ result.service.service_arn
88
116
  end
89
117
 
90
118
  private
@@ -95,12 +123,8 @@ module EcsDeployer
95
123
  next unless container_definition.has_key?(:environment)
96
124
 
97
125
  container_definition[:environment].each do |environment|
98
- if match = environment[:value].match(/^\${(.+)}$/)
99
- begin
100
- environment[:value] = @kms.decrypt(ciphertext_blob: Base64.strict_decode64(match[1])).plaintext
101
- rescue => e
102
- raise KmsDecryptError.new(e.to_s)
103
- end
126
+ if match = environment[:value].match(ENCRYPT_PATTERN)
127
+ environment[:value] = decrypt(match[0])
104
128
  end
105
129
  end
106
130
  end
data/lib/ecs_deployer/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EcsDeployer
2
- VERSION = "0.1.10"
2
+ VERSION = "0.1.11"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ecs_deployer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.10
4
+ version: 0.1.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - naomichi-y
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-03-10 00:00:00.000000000 Z
11
+ date: 2017-03-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: runtime_command
@@ -80,6 +80,20 @@ dependencies:
80
80
  - - ">="
81
81
  - !ruby/object:Gem::Version
82
82
  version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: json_spec
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
83
97
  - !ruby/object:Gem::Dependency
84
98
  name: bundler
85
99
  requirement: !ruby/object:Gem::Requirement
@@ -139,7 +153,6 @@ files:
139
153
  - bin/console
140
154
  - bin/setup
141
155
  - ecs_deployer.gemspec
142
- - example/fixtures/task.yml
143
156
  - example/sample.rb
144
157
  - exe/ecs_deployer
145
158
  - lib/ecs_deployer.rb
data/example/fixtures/task.yml DELETED
@@ -1,20 +0,0 @@
1
- container_definitions:
2
- - name: wordpress
3
- links:
4
- - mysql
5
- image: wordpress
6
- essential: true
7
- port_mappings:
8
- - container_port: 80
9
- host_port: 80
10
- memory: 500
11
- cpu: 10
12
- - environment:
13
- - name: MYSQL_ROOT_PASSWORD
14
- value: password
15
- name: mysql
16
- image: mysql
17
- cpu: 10
18
- memory: 500
19
- essential: true
20
- family: hello_world