firespring_dev_commands 1.4.4 → 1.5.0.pre.alpha.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 35c3ded1d9447a6d6e2867a9ab430f75329391ce29e634b92d22202216898cee
-  data.tar.gz: cab9bd35fbc64bca310156f6b91ab9c4500c3aca29453a40064768b094aa68f0
+  metadata.gz: ea3652c102b7a6ec3395c7b524db518655b574a6050d8f740f2c20daedf63aed
+  data.tar.gz: 162e4aa151f14b901b7fcfea1c2b8e3cb1b20ab3de2d9102d00a35b0754e5773
 SHA512:
-  metadata.gz: 18b2a90783750ba4417c78d9da0e6b1830585791bbbb2f0709d1c0542d64db5a5be08122ee1f2742acbb87c5fed8c28f70dd40f9d3b7f1f2999ed0e9bf40bd77
-  data.tar.gz: a2f4eed55a1c3c79a595a30fa496e0679e2924f7b3f40244c206bac4120175408bf3d75f55496f73f5f4eee35bd070abcc0bf794298fdaaac05c0ed8664a2035
+  metadata.gz: 724282fb3154de07595863a899f29b1ffeea0e5fda1d3d2aa5fb31fd3e17f57bfbc0e9baaf534c4a0e259b8b95b051ba05b6d7072d1cdd4bc544799f665e519a
+  data.tar.gz: b60bf002f396a052f0814838940dcb441d95c263a4001bdbdcd18878d0d1a8ee0b7f1a8b5b4026ce43664a92666ab93b23a27e0d9d765669f827171c377d4d3d

data/lib/firespring_dev_commands/aws/account.rb

@@ -3,14 +3,13 @@ module Dev
     # Class containing useful methods for interacting with the Aws account
     class Account
       # Config object for setting top level Aws account config options
-      # TODO: registry is deprecated and should be removed on the next major release
-      Config = Struct.new(:root, :children, :default, :registry, :ecr_registry_ids, :login_to_account_ecr_registry)
+      Config = Struct.new(:root, :children, :default, :registry, :default_login_role_name)
 
       # Instantiates a new top level config object if one hasn't already been created
       # Yields that config object to any given block
       # Returns the resulting config object
       def self.config
-        @config ||= Config.new
+        @config ||= Config.new(default_login_role_name: Dev::Aws::DEFAULT_LOGIN_ROLE_NAME)
         yield(@config) if block_given?
         @config
       end
@@ -23,8 +22,7 @@ module Dev
       # The name of the file containing the Aws settings
       CONFIG_FILE = "#{Dev::Aws::CONFIG_DIR}/config".freeze
 
-      # TODO: registry is deprecated and should be removed on the next major release
-      attr_accessor :root, :children, :default, :registry, :ecr_registry_ids
+      attr_accessor :root, :children, :default, :registry
 
       # Instantiate an account object
       # Requires that root account and at least one child account have been configured
@@ -37,13 +35,7 @@ module Dev
         @root = self.class.config.root
         @children = self.class.config.children
         @default = self.class.config.default
-
-        # Create the ecr registry list based off several possible configuration values
-        @ecr_registry_ids = [self.class.config.registry]
-        @ecr_registry_ids << Dev::Aws::Profile.new.current if self.class.config.login_to_account_ecr_registry
-        @ecr_registry_ids.concat(Array(self.class.config.ecr_registry_ids))
-        @ecr_registry_ids = @ecr_registry_ids.flatten.compact.reject(&:empty?).uniq
-        @registry = @ecr_registry_ids.first
+        @registry = self.class.config.registry
       end
 
       # Returns all configured account information objects
@@ -63,7 +55,7 @@ module Dev
 
       # Look up the account name for the given account id
       def name_by_account(account)
-        all.find { |it| it.id == account }&.name
+        all.find { |it| it.id == account }.name
       end
 
       # Setup base Aws settings
@@ -81,8 +73,13 @@ module Dev
         region_default = defaultini['region'] || ENV['AWS_DEFAULT_REGION'] || Dev::Aws::DEFAULT_REGION
         defaultini['region'] = Dev::Common.new.ask('Default region name', region_default)
 
-        mfa_default = defaultini['mfa_serial'] || ENV['AWS_MFA_ARN'] || "arn:aws:iam::#{root.id}:mfa/#{ENV.fetch('USERNAME', nil)}"
-        defaultini['mfa_serial'] = Dev::Common.new.ask('Default mfa arn', mfa_default)
+        # NOTE: We had an old config for "mfa_serial" which included the entire arn. We deprecated that config since
+        #       it made it much more difficult to switch between different root accounts.
+        mfa_name_default = defaultini['mfa_serial']&.split(%r{mfa/})&.last || ENV['AWS_MFA_ARN']&.split(%r{mfa/})&.last || ENV.fetch('USERNAME', nil)
+        defaultini['mfa_serial_name'] = Dev::Common.new.ask('Default mfa name', mfa_name_default)
+        # TODO: Eventually, we should delete the mfa_serial entry from the config. Leaving it for now because some projects
+        #       may be using older versions of the dev_commands library
+        # defaultini.delete('mfa_serial')
 
         session_name_default = defaultini['role_session_name'] || "#{ENV.fetch('USERNAME', nil)}_cli"
         defaultini['role_session_name'] = Dev::Common.new.ask('Default session name', session_name_default)
@@ -119,8 +116,13 @@ module Dev
         region_default = profileini['region'] || defaultini['region'] || ENV['AWS_DEFAULT_REGION'] || Dev::Aws::DEFAULT_REGION
         profileini['region'] = Dev::Common.new.ask('Default region name', region_default)
 
-        role_default = profileini['role_arn'] || "arn:aws:iam::#{account}:role/ReadonlyAccessRole"
-        profileini['role_arn'] = Dev::Common.new.ask('Default role arn', role_default)
+        # NOTE: We had an old config for "role_arn" which included the entire arn. We deprecated that config since
+        #       it made it much more difficult to switch between different accounts.
+        role_name_default = profileini['role_name'] || profileini['role_arn']&.split(%r{role/})&.last || self.class.config.default_login_role_name
+        profileini['role_name'] = Dev::Common.new.ask('Default role name', role_name_default)
+        # TODO: Eventually, we should delete the role_arn entry from the config. Leaving it for now because some projects
+        #       may be using older versions of the dev_commands library
+        # profileini.delete('role_arn')
 
         cfgini.write
       end

data/lib/firespring_dev_commands/aws/credentials.rb

@@ -16,16 +16,6 @@ module Dev
         ::Aws::STS::Client.new.get_caller_identity.account
       end
 
-      # The arn of the currently logged in identity
-      def logged_in_arn
-        ::Aws::STS::Client.new.get_caller_identity.arn
-      end
-
-      # The role the current identity is using
-      def logged_in_role
-        logged_in_arn.split(%r{/})[1]
-      end
-
       # The region associated with the current login
       def logged_in_region
         ::Aws::STS::Client.new.send(:config).region
@@ -75,6 +65,8 @@ module Dev
         credini = IniFile.new(filename: "#{Dev::Aws::CONFIG_DIR}/credentials", default: 'default')
         defaultini = credini['default']
 
+        # TODO: Should we allow for multiple sets of base credentials? How do I use this for both FDP and SBF?
+
         access_key_default = defaultini['aws_access_key_id']
         defaultini['aws_access_key_id'] = Dev::Common.new.ask('AWS Access Key ID', access_key_default)
 

data/lib/firespring_dev_commands/aws/login.rb

@@ -8,7 +8,7 @@ module Dev
     class Login
       # Main interface for logging in to an AWS account
       # If an account is not specified the user is given an account selection menu
-      # If account registries have been configured, the user is also logged in to the docker registries
+      # If an account registry has been configured, the user is also logged in to the docker registry
       def login!(account = nil)
         # If more than one child account has been configured, have the user select the account they want to log in to
         account ||= Dev::Aws::Account.new.select
@@ -22,8 +22,8 @@ module Dev
         # Load credentials into the ENV for subprocesses
         Dev::Aws::Credentials.new.export!
 
-        # Login in to all configured docker registries
-        registry_logins!
+        # Login in to the docker registry if the user has configured one
+        registry_login! if Dev::Aws::Account.new.registry
       end
 
       # Authorize your local credentials
@@ -31,28 +31,32 @@ module Dev
       # Temporary credentials are written back to the credentials file
       def authorize!(account)
         # Make sure the account has been set up
-        cfgini = IniFile.new(filename: "#{Dev::Aws::CONFIG_DIR}/config", default: 'default')
-        unless cfgini.has_section?("profile #{account}")
-          Dev::Aws::Account.new.write!(account)
-          cfgini = IniFile.new(filename: "#{Dev::Aws::CONFIG_DIR}/config", default: 'default')
-        end
+        cfgini = setup_cfgini
 
         defaultini = cfgini['default']
         profileini = cfgini["profile #{account}"]
 
-        serial = profileini['mfa_serial'] || defaultini['mfa_serial']
-        role = profileini['role_arn'] || defaultini['role_arn']
+        region = profileini['region'] || defaultini['region'] || Dev::Aws::DEFAULT_REGION
+
+        serial = profileini['mfa_serial_name'] || defaultini['mfa_serial_name']
+        serial = "arn:aws:iam::#{Dev::Aws::Account.new.roo.id}:mfa/#{serial}" if serial
+        serial ||= profileini['mfa_serial'] || defaultini['mfa_serial']
+
+        role = profileini['role_name'] || defaultini['role_name']
+        role = "arn:aws:iam::#{account}:role/#{role}" if role
+        role ||= profileini['role_arn'] || defaultini['role_arn']
+
         session_name = profileini['role_session_name'] || defaultini['role_session_name']
         session_duration = profileini['session_duration'] || defaultini['session_duration']
 
         puts
-        puts "  Logging in to #{account} as #{role}".light_yellow
+        puts "  Logging in to #{account} in #{region} as #{role}".light_yellow
         puts
 
         code = ENV['AWS_TOKEN_CODE'] || Dev::Common.new.ask("Enter the MFA code for the #{ENV.fetch('USERNAME', '')} user serial #{serial}")
         raise 'MFA is required' unless code.to_s.strip
 
-        sts = ::Aws::STS::Client.new(profile: 'default')
+        sts = ::Aws::STS::Client.new(profile: 'default', region: region)
         creds = sts.assume_role(
           serial_number: serial,
           role_arn: role,
@@ -65,19 +69,21 @@ module Dev
         Dev::Aws::Credentials.new.write!(account, creds)
       end
 
-      # Authroizes the docker cli to pull/push images from the Aws container registry (e.g. if docker compose needs to pull an image)
-      # Authroizes the docker ruby library to pull/push images from the Aws container registry
-      def registry_logins!(registry_ids: Dev::Aws::Account.new.ecr_registry_ids, region: Dev::Aws::DEFAULT_REGION)
-        return if registry_ids.empty?
-
-        puts
-        registry_ids.each { |id| registry_login!(registry_id: id, region: region) }
-        puts
+      # Returns the config ini file
+      # Runs the setup for our current account if it's not already setup
+      def setup_cfgini
+        cfgini = IniFile.new(filename: "#{Dev::Aws::CONFIG_DIR}/config", default: 'default')
+        unless cfgini.has_section?("profile #{account}")
+          Dev::Aws::Account.new.write!(account)
+          cfgini = IniFile.new(filename: "#{Dev::Aws::CONFIG_DIR}/config", default: 'default')
+        end
+        cfgini
       end
 
       # Authroizes the docker cli to pull/push images from the Aws container registry (e.g. if docker compose needs to pull an image)
       # Authroizes the docker ruby library to pull/push images from the Aws container registry
-      def registry_login!(registry_id: Dev::Aws::Account.new.ecr_registry_ids.first, region: Dev::Aws::DEFAULT_REGION)
+      def registry_login!(registry_id: Dev::Aws::Account.new.registry, region: nil)
+        region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
         raise 'registry_id is required' if registry_id.to_s.strip.empty?
         raise 'region is required' if region.to_s.strip.empty?
 
@@ -92,25 +98,27 @@ module Dev
       # Authroizes the docker cli to pull/push images from the Aws container registry
       # (e.g. if docker compose needs to pull an image)
       # @deprecated Please use {Dev::Aws::Login#registry_login!} instead
-      def docker_login!(registry_id: Dev::Aws::Account.new.ecr_registry_ids.first, region: Dev::Aws::DEFAULT_REGION)
+      def docker_login!(registry_id: Dev::Aws::Account.new.registry, region: nil)
+        region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
         warn '[DEPRECATION] `Dev::Aws::Login#docker_login!` is deprecated. Please use `Dev::Aws::Login#registry_login!` instead.'
         docker_cli_login!(registry: "#{registry_id}.dkr.ecr.#{region}.amazonaws.com", region: region)
-        puts
       end
 
       # Authroizes the docker cli to pull/push images from the Aws container registry
       # (e.g. if docker compose needs to pull an image)
       private def docker_cli_login!(registry:, region:)
-        print("  Logging in to #{registry} in docker... ")
+        print('  Logging in to ECR in docker... ')
         login_cmd = "aws --profile=#{Dev::Aws::Profile.new.current} ecr --region=#{region} get-login-password"
         login_cmd << ' | '
         login_cmd << "docker login --password-stdin --username AWS #{registry}"
         Dev::Common.new.run_command([login_cmd])
+        puts
       end
 
       # Authroizes the docker ruby library to pull/push images from the Aws container registry
       # @deprecated Please use {Dev::Aws::Login#registry_login!} instead
-      def ecr_login!(registry_id: Dev::Aws::Account.new.ecr_registry_ids.first, region: Dev::Aws::DEFAULT_REGION)
+      def ecr_login!(registry_id: Dev::Aws::Account.new.registry, region: nil)
+        region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
         warn '[DEPRECATION] `Dev::Aws::Login#ecr_login!` is deprecated. Please use `Dev::Aws::Login#registry_login!` instead.'
         docker_lib_login!(registry_id: registry_id, region: region)
       end

data/lib/firespring_dev_commands/aws/profile.rb

@@ -33,10 +33,8 @@ module Dev
       # Print the profile info for the current account
       def info
         Dev::Aws::Credentials.new.export!
-        current_role = Dev::Aws::Credentials.new.logged_in_role
-        current_account_name = Dev::Aws::Account.new.name_by_account(current)
         puts
-        puts "  Currently logged in as #{current_role} in the #{current_account_name} (#{current}) account".light_yellow
+        puts "  Currently logged in to the #{Dev::Aws::Account.new.name_by_account(current)} (#{current})".light_yellow
         puts
         puts '  To use this profile in your local aws cli, you must either pass the profile as a command line argument ' \
              'or export the corresponding aws variable:'.light_white

data/lib/firespring_dev_commands/aws.rb

@@ -4,7 +4,10 @@ module Dev
     # The config dir for the user's AWS settings
     CONFIG_DIR = "#{Dir.home}/.aws".freeze
 
-    # The default region used if none have been configured in the AWS settings
+    # The default region used if none has been configured in the AWS settings
     DEFAULT_REGION = 'us-east-1'.freeze
+
+    # The default role name used if none has been configured when logging in
+    DEFAULT_LOGIN_ROLE_NAME = 'ReadonlyAccessRole'.freeze
   end
 end

data/lib/firespring_dev_commands/docker.rb

@@ -70,11 +70,8 @@ module Dev
     end
 
     # Prunes/removes all unused volumes
-    # Specify ALL_VOLUMES=false in your environment to only clean anonymous volumes (docker version 23.x+)
     def prune_volumes
-      opts = {}
-      opts[:filters] = {all: ['true']}.to_json if Dev::Common.new.version_greater_than('22.9999.0', self.class.version) && ENV['ALL_VOLUMES'].to_s.strip != 'false'
-      _prune('volumes', opts: opts)
+      _prune('volumes')
     end
 
     # Prunes/removes all unused images
@@ -83,8 +80,8 @@ module Dev
     end
 
     # Private method which actually calls the prune endpoint on the docker api connection
-    private def _prune(type, opts: {})
-      response = ::Docker.connection.post("/#{type.downcase}/prune", opts)
+    private def _prune(type)
+      response = ::Docker.connection.post("/#{type.downcase}/prune", {})
       format_prune(type, response)
     rescue ::Docker::Error::ServerError => e
       # Specifically check for 'prune already running' error and retry if found

data/lib/firespring_dev_commands/templates/docker/php/application.rb

@@ -137,7 +137,7 @@ module Dev
             DEV_COMMANDS_TOP_LEVEL.instance_eval do
               namespace application do
                 namespace :php do
-                  desc 'Install all composer packages'
+                  desc 'Install all npm packages'
                   task install: %w(init_docker up_no_deps) do
                     Dev::Docker::Compose.new(services: application).exec(*php.install_command)
                   end

data/lib/firespring_dev_commands/templates/docker/ruby/application.rb

@@ -93,7 +93,7 @@ module Dev
             DEV_COMMANDS_TOP_LEVEL.instance_eval do
               namespace application do
                 namespace :ruby do
-                  desc 'Install all bundled gems'
+                  desc 'Install all npm packages'
                   task install: %w(init_docker up_no_deps) do
                     Dev::Docker::Compose.new(services: application).exec(*ruby.install_command)
                   end

data/lib/firespring_dev_commands/version.rb

@@ -6,6 +6,6 @@ module Dev
     # Use 'v.v.v.pre.alpha.v' for pre-release vesions
     # Use 'v.v.v.beta.v for beta versions
     # Use semantic versioning for any releases (https://semver.org/)
-    VERSION = '1.4.4'.freeze
+    VERSION = '1.5.0.pre.alpha.1'.freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: firespring_dev_commands
 version: !ruby/object:Gem::Version
-  version: 1.4.4
+  version: 1.5.0.pre.alpha.1
 platform: ruby
 authors:
 - Firespring
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-17 00:00:00.000000000 Z
+date: 2023-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -453,9 +453,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.1.6
 signing_key: