firespring_dev_commands 2.2.8.pre.alpha.1 → 2.2.9.pre.alpha.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/firespring_dev_commands/aws/login.rb +37 -11
- data/lib/firespring_dev_commands/aws/route53.rb +8 -46
- data/lib/firespring_dev_commands/dns/resource.rb +0 -10
- data/lib/firespring_dev_commands/templates/aws/services/route53.rb +2 -21
- data/lib/firespring_dev_commands/version.rb +1 -1
- metadata +4 -18
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '082cd5a36d24e2f5ad43c9e5cf4e4826c28d204f41d7c473045f6d0f0a81d77e'
|
|
4
|
+
data.tar.gz: b58035949eccbdbbb45145379c7502d347261370bbb4ba5b739da3a8b605354f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c0679cfc6454455ad132eb0f05adba5cd6a9041001a40923673fd9f6e356bd752c5f29a073d47e7980ed0f7f6fa52c4c9854dfb36a8d8e62ae9d31861af5f773
|
|
7
|
+
data.tar.gz: 7aad107e9bc5b2272de65a7032f94b7dc1686828d04034e029fa619bfd4621ab7a3b0b084a77076dd4c75b8a4da9d45f779dff94dc6753ff23c4c3606acd12a5
|
|
@@ -61,15 +61,15 @@ module Dev
|
|
|
61
61
|
puts " Logging in to #{account} in #{region} as #{role}".light_yellow
|
|
62
62
|
puts
|
|
63
63
|
|
|
64
|
-
code =
|
|
64
|
+
code = mfa_code(serial)
|
|
65
65
|
raise 'MFA is required' unless code.to_s.strip
|
|
66
66
|
|
|
67
67
|
sts = ::Aws::STS::Client.new(profile: 'default', region:)
|
|
68
68
|
creds = sts.assume_role(
|
|
69
|
-
serial_number: serial,
|
|
69
|
+
serial_number: mfa_serial || serial,
|
|
70
70
|
role_arn: role,
|
|
71
71
|
role_session_name: session_name,
|
|
72
|
-
token_code: code,
|
|
72
|
+
token_code: code.to_s.strip,
|
|
73
73
|
duration_seconds: session_duration
|
|
74
74
|
).credentials
|
|
75
75
|
puts
|
|
@@ -77,6 +77,32 @@ module Dev
|
|
|
77
77
|
Dev::Aws::Credentials.new.write!(account, creds)
|
|
78
78
|
end
|
|
79
79
|
|
|
80
|
+
# The custom local file where target information is stored.
|
|
81
|
+
CUSTOM_CONFIG_FILE = "#{Dir.home}/.bash_profile.d/config/.main".freeze
|
|
82
|
+
|
|
83
|
+
# Targets a custom ini config.
|
|
84
|
+
def custom_config_ini
|
|
85
|
+
IniFile.new(filename: CUSTOM_CONFIG_FILE, default: 'default')['default']
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def mfa_serial
|
|
89
|
+
return unless !ENV.fetch('OP_LOGIN', nil).nil? && File.exist?(CUSTOM_CONFIG_FILE)
|
|
90
|
+
|
|
91
|
+
custom_config_ini['aws_1pass_mfa_serial']
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
# Handles the MFA code logic.
|
|
95
|
+
def mfa_code(serial)
|
|
96
|
+
# Note, OP_LOGIN likely not needed. Available as feature flag.
|
|
97
|
+
# Checks if OnePassword CLI is installed and the custom config file exist.
|
|
98
|
+
if !ENV.fetch('OP_LOGIN', nil).nil? && system('op --version', out: '/dev/null') && File.exist?(CUSTOM_CONFIG_FILE)
|
|
99
|
+
cmd = "op item get #{custom_config_ini['aws_uuid']} --otp"
|
|
100
|
+
`#{cmd}`
|
|
101
|
+
else
|
|
102
|
+
ENV['AWS_TOKEN_CODE'] || Dev::Common.new.ask("Enter the MFA code for the #{ENV.fetch('USERNAME', 'no_username_found')} user serial #{serial}")
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
|
|
80
106
|
# Returns the config ini file
|
|
81
107
|
# Runs the setup for our current account if it's not already setup
|
|
82
108
|
def setup_cfgini(account)
|
|
@@ -88,8 +114,8 @@ module Dev
|
|
|
88
114
|
cfgini
|
|
89
115
|
end
|
|
90
116
|
|
|
91
|
-
#
|
|
92
|
-
#
|
|
117
|
+
# Authorizes the docker cli to pull/push images from the Aws container registry (e.g. if docker compose needs to pull an image)
|
|
118
|
+
# Authorizes the docker ruby library to pull/push images from the Aws container registry
|
|
93
119
|
def registry_logins!(registry_ids: nil, region: nil)
|
|
94
120
|
registry_ids ||= Dev::Aws::Account.new.ecr_registry_ids
|
|
95
121
|
region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
|
|
@@ -100,8 +126,8 @@ module Dev
|
|
|
100
126
|
puts
|
|
101
127
|
end
|
|
102
128
|
|
|
103
|
-
#
|
|
104
|
-
#
|
|
129
|
+
# Authorizes the docker cli to pull/push images from the Aws container registry (e.g. if docker compose needs to pull an image)
|
|
130
|
+
# Authorizes the docker ruby library to pull/push images from the Aws container registry
|
|
105
131
|
def registry_login!(registry_id: nil, region: nil)
|
|
106
132
|
registry_id ||= Dev::Aws::Account.new.ecr_registry_ids.first
|
|
107
133
|
region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
|
|
@@ -116,7 +142,7 @@ module Dev
|
|
|
116
142
|
ENV['ECR_REGISTRY'] ||= registry
|
|
117
143
|
end
|
|
118
144
|
|
|
119
|
-
#
|
|
145
|
+
# Authorizes the docker cli to pull/push images from the Aws container registry
|
|
120
146
|
# (e.g. if docker compose needs to pull an image)
|
|
121
147
|
# @deprecated Please use {Dev::Aws::Login#registry_login!} instead
|
|
122
148
|
def docker_login!(registry_id: nil, region: nil)
|
|
@@ -127,7 +153,7 @@ module Dev
|
|
|
127
153
|
puts
|
|
128
154
|
end
|
|
129
155
|
|
|
130
|
-
#
|
|
156
|
+
# Authorizes the docker cli to pull/push images from the Aws container registry
|
|
131
157
|
# (e.g. if docker compose needs to pull an image)
|
|
132
158
|
private def docker_cli_login!(registry:, region:)
|
|
133
159
|
print(" Logging in to #{registry} in docker... ")
|
|
@@ -137,7 +163,7 @@ module Dev
|
|
|
137
163
|
Dev::Common.new.run_command([login_cmd])
|
|
138
164
|
end
|
|
139
165
|
|
|
140
|
-
#
|
|
166
|
+
# Authorizes the docker ruby library to pull/push images from the Aws container registry
|
|
141
167
|
# @deprecated Please use {Dev::Aws::Login#registry_login!} instead
|
|
142
168
|
def ecr_login!(registry_id: nil, region: nil)
|
|
143
169
|
registry_id ||= Dev::Aws::Account.new.ecr_registry_ids.first
|
|
@@ -146,7 +172,7 @@ module Dev
|
|
|
146
172
|
docker_lib_login!(registry_id:, region:)
|
|
147
173
|
end
|
|
148
174
|
|
|
149
|
-
#
|
|
175
|
+
# Authorizes the docker ruby library to pull/push images from the Aws container registry
|
|
150
176
|
private def docker_lib_login!(registry_id:, region:)
|
|
151
177
|
# Grab your authentication token from AWS ECR
|
|
152
178
|
ecr_client = ::Aws::ECR::Client.new(region:)
|
|
@@ -67,56 +67,18 @@ module Dev
|
|
|
67
67
|
[response.hosted_zone, response.delegation_set]
|
|
68
68
|
end
|
|
69
69
|
|
|
70
|
-
def
|
|
71
|
-
zone_count = 0
|
|
70
|
+
def list_zone_details
|
|
72
71
|
zones do |zone|
|
|
72
|
+
puts
|
|
73
73
|
zone_details, delegation_set = details(zone.id)
|
|
74
74
|
dns_resource = Dev::Dns::Resource.new(zone_details.name)
|
|
75
|
-
zone_count += 1
|
|
76
|
-
apex_record = dns_resource.recursive_a_lookup
|
|
77
|
-
nameserver_names = dns_resource.recursive_nameserver_lookup
|
|
78
|
-
nameserver_ips = nameserver_names.sort.map { |it| dns_resource.recursive_a_lookup(it) }
|
|
79
|
-
# Check if the site is dead, no a record or any AWS ips in the lists.
|
|
80
|
-
# if apex_record.empty? && (!zone_details.name.chomp('.').include? 'firespring') && (!nameserver_ips.join(', ').include? '205.251')
|
|
81
|
-
if !dns_resource.recursive_a_lookup.empty? && (dns_resource.recursive_nameserver_lookup.include? 'ns1.firespring.com')
|
|
82
|
-
out_data = {
|
|
83
|
-
'count' => zone_count,
|
|
84
|
-
'dns_name' => zone_details.name.chomp('.'),
|
|
85
|
-
'hosted_zone_id' => zone_details.id,
|
|
86
|
-
'delegation_set_id' => delegation_set.id,
|
|
87
|
-
# 'registrar_servers' => dns_resource.registrar_lookup.join(','), # This function is fickle, add with care.
|
|
88
|
-
'reported_nameservers' => nameserver_names.sort.join(', '),
|
|
89
|
-
'reported_ns_ips' => nameserver_ips.join(', '),
|
|
90
|
-
'a_record_ip' => apex_record.sort.join(', ')
|
|
91
|
-
}
|
|
92
|
-
# Display contents
|
|
93
|
-
puts JSON.pretty_generate(out_data)
|
|
94
|
-
end
|
|
95
|
-
rescue ::Aws::Route53::Errors::Throttling
|
|
96
|
-
sleep(1)
|
|
97
|
-
retry
|
|
98
|
-
end
|
|
99
|
-
puts
|
|
100
|
-
end
|
|
101
75
|
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
dns_resource
|
|
107
|
-
|
|
108
|
-
if !dns_resource.recursive_a_lookup.empty? && (dns_resource.recursive_nameserver_lookup.include? 'ns1.firespring.com')
|
|
109
|
-
puts
|
|
110
|
-
puts "#{zone_count} - #{zone_details.name.chomp('.')} (#{zone_details.id}):"
|
|
111
|
-
puts format(' %-50s %s', 'Delegation Set:', delegation_set.id)
|
|
112
|
-
puts format(' %-50s %s', 'Delegation Defined Nameservers:', delegation_set.name_servers.sort.join(', '))
|
|
113
|
-
puts format(' %-50s %s', 'WHOIS Reported server:', dns_resource.registrar_lookup.join(','))
|
|
114
|
-
puts format(' %-50s %s', 'DNS Reported Nameservers:', dns_resource.recursive_nameserver_lookup.sort.join(', '))
|
|
115
|
-
puts format(' %-50s %s', 'DNS Reported Nameserver IPs:', dns_resource.recursive_nameserver_lookup.sort.map do |it|
|
|
116
|
-
dns_resource.recursive_a_lookup(it)
|
|
117
|
-
end.join(', '))
|
|
118
|
-
puts format(' %-50s %s', 'Domain Apex IP Resolution:', dns_resource.recursive_a_lookup.sort.join(', '))
|
|
119
|
-
end
|
|
76
|
+
puts "#{zone_details.name.chomp('.').light_white} (#{zone_details.id}):"
|
|
77
|
+
puts format(' %-50s %s', 'Delegation Set:', delegation_set.id)
|
|
78
|
+
puts format(' %-50s %s', 'Delegation Defined Nameservers:', delegation_set.name_servers.sort.join(', '))
|
|
79
|
+
puts format(' %-50s %s', 'DNS Reported Nameservers:', dns_resource.recursive_nameserver_lookup.sort.join(', '))
|
|
80
|
+
puts format(' %-50s %s', 'DNS Reported Nameserver IPs:', dns_resource.recursive_nameserver_lookup.sort.map { |it| dns_resource.recursive_a_lookup(it) }.join(', '))
|
|
81
|
+
puts format(' %-50s %s', 'Domain Apex IP Resolution:', dns_resource.recursive_a_lookup.sort.join(', '))
|
|
120
82
|
rescue ::Aws::Route53::Errors::Throttling
|
|
121
83
|
sleep(1)
|
|
122
84
|
retry
|
|
@@ -1,5 +1,3 @@
|
|
|
1
|
-
require 'whois'
|
|
2
|
-
|
|
3
1
|
module Dev
|
|
4
2
|
class Dns
|
|
5
3
|
class Resource
|
|
@@ -24,14 +22,6 @@ module Dev
|
|
|
24
22
|
value.match?(Resolv::IPv6::Regex)
|
|
25
23
|
end
|
|
26
24
|
|
|
27
|
-
# Determines the registrar(s) of the given name. Not perfect and can be rate limited.
|
|
28
|
-
def registrar_lookup(name = domain)
|
|
29
|
-
Whois.whois(name.chomp('.')).parts.map(&:host)
|
|
30
|
-
rescue Whois::Error
|
|
31
|
-
sleep(0.75)
|
|
32
|
-
retry
|
|
33
|
-
end
|
|
34
|
-
|
|
35
25
|
# Recursively determine the correct nameservers for the given domain.
|
|
36
26
|
# If nameservers are not found, strip subdomains off until we've reached the TLD
|
|
37
27
|
def recursive_nameserver_lookup(name = domain)
|
|
@@ -6,7 +6,7 @@ module Dev
|
|
|
6
6
|
module Services
|
|
7
7
|
# Class contains rake templates for managing your AWS settings and logging in
|
|
8
8
|
class Route53 < Dev::Template::BaseInterface
|
|
9
|
-
def
|
|
9
|
+
def create_list_zone_details_task!
|
|
10
10
|
# Have to set a local variable to be accessible inside of the instance_eval block
|
|
11
11
|
exclude = @exclude
|
|
12
12
|
|
|
@@ -18,26 +18,7 @@ module Dev
|
|
|
18
18
|
desc 'print details for all hosted zones'
|
|
19
19
|
task list_details: %w(ensure_aws_credentials) do
|
|
20
20
|
route53 = Dev::Aws::Route53.new(ENV['DOMAINS'].to_s.strip.split(','))
|
|
21
|
-
route53.
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def create_json_list_zone_details_task!
|
|
29
|
-
# Have to set a local variable to be accessible inside of the instance_eval block
|
|
30
|
-
exclude = @exclude
|
|
31
|
-
|
|
32
|
-
DEV_COMMANDS_TOP_LEVEL.instance_eval do
|
|
33
|
-
return if exclude.include?(:json_details)
|
|
34
|
-
|
|
35
|
-
namespace :aws do
|
|
36
|
-
namespace :hosted_zone do
|
|
37
|
-
desc 'print details for all hosted zones'
|
|
38
|
-
task json_details: %w(ensure_aws_credentials) do
|
|
39
|
-
route53 = Dev::Aws::Route53.new(ENV['DOMAINS'].to_s.strip.split(','))
|
|
40
|
-
route53.json_details
|
|
21
|
+
route53.list_zone_details
|
|
41
22
|
end
|
|
42
23
|
end
|
|
43
24
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: firespring_dev_commands
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.2.
|
|
4
|
+
version: 2.2.9.pre.alpha.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Firespring
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-11-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -142,14 +142,14 @@ dependencies:
|
|
|
142
142
|
requirements:
|
|
143
143
|
- - "~>"
|
|
144
144
|
- !ruby/object:Gem::Version
|
|
145
|
-
version: 1.
|
|
145
|
+
version: 1.141.0
|
|
146
146
|
type: :runtime
|
|
147
147
|
prerelease: false
|
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
|
149
149
|
requirements:
|
|
150
150
|
- - "~>"
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
|
-
version: 1.
|
|
152
|
+
version: 1.141.0
|
|
153
153
|
- !ruby/object:Gem::Dependency
|
|
154
154
|
name: aws-sdk-ssm
|
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -360,20 +360,6 @@ dependencies:
|
|
|
360
360
|
- - "~>"
|
|
361
361
|
- !ruby/object:Gem::Version
|
|
362
362
|
version: 2.2.0
|
|
363
|
-
- !ruby/object:Gem::Dependency
|
|
364
|
-
name: whois
|
|
365
|
-
requirement: !ruby/object:Gem::Requirement
|
|
366
|
-
requirements:
|
|
367
|
-
- - "~>"
|
|
368
|
-
- !ruby/object:Gem::Version
|
|
369
|
-
version: '6.0'
|
|
370
|
-
type: :runtime
|
|
371
|
-
prerelease: false
|
|
372
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
373
|
-
requirements:
|
|
374
|
-
- - "~>"
|
|
375
|
-
- !ruby/object:Gem::Version
|
|
376
|
-
version: '6.0'
|
|
377
363
|
description: Ruby library for creating/maintaining your development environment
|
|
378
364
|
email: opensource@firespring.com
|
|
379
365
|
executables: []
|