fog-bouncer 0.2.4 → 0.2.5

data/fog-bouncer.gemspec

@@ -15,7 +15,7 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = Fog::Bouncer::VERSION
 
-  gem.add_dependency "clamp", "~> 0.3.0"
+  gem.add_dependency "clamp", "~> 0.3"
   gem.add_dependency "clarence", "1987.0.0"
   gem.add_dependency "fog", "~> 1.2"
   gem.add_dependency "ipaddress", "~> 0.8.0"

data/lib/fog/bouncer/group.rb

@@ -24,26 +24,6 @@ module Fog
         end
       end
 
-      def extra_remote_sources
-        sources.select { |source| !source.local? && source.remote? }
-      end
-
-      def local?
-        !!local
-      end
-
-      def missing_remote_sources
-        sources.select { |source| source.local? && !source.remote? }
-      end
-
-      def remote?
-        !remote.nil?
-      end
-
-      def sources
-        @sources ||= []
-      end
-
       def add_source(source, &block)
         if existing = sources.find { |s| s.match(source) }
           existing.instance_eval(&block)
@@ -52,17 +32,6 @@ module Fog
         end
       end
 
-      def sync
-        log(sync: true) do
-          create_missing_remote
-          synchronize_sources
-        end
-      end
-
-      def use(name)
-        @using << security.definitions(name)
-      end
-
       def create_missing_remote
         unless remote?
           log(create_missing_remote: true) do
@@ -74,12 +43,6 @@ module Fog
         end
       end
 
-      def synchronize_sources
-        log(synchronize_sources: true) do
-          SourceManager.new(self).synchronize
-        end
-      end
-
       def destroy
         revoke
         if remote?
@@ -96,6 +59,35 @@ module Fog
         end
       end
 
+      # Public: Check if it has exceeded the 100 rules limit per group on AWS,
+      #         http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-network-security.html.
+      #
+      # Examples
+      #
+      #   exceeded?
+      #   # => false
+      #
+      # Returns a Boolean
+      def exceeded?
+        local_permissions.size > 100
+      end
+
+      def extra_remote_sources
+        sources.select { |source| !source.local? && source.remote? }
+      end
+
+      def local?
+        !!local
+      end
+
+      def missing_remote_sources
+        sources.select { |source| source.local? && !source.remote? }
+      end
+
+      def remote?
+        !remote.nil?
+      end
+
       def revoke
         permissions = sources.map do |source|
           source.protocols.select { |p| p.remote? }
@@ -112,6 +104,21 @@ module Fog
         end
       end
 
+      def sources
+        @sources ||= []
+      end
+
+      def sync
+        log(sync: true) do
+          create_missing_remote
+          synchronize_sources
+        end
+      end
+
+      def use(name)
+        @using << security.definitions(name)
+      end
+
       def ==(other)
         name == other.name &&
         description == other.description
@@ -133,9 +140,23 @@ module Fog
         end
       end
 
+      def local_permissions
+        permissions = sources.map do |source|
+          source.protocols.select { |p| p.local? }
+        end.flatten.compact
+      end
+
       def source(source, &block)
         add_source(source, &block)
       end
+
+      def synchronize_sources
+        log(synchronize_sources: true) do
+          log(rules_limit: 100, rules: local_permissions.size)
+          log(exceeded_aws_limit: true) if exceeded?
+          SourceManager.new(self).synchronize
+        end
+      end
     end
   end
 end

data/lib/fog/bouncer/security.rb

@@ -49,6 +49,7 @@ module Fog
       end
 
       def sync
+        log(group_limit: 500, groups: groups.size)
         GroupManager.new(self).synchronize
       end
 

data/lib/fog/bouncer/version.rb

@@ -1,5 +1,5 @@
 module Fog
   module Bouncer
-    VERSION = "0.2.4"
+    VERSION = "0.2.5"
   end
 end

data/spec/fog/bouncer/group_spec.rb

@@ -29,6 +29,15 @@ describe Fog::Bouncer do
       end
     end
 
+    describe "#exceeded?" do
+      it "should check if the group exceeds the AWS rules limit" do
+        @group.exceeded?.must_equal false
+        source = @group.sources.first
+        0.upto(100) { |i| p = source.add_protocol(:tcp, i + 1000); p.local = true }
+        @group.exceeded?.must_equal true
+      end
+    end
+
     describe "#extras" do
       before do
         Fog::Bouncer::IPPermissions.to(@group, [{ "ipProtocol" => "tcp", "fromPort" => 20, "toPort" => 20, "ipRanges" => [{ "cidrIp" => "2.2.2.2/2" }], "groups" => [] }])

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: fog-bouncer
 version: !ruby/object:Gem::Version
-  version: 0.2.4
+  version: 0.2.5
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-09-07 00:00:00.000000000 Z
+date: 2012-10-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -18,7 +18,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: '0.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: '0.3'
 - !ruby/object:Gem::Dependency
   name: clarence
   requirement: !ruby/object:Gem::Requirement