formatron 0.1.0

data/lib/formatron/cloud_formation/template/vpc/subnet/instance.rb

@@ -0,0 +1,162 @@
+require 'formatron/cloud_formation/resources/iam'
+require 'formatron/cloud_formation/resources/ec2'
+require 'formatron/cloud_formation/resources/cloud_formation'
+require 'formatron/cloud_formation/resources/route53'
+require_relative 'instance/policy'
+require_relative 'instance/security_group'
+require_relative 'instance/setup'
+
+class Formatron
+  module CloudFormation
+    class Template
+      class VPC
+        class Subnet
+          # generates CloudFormation instance resources
+          # rubocop:disable Metrics/ClassLength
+          class Instance
+            INSTANCE_PREFIX = 'instance'
+            ROLE_PREFIX = 'role'
+            INSTANCE_PROFILE_PREFIX = 'instanceProfile'
+            WAIT_CONDITION_HANDLE_PREFIX = 'waitConditionHandle'
+            WAIT_CONDITION_PREFIX = 'waitCondition'
+            PRIVATE_RECORD_SET_PREFIX = 'privateRecordSet'
+            PUBLIC_RECORD_SET_PREFIX = 'publicRecordSet'
+
+            # rubocop:disable Metrics/MethodLength
+            # rubocop:disable Metrics/AbcSize
+            # rubocop:disable Metrics/ParameterLists
+            def initialize(
+              instance:,
+              key_pair:,
+              availability_zone:,
+              subnet_guid:,
+              hosted_zone_name:,
+              vpc_guid:,
+              vpc_cidr:,
+              kms_key:,
+              private_hosted_zone_id:,
+              public_hosted_zone_id:,
+              bucket:,
+              name:,
+              target:
+            )
+              @instance = instance
+              @guid = @instance.guid
+              @setup = @instance.setup
+              @instance_id = "#{INSTANCE_PREFIX}#{@guid}"
+              @role_id = "#{ROLE_PREFIX}#{@guid}"
+              @instance_profile_id = "#{INSTANCE_PROFILE_PREFIX}#{@guid}"
+              @wait_condition_handle_id =
+                "#{WAIT_CONDITION_HANDLE_PREFIX}#{@guid}"
+              @wait_condition_id =
+                "#{WAIT_CONDITION_PREFIX}#{@guid}"
+              @policy = @instance.policy
+              @security_group = @instance.security_group
+              @security_group_id =
+                "#{SecurityGroup::SECURITY_GROUP_PREFIX}#{@guid}"
+              @availability_zone = availability_zone
+              @instance_type = @instance.instance_type || 't2.micro'
+              @key_pair = key_pair
+              @subnet_guid = subnet_guid
+              @subnet_id = "#{Subnet::SUBNET_PREFIX}#{@subnet_guid}"
+              @sub_domain = @instance.sub_domain
+              @hosted_zone_name = hosted_zone_name
+              @source_dest_check = @instance.source_dest_check
+              @source_dest_check =
+                @source_dest_check.nil? ? true : @source_dest_check
+              @vpc_guid = vpc_guid
+              @vpc_cidr = vpc_cidr
+              @kms_key = kms_key
+              @private_hosted_zone_id = private_hosted_zone_id
+              @public_hosted_zone_id = public_hosted_zone_id
+              @private_record_set_id =
+                "#{PRIVATE_RECORD_SET_PREFIX}#{@guid}"
+              @public_record_set_id =
+                "#{PUBLIC_RECORD_SET_PREFIX}#{@guid}"
+              @bucket = bucket
+              @name = name
+              @target = target
+            end
+            # rubocop:enable Metrics/ParameterLists
+            # rubocop:enable Metrics/AbcSize
+            # rubocop:enable Metrics/MethodLength
+
+            # rubocop:disable Metrics/MethodLength
+            # rubocop:disable Metrics/AbcSize
+            def merge(resources:, outputs:)
+              @outputs = outputs
+              resources[@role_id] = Resources::IAM.role
+              resources[@instance_profile_id] = Resources::IAM.instance_profile(
+                role: @role_id
+              )
+              policy = Policy.new(
+                policy: @policy,
+                instance_guid: @guid,
+                kms_key: @kms_key,
+                bucket: @bucket,
+                name: @name,
+                target: @target
+              )
+              policy.merge resources: resources
+              security_group = SecurityGroup.new(
+                security_group: @security_group,
+                instance_guid: @guid,
+                vpc_guid: @vpc_guid,
+                vpc_cidr: @vpc_cidr
+              )
+              security_group.merge resources: resources
+              resources[@wait_condition_handle_id] =
+                Resources::CloudFormation.wait_condition_handle
+              instance = Resources::EC2.instance(
+                instance_profile: @instance_profile_id,
+                availability_zone: @availability_zone,
+                instance_type: @instance_type,
+                key_name: @key_pair,
+                subnet: @subnet_id,
+                name: "#{@sub_domain}.#{@hosted_zone_name}",
+                wait_condition_handle: @wait_condition_handle_id,
+                security_group: @security_group_id,
+                logical_id: @instance_id,
+                source_dest_check: @source_dest_check
+              )
+              setup = Setup.new(
+                setup: @setup,
+                sub_domain: @sub_domain,
+                hosted_zone_name: @hosted_zone_name
+              )
+              setup.merge instance: instance
+              resources[@instance_id] = instance
+              outputs[@instance_id] = Template.output(
+                Template.ref(@instance_id)
+              )
+              resources[@wait_condition_id] =
+                Resources::CloudFormation.wait_condition(
+                  wait_condition_handle: @wait_condition_handle_id,
+                  instance: @instance_id
+                )
+              resources[@private_record_set_id] =
+                Resources::Route53.record_set(
+                  hosted_zone_id: Template.ref(@private_hosted_zone_id),
+                  sub_domain: @sub_domain,
+                  hosted_zone_name: @hosted_zone_name,
+                  instance: @instance_id,
+                  attribute: 'PrivateIp'
+                )
+              resources[@public_record_set_id] =
+                Resources::Route53.record_set(
+                  hosted_zone_id: @public_hosted_zone_id,
+                  sub_domain: @sub_domain,
+                  hosted_zone_name: @hosted_zone_name,
+                  instance: @instance_id,
+                  attribute: 'PublicIp'
+                ) unless @public_hosted_zone_id.nil?
+            end
+            # rubocop:enable Metrics/AbcSize
+            # rubocop:enable Metrics/MethodLength
+          end
+          # rubocop:enable Metrics/ClassLength
+        end
+      end
+    end
+  end
+end

data/lib/formatron/cloud_formation/template/vpc/subnet/instance/policy.rb

@@ -0,0 +1,74 @@
+require 'formatron/cloud_formation/resources/iam'
+require 'formatron/s3/configuration'
+
+class Formatron
+  module CloudFormation
+    class Template
+      class VPC
+        class Subnet
+          class Instance
+            # generates CloudFormation policy resource
+            class Policy
+              POLICY_PREFIX = 'policy'
+
+              # rubocop:disable Metrics/MethodLength
+              # rubocop:disable Metrics/ParameterLists
+              def initialize(
+                policy:,
+                instance_guid:,
+                kms_key:,
+                bucket:,
+                name:,
+                target:
+              )
+                @policy = policy
+                @kms_key = kms_key
+                @guid = instance_guid
+                @bucket = bucket
+                @config_key = S3::Configuration.key(
+                  name: name,
+                  target: target
+                )
+                @policy_id = "#{POLICY_PREFIX}#{@guid}"
+                @role_id = "#{Instance::ROLE_PREFIX}#{@guid}"
+              end
+              # rubocop:enable Metrics/ParameterLists
+              # rubocop:enable Metrics/MethodLength
+
+              # rubocop:disable Metrics/MethodLength
+              def merge(resources:)
+                statements = [{
+                  actions: %w(kms:Decrypt kms:Encrypt kms:GenerateDataKey*),
+                  resources: [Template.join(
+                    'arn:aws:kms:',
+                    Template.ref('AWS::Region'),
+                    ':',
+                    Template.ref('AWS::AccountId'),
+                    ":key/#{@kms_key}"
+                  )]
+                }, {
+                  actions: %w(S3:GetObject),
+                  resources: ["arn:aws:s3:::#{@bucket}/#{@config_key}"]
+                }]
+                statements.concat(
+                  @policy.statement.collect do |statement|
+                    {
+                      actions: statement.action,
+                      resources: statement.resource
+                    }
+                  end
+                ) unless @policy.nil?
+                resources[@policy_id] = Resources::IAM.policy(
+                  role: @role_id,
+                  name: @policy_id,
+                  statements: statements
+                )
+              end
+              # rubocop:enable Metrics/MethodLength
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/formatron/cloud_formation/template/vpc/subnet/instance/security_group.rb

@@ -0,0 +1,117 @@
+require 'formatron/cloud_formation/resources/ec2'
+
+class Formatron
+  module CloudFormation
+    class Template
+      class VPC
+        class Subnet
+          class Instance
+            # generates CloudFormation security group resource
+            class SecurityGroup
+              SECURITY_GROUP_PREFIX = 'securityGroup'
+
+              # rubocop:disable Metrics/MethodLength
+              def initialize(
+                security_group:,
+                instance_guid:,
+                vpc_guid:,
+                vpc_cidr:
+              )
+                @security_group = security_group
+                @vpc_guid = vpc_guid
+                @cidr = vpc_cidr
+                @guid = instance_guid
+                @security_group_id = "#{SECURITY_GROUP_PREFIX}#{@guid}"
+                @vpc_id = "#{VPC::VPC_PREFIX}#{@vpc_guid}"
+                @open_tcp_ports =
+                  @security_group.open_tcp_port unless @security_group.nil?
+                @open_udp_ports =
+                  @security_group.open_udp_port unless @security_group.nil?
+              end
+              # rubocop:enable Metrics/MethodLength
+
+              # rubocop:disable Metrics/MethodLength
+              def merge(resources:)
+                ingress_rules = _base_ingress_rules
+                ingress_rules.concat(
+                  @open_tcp_ports.collect do |port|
+                    {
+                      cidr: '0.0.0.0/0',
+                      protocol: 'tcp',
+                      from_port: port,
+                      to_port: port
+                    }
+                  end
+                ) unless @open_tcp_ports.nil?
+                ingress_rules.concat(
+                  @open_udp_ports.collect do |port|
+                    {
+                      cidr: '0.0.0.0/0',
+                      protocol: 'udp',
+                      from_port: port,
+                      to_port: port
+                    }
+                  end
+                ) unless @open_udp_ports.nil?
+                resources[@security_group_id] = Resources::EC2.security_group(
+                  group_description: 'Formatron instance security group',
+                  vpc: @vpc_id,
+                  egress: _base_egress_rules,
+                  ingress: ingress_rules
+                )
+              end
+              # rubocop:enable Metrics/MethodLength
+
+              # rubocop:disable Metrics/MethodLength
+              def _base_egress_rules
+                [{
+                  cidr: '0.0.0.0/0',
+                  protocol: 'tcp',
+                  from_port: '0',
+                  to_port: '65535'
+                }, {
+                  cidr: '0.0.0.0/0',
+                  protocol: 'udp',
+                  from_port: '0',
+                  to_port: '65535'
+                }, {
+                  cidr: '0.0.0.0/0',
+                  protocol: 'icmp',
+                  from_port: '-1',
+                  to_port: '-1'
+                }]
+              end
+              # rubocop:enable Metrics/MethodLength
+
+              # rubocop:disable Metrics/MethodLength
+              def _base_ingress_rules
+                [{
+                  cidr: @cidr,
+                  protocol: 'tcp',
+                  from_port: '0',
+                  to_port: '65535'
+                }, {
+                  cidr: @cidr,
+                  protocol: 'udp',
+                  from_port: '0',
+                  to_port: '65535'
+                }, {
+                  cidr: @cidr,
+                  protocol: 'icmp',
+                  from_port: '-1',
+                  to_port: '-1'
+                }]
+              end
+              # rubocop:enable Metrics/MethodLength
+
+              private(
+                :_base_egress_rules,
+                :_base_ingress_rules
+              )
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/formatron/cloud_formation/template/vpc/subnet/instance/setup.rb

@@ -0,0 +1,68 @@
+require 'formatron/cloud_formation/scripts'
+
+class Formatron
+  module CloudFormation
+    class Template
+      class VPC
+        class Subnet
+          class Instance
+            # Adds setup scripts to an instance
+            class Setup
+              def initialize(setup:, sub_domain:, hosted_zone_name:)
+                @setup = setup
+                @sub_domain = sub_domain
+                @hosted_zone_name = hosted_zone_name
+                @scripts = @setup.script unless @setup.nil?
+                @variables = @setup.variable unless @setup.nil?
+              end
+
+              # rubocop:disable Metrics/MethodLength
+              # rubocop:disable Metrics/AbcSize
+              def merge(instance:)
+                files = {
+                  '/tmp/formatron/script-0.sh' => {
+                    content: Scripts.hostname(
+                      sub_domain: @sub_domain,
+                      hosted_zone_name: @hosted_zone_name
+                    ),
+                    mode: '000755',
+                    owner: 'root',
+                    group: 'root'
+                  }
+                }
+                @scripts.each_index do |index|
+                  files["/tmp/formatron/script-#{index + 1}.sh"] = {
+                    content: @scripts[index],
+                    mode: '000755',
+                    owner: 'root',
+                    group: 'root'
+                  }
+                end unless @scripts.nil?
+                variables = []
+                @variables.each do |key, value|
+                  variables.concat(["#{key}=", value.value, "\n"])
+                end unless @variables.nil?
+                files['/tmp/formatron/script-variables'] = {
+                  content: Template.join(*variables),
+                  mode: '000644',
+                  owner: 'root',
+                  group: 'root'
+                } unless variables.length == 0
+                instance[:Metadata] = {
+                  Comment1: 'Create setup scripts',
+                  'AWS::CloudFormation::Init' => {
+                    config: {
+                      files: files
+                    }
+                  }
+                }
+              end
+              # rubocop:enable Metrics/AbcSize
+              # rubocop:enable Metrics/MethodLength
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/formatron/cloud_formation/template/vpc/subnet/nat.rb

@@ -0,0 +1,94 @@
+require_relative 'instance'
+
+class Formatron
+  module CloudFormation
+    class Template
+      class VPC
+        class Subnet
+          # generates CloudFormation Chef Server resources
+          class NAT
+            ROUTE_TABLE_PREFIX = 'routeTable'
+            ROUTE_PREFIX = 'route'
+
+            # rubocop:disable Metrics/MethodLength
+            # rubocop:disable Metrics/ParameterLists
+            def initialize(
+              nat:,
+              key_pair:,
+              availability_zone:,
+              subnet_guid:,
+              hosted_zone_name:,
+              vpc_guid:,
+              vpc_cidr:,
+              kms_key:,
+              private_hosted_zone_id:,
+              public_hosted_zone_id:,
+              bucket:,
+              name:,
+              target:
+            )
+              @nat = nat
+              guid = @nat.guid
+              @vpc_cidr = vpc_cidr
+              @vpc_id = "#{VPC::VPC_PREFIX}#{vpc_guid}"
+              @instance_id = "#{Instance::INSTANCE_PREFIX}#{guid}"
+              @route_table_id = "#{ROUTE_TABLE_PREFIX}#{guid}"
+              @route_id = "#{ROUTE_PREFIX}#{guid}"
+              _add_setup_script
+              _set_source_dest_check
+              @instance = Instance.new(
+                instance: nat,
+                key_pair: key_pair,
+                availability_zone: availability_zone,
+                subnet_guid: subnet_guid,
+                hosted_zone_name: hosted_zone_name,
+                vpc_guid: vpc_guid,
+                vpc_cidr: @vpc_cidr,
+                kms_key: kms_key,
+                private_hosted_zone_id: private_hosted_zone_id,
+                public_hosted_zone_id: public_hosted_zone_id,
+                bucket: bucket,
+                name: name,
+                target: target
+              )
+            end
+            # rubocop:enable Metrics/ParameterLists
+            # rubocop:enable Metrics/MethodLength
+
+            def _add_setup_script
+              @nat.setup do |setup|
+                scripts = setup.script
+                scripts.unshift Scripts.nat cidr: @vpc_cidr
+              end
+            end
+
+            def _set_source_dest_check
+              @nat.source_dest_check false
+            end
+
+            def merge(resources:, outputs:)
+              _add_route_table resources
+              @instance.merge resources: resources, outputs: outputs
+            end
+
+            def _add_route_table(resources)
+              resources[@route_table_id] = Resources::EC2.route_table(
+                vpc: @vpc_id
+              )
+              resources[@route_id] = Resources::EC2.route(
+                route_table: @route_table_id,
+                instance: @instance_id
+              )
+            end
+
+            private(
+              :_set_source_dest_check,
+              :_add_setup_script,
+              :_add_route_table
+            )
+          end
+        end
+      end
+    end
+  end
+end