gemops 3.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/gemops.rb +27 -0
- data/lib/gemops/aws/ACM.rb +46 -0
- data/lib/gemops/aws/Accounts.rb +45 -0
- data/lib/gemops/aws/EC2.rb +86 -0
- data/lib/gemops/aws/SecretsManager.rb +105 -0
- data/lib/gemops/aws/Sts.rb +41 -0
- metadata +50 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: '08df8bcf8b8b428a7d644c3d3fdee6249d6acd883377b0d7694a4b2d16ed3a84'
|
|
4
|
+
data.tar.gz: 50fe3cef95be8b1e6a7b60684c8f9415d744e423339ee99daa1caa4e27f0dfa2
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 12a51818565625b00ed6385b0255a0b4a38694108d192faec311905ee25ab4c50967924761d7c0ec9cb0ef8926c9c4c91ec7833b3477099309f1515145c9a95b
|
|
7
|
+
data.tar.gz: 7d87d5107853313d1a5f4534fa26cd4cace64e9aa4f638b66e2cf854f7123f54d4176a531c4a94d709b850f3ebaaaf612c1774156705c52f0f69c2e75866710f
|
data/bin/console
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require "bundler/setup"
|
|
4
|
+
require "gemops"
|
|
5
|
+
|
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
|
8
|
+
|
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
|
10
|
+
# require "pry"
|
|
11
|
+
# Pry.start
|
|
12
|
+
|
|
13
|
+
require "irb"
|
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
data/lib/gemops.rb
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
###
|
|
4
|
+
# All our Requires
|
|
5
|
+
###
|
|
6
|
+
require 'logger'
|
|
7
|
+
|
|
8
|
+
require_relative 'gemops/aws/Accounts.rb'
|
|
9
|
+
require_relative 'gemops/aws/Sts.rb'
|
|
10
|
+
require_relative 'gemops/aws/SecretsManager.rb'
|
|
11
|
+
require_relative 'gemops/aws/EC2.rb'
|
|
12
|
+
require_relative 'gemops/aws/ACM.rb'
|
|
13
|
+
###
|
|
14
|
+
# The Main Module
|
|
15
|
+
###
|
|
16
|
+
module GemOps
|
|
17
|
+
###
|
|
18
|
+
# Bump this version whenever releasing/publishing
|
|
19
|
+
###
|
|
20
|
+
VERSION = '3.1.1'
|
|
21
|
+
LOGGER = Logger.new(STDERR)
|
|
22
|
+
###
|
|
23
|
+
# Our Module/Namespace for AWS
|
|
24
|
+
###
|
|
25
|
+
module AWS
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
require 'aws-sdk-acm'
|
|
2
|
+
module GemOps
|
|
3
|
+
module AWS
|
|
4
|
+
###
|
|
5
|
+
# Various AWS ACM Actions
|
|
6
|
+
###
|
|
7
|
+
class ACM
|
|
8
|
+
###
|
|
9
|
+
# The default constructor
|
|
10
|
+
# @param [String]: environment
|
|
11
|
+
# @raise [Aws::ACM::Errors::ServiceError]
|
|
12
|
+
###
|
|
13
|
+
def initialize(environment = 'shared')
|
|
14
|
+
begin
|
|
15
|
+
LOGGER.info('Initializing the ACM Client')
|
|
16
|
+
credentials = GemOps::AWS::Sts.new.assume_role(environment)
|
|
17
|
+
@acm_client = Aws::ACM::Client.new(
|
|
18
|
+
region: 'us-east-1',
|
|
19
|
+
credentials: credentials)
|
|
20
|
+
rescue Aws::ACM::Errors::ServiceError => e
|
|
21
|
+
raise e
|
|
22
|
+
rescue StandardError => e
|
|
23
|
+
raise e
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
def retrieve_ssl_cert_arn(ssl_cert_name)
|
|
27
|
+
begin
|
|
28
|
+
ssl_certs = @acm_client.list_certificates({
|
|
29
|
+
certificate_statuses: ["ISSUED"]
|
|
30
|
+
})
|
|
31
|
+
ssl_cert_object = ssl_certs["certificate_summary_list"].select {|it| it["domain_name"] == ssl_cert_name}
|
|
32
|
+
ssl_cert_arn = ssl_cert_object[0]["certificate_arn"]
|
|
33
|
+
ssl_cert = @acm_client.get_certificate({
|
|
34
|
+
certificate_arn: ssl_cert_arn
|
|
35
|
+
})
|
|
36
|
+
LOGGER.info("Here is the SSL Cert Arn ==> #{ssl_cert_arn}")
|
|
37
|
+
ssl_cert_arn
|
|
38
|
+
rescue Aws::ACM::Errors::ServiceError => e
|
|
39
|
+
raise e
|
|
40
|
+
rescue StandardError => e
|
|
41
|
+
raise e
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
###
|
|
2
|
+
# The Main Module
|
|
3
|
+
###
|
|
4
|
+
module GemOps
|
|
5
|
+
###
|
|
6
|
+
# Our Module/Namespace for AWS
|
|
7
|
+
###
|
|
8
|
+
module AWS
|
|
9
|
+
###
|
|
10
|
+
# The Accounts class is use to fetch the Account Ids for the various
|
|
11
|
+
# AWS Accounts/Environments
|
|
12
|
+
###
|
|
13
|
+
class Accounts
|
|
14
|
+
attr_accessor :environment
|
|
15
|
+
###
|
|
16
|
+
# Used to fetch the Account Ids for the various
|
|
17
|
+
# AWS Accounts/Environments
|
|
18
|
+
# @return [Number]: AWS Account Id
|
|
19
|
+
# @rasie [StandardError]
|
|
20
|
+
###
|
|
21
|
+
def account_id
|
|
22
|
+
begin
|
|
23
|
+
case @environment
|
|
24
|
+
when 'area51'
|
|
25
|
+
'037652976493'
|
|
26
|
+
when 'dev'
|
|
27
|
+
'043722605544'
|
|
28
|
+
when 'qa'
|
|
29
|
+
'005500638808'
|
|
30
|
+
when 'stage'
|
|
31
|
+
'563682578383'
|
|
32
|
+
when 'prod'
|
|
33
|
+
'187952434384'
|
|
34
|
+
when 'shared'
|
|
35
|
+
'103505310740'
|
|
36
|
+
else
|
|
37
|
+
raise StandardError.new("\n\nUnknown Environment #{@environment}\n\n")
|
|
38
|
+
end
|
|
39
|
+
rescue StandardError => e
|
|
40
|
+
raise e
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
require 'aws-sdk-ec2'
|
|
2
|
+
require 'rudash'
|
|
3
|
+
module GemOps
|
|
4
|
+
module AWS
|
|
5
|
+
###
|
|
6
|
+
# Various EC2 Actions
|
|
7
|
+
###
|
|
8
|
+
class EC2
|
|
9
|
+
###
|
|
10
|
+
# The default constructor
|
|
11
|
+
# @param [String]: environment
|
|
12
|
+
# @raise [Aws::EC2::Errors::ServiceError]
|
|
13
|
+
###
|
|
14
|
+
def initialize(environment = 'shared')
|
|
15
|
+
begin
|
|
16
|
+
LOGGER.info('Initializing the EC2 Client')
|
|
17
|
+
credentials = GemOps::AWS::Sts.new.assume_role(environment)
|
|
18
|
+
@ec2_client = Aws::EC2::Client.new(
|
|
19
|
+
region: 'us-east-1',
|
|
20
|
+
credentials: credentials)
|
|
21
|
+
rescue Aws::EC2::Errors::ServiceError => e
|
|
22
|
+
raise e
|
|
23
|
+
rescue StandardError => e
|
|
24
|
+
raise e
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
###
|
|
28
|
+
# Retrieves The VPC ID Of A Named VPC
|
|
29
|
+
# @param [String]: vpc_name
|
|
30
|
+
# @return [String]: vpc_id
|
|
31
|
+
# @raise [Aws::EC2::Errors::ServiceError, StandardError]
|
|
32
|
+
###
|
|
33
|
+
def retrieve_vpc_id(vpc_name)
|
|
34
|
+
begin
|
|
35
|
+
response = @ec2_client.describe_vpcs({
|
|
36
|
+
filters: [
|
|
37
|
+
{
|
|
38
|
+
name: "tag:Name",
|
|
39
|
+
values: [vpc_name]
|
|
40
|
+
}
|
|
41
|
+
]
|
|
42
|
+
})
|
|
43
|
+
unless !R_.empty?(response.vpcs)
|
|
44
|
+
raise StandardError.new("\n\nThe VPC #{vpc_name} does not exist. Try again dude!!!!\n\n")
|
|
45
|
+
end
|
|
46
|
+
response.vpcs[0].vpc_id
|
|
47
|
+
rescue Aws::EC2::Errors::ServiceError => e
|
|
48
|
+
raise e
|
|
49
|
+
rescue StandardError => e
|
|
50
|
+
raise e
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
###
|
|
54
|
+
# Retrieves The Subnet ID Of A Named Subnet
|
|
55
|
+
# @param [String]: subnate_name
|
|
56
|
+
# @param [String]: vpc_id
|
|
57
|
+
# @return [String]: subnet_id
|
|
58
|
+
# @raise [Aws::EC2::Errors::ServiceError, StandardError]
|
|
59
|
+
###
|
|
60
|
+
def retrieve_subnet_id(subnet_name, vpc_id)
|
|
61
|
+
begin
|
|
62
|
+
response = @ec2_client.describe_subnets({
|
|
63
|
+
filters: [
|
|
64
|
+
{
|
|
65
|
+
name: "vpc-id",
|
|
66
|
+
values: [vpc_id],
|
|
67
|
+
},
|
|
68
|
+
{
|
|
69
|
+
name: "tag:Name",
|
|
70
|
+
values: [subnet_name]
|
|
71
|
+
}
|
|
72
|
+
]
|
|
73
|
+
})
|
|
74
|
+
unless !R_.empty?(response.subnets)
|
|
75
|
+
raise StandardError.new("\n\nThe Subnet #{subnet_name} does not exist. Try again dude!!!!\n\n")
|
|
76
|
+
end
|
|
77
|
+
response.subnets[0].subnet_id
|
|
78
|
+
rescue Aws::EC2::Errors::ServiceError => e
|
|
79
|
+
raise e
|
|
80
|
+
rescue StandardError => e
|
|
81
|
+
raise e
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
require 'aws-sdk-secretsmanager'
|
|
2
|
+
module GemOps
|
|
3
|
+
module AWS
|
|
4
|
+
###
|
|
5
|
+
# Various SecretsManager Actions
|
|
6
|
+
###
|
|
7
|
+
class SecretsManager
|
|
8
|
+
###
|
|
9
|
+
# The default constructor
|
|
10
|
+
# @param [String]: environment
|
|
11
|
+
# @raise [Aws::SecretsManager::Errors::ServiceError]
|
|
12
|
+
###
|
|
13
|
+
def initialize(environment = 'shared')
|
|
14
|
+
begin
|
|
15
|
+
LOGGER.info('Initializing The Secrets Manager Client')
|
|
16
|
+
credentials = GemOps::AWS::Sts.new.assume_role(environment)
|
|
17
|
+
@secrets_manager_client = Aws::SecretsManager::Client.new({
|
|
18
|
+
"region": "us-east-1",
|
|
19
|
+
"credentials": credentials
|
|
20
|
+
})
|
|
21
|
+
rescue Aws::SecretsManager::Errors::ServiceError => e
|
|
22
|
+
raise e
|
|
23
|
+
rescue StandardError => e
|
|
24
|
+
raise e
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
###
|
|
28
|
+
# List All The Secrets Non Paginated
|
|
29
|
+
# @return [Array]: secrets_list
|
|
30
|
+
# @raise [Aws::SecretsManager::Errors::ServiceError, StandardError]
|
|
31
|
+
###
|
|
32
|
+
def list_secrets
|
|
33
|
+
begin
|
|
34
|
+
secrets_manager_list_params = Hash.new
|
|
35
|
+
secrets_manager_list_params[:max_results] = 10
|
|
36
|
+
all_the_secrets = Array.new
|
|
37
|
+
condition = true
|
|
38
|
+
while condition do
|
|
39
|
+
secrets_list = @secrets_manager_client.list_secrets(secrets_manager_list_params)
|
|
40
|
+
next_token = secrets_list.to_h[:next_token]
|
|
41
|
+
if next_token
|
|
42
|
+
puts "\n\nPaginated Response\n\n"
|
|
43
|
+
puts "\n\nHere is the Next Token = #{next_token}\n\n"
|
|
44
|
+
secrets_list.to_h[:secret_list].each do |secret|
|
|
45
|
+
all_the_secrets.push(secret)
|
|
46
|
+
end
|
|
47
|
+
secrets_manager_list_params[:next_token] = next_token
|
|
48
|
+
next_token = ""
|
|
49
|
+
else
|
|
50
|
+
condition = false
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
all_the_secrets
|
|
54
|
+
rescue Aws::SecretsManager::Errors::ServiceError => e
|
|
55
|
+
raise e
|
|
56
|
+
rescue StandardError => e
|
|
57
|
+
raise e
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
###
|
|
61
|
+
# Retrieves Secrets From A List
|
|
62
|
+
# @param [Array]: secret_paths
|
|
63
|
+
# @return [Hash]
|
|
64
|
+
# @raise [Aws::SecretsManager::Errors::ServiceError, StandardError]
|
|
65
|
+
###
|
|
66
|
+
def retrieve_aws_secrets_as_hash(secret_paths)
|
|
67
|
+
begin
|
|
68
|
+
secrets_hash = Hash.new
|
|
69
|
+
secrets_paths.each do |secrets_path|
|
|
70
|
+
user_name = JSON.parse(@secrets_manager_client.get_secret_value({
|
|
71
|
+
secret_id: secrets_path
|
|
72
|
+
}).secret_string)['userName']
|
|
73
|
+
password = JSON.parse(@secrets_manager_client.get_secret_value({
|
|
74
|
+
secret_id: secrets_path
|
|
75
|
+
}).secret_string)['password']
|
|
76
|
+
secrets_hash[user_name] = password
|
|
77
|
+
end
|
|
78
|
+
secrets_hash
|
|
79
|
+
rescue Aws::SecretsManager::Errors::ServiceError => e
|
|
80
|
+
raise e
|
|
81
|
+
rescue StandardError => e
|
|
82
|
+
raise e
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
###
|
|
86
|
+
# Retrieves An AWS Secrets Manager Secrets
|
|
87
|
+
# @param [String]: secret_path
|
|
88
|
+
# @param [String]: secret_key
|
|
89
|
+
# @return [String]: Retrieved AWS Secret
|
|
90
|
+
# @raise [Aws::SecretsManager::Errors::ServiceError, StandardError]
|
|
91
|
+
###
|
|
92
|
+
def retrieve_aws_secret(secret_path, secret_key)
|
|
93
|
+
begin
|
|
94
|
+
JSON.parse(@secrets_manager_client.get_secret_value({
|
|
95
|
+
secret_id: secret_path
|
|
96
|
+
}).secret_string)[secret_key]
|
|
97
|
+
rescue Aws::SecretsManager::Errors::ServiceError => e
|
|
98
|
+
raise e
|
|
99
|
+
rescue StandardError => e
|
|
100
|
+
raise e
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
end
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
require 'aws-sdk-core'
|
|
2
|
+
require 'aws-sdk-sts'
|
|
3
|
+
module GemOps
|
|
4
|
+
module AWS
|
|
5
|
+
###
|
|
6
|
+
# Various AWS STS Actions
|
|
7
|
+
###
|
|
8
|
+
class Sts
|
|
9
|
+
###
|
|
10
|
+
# Assumes an AWS Iam Role
|
|
11
|
+
# @param [String]: role_arn
|
|
12
|
+
# @return {AWS Role Credentials}: role_credential
|
|
13
|
+
###
|
|
14
|
+
def credentials(role_arn)
|
|
15
|
+
begin
|
|
16
|
+
LOGGER.info('Initializing The STS Client')
|
|
17
|
+
Aws::AssumeRoleCredentials.new(
|
|
18
|
+
client: Aws::STS::Client.new(region: 'us-east-1'),
|
|
19
|
+
role_arn: role_arn,
|
|
20
|
+
role_session_name: SecureRandom.hex
|
|
21
|
+
)
|
|
22
|
+
rescue Aws::STS::Errors::ServiceError => e
|
|
23
|
+
raise e
|
|
24
|
+
rescue StandardError => e
|
|
25
|
+
raise e
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
###
|
|
29
|
+
# Assumes Role In one of the provided environments
|
|
30
|
+
# @param [String]: environment
|
|
31
|
+
# @return {AWS Role Credentials}: role_credential
|
|
32
|
+
###
|
|
33
|
+
def assume_role(environment)
|
|
34
|
+
accounts = GemOps::AWS::Accounts.new
|
|
35
|
+
accounts.environment = environment
|
|
36
|
+
role_arn = "arn:aws:iam::#{accounts.account_id}:role/shared-assume-role"
|
|
37
|
+
credentials(role_arn)
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: gemops
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 3.1.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Abhishek Kapoor
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2020-03-17 00:00:00.000000000 Z
|
|
12
|
+
dependencies: []
|
|
13
|
+
description: '"Ruby Gem For DevOps Related Stuff"'
|
|
14
|
+
email:
|
|
15
|
+
- akapoor@emersonecologics.com
|
|
16
|
+
executables: []
|
|
17
|
+
extensions: []
|
|
18
|
+
extra_rdoc_files: []
|
|
19
|
+
files:
|
|
20
|
+
- bin/console
|
|
21
|
+
- bin/setup
|
|
22
|
+
- lib/gemops.rb
|
|
23
|
+
- lib/gemops/aws/ACM.rb
|
|
24
|
+
- lib/gemops/aws/Accounts.rb
|
|
25
|
+
- lib/gemops/aws/EC2.rb
|
|
26
|
+
- lib/gemops/aws/SecretsManager.rb
|
|
27
|
+
- lib/gemops/aws/Sts.rb
|
|
28
|
+
homepage:
|
|
29
|
+
licenses: []
|
|
30
|
+
metadata: {}
|
|
31
|
+
post_install_message:
|
|
32
|
+
rdoc_options: []
|
|
33
|
+
require_paths:
|
|
34
|
+
- lib
|
|
35
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
36
|
+
requirements:
|
|
37
|
+
- - ">="
|
|
38
|
+
- !ruby/object:Gem::Version
|
|
39
|
+
version: 2.3.0
|
|
40
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
41
|
+
requirements:
|
|
42
|
+
- - ">="
|
|
43
|
+
- !ruby/object:Gem::Version
|
|
44
|
+
version: '0'
|
|
45
|
+
requirements: []
|
|
46
|
+
rubygems_version: 3.0.8
|
|
47
|
+
signing_key:
|
|
48
|
+
specification_version: 4
|
|
49
|
+
summary: '"Ruby Gem For DevOps Related Stuff"'
|
|
50
|
+
test_files: []
|