RubyGems - geoengineer - Versions diffs - 0.1.0 → 0.1.1 - Mend

geoengineer 0.1.0 → 0.1.1

Files changed (91) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +5 -0
data.tar.gz.sig +0 -0
data/README.md +5 -5
data/lib/geoengineer/cli/geo_cli.rb +4 -5
data/lib/geoengineer/cli/status_command.rb +7 -1
data/lib/geoengineer/environment.rb +53 -51
data/lib/geoengineer/project.rb +5 -24
data/lib/geoengineer/resource.rb +89 -20
data/lib/geoengineer/resources/aws_customer_gateway.rb +23 -0
data/lib/geoengineer/resources/aws_eip.rb +43 -0
data/lib/geoengineer/resources/aws_iam_group.rb +26 -0
data/lib/geoengineer/resources/aws_iam_group_membership.rb +50 -0
data/lib/geoengineer/resources/aws_iam_policy.rb +12 -4
data/lib/geoengineer/resources/aws_iam_policy_attachment.rb +95 -0
data/lib/geoengineer/resources/aws_iam_role.rb +45 -0
data/lib/geoengineer/resources/aws_instance.rb +7 -4
data/lib/geoengineer/resources/aws_internet_gateway.rb +23 -0
data/lib/geoengineer/resources/aws_lambda_alias.rb +50 -0
data/lib/geoengineer/resources/aws_lambda_event_source_mapping.rb +47 -0
data/lib/geoengineer/resources/aws_lambda_function.rb +30 -0
data/lib/geoengineer/resources/aws_lambda_permission.rb +74 -0
data/lib/geoengineer/resources/aws_main_route_table_association.rb +51 -0
data/lib/geoengineer/resources/aws_nat_gateway.rb +29 -0
data/lib/geoengineer/resources/aws_network_acl.rb +38 -0
data/lib/geoengineer/resources/aws_network_acl_rule.rb +50 -0
data/lib/geoengineer/resources/aws_route.rb +47 -0
data/lib/geoengineer/resources/aws_route53_record.rb +4 -0
data/lib/geoengineer/resources/aws_route_table.rb +26 -0
data/lib/geoengineer/resources/aws_route_table_association.rb +45 -0
data/lib/geoengineer/resources/aws_security_group.rb +8 -5
data/lib/geoengineer/resources/aws_subnet.rb +24 -0
data/lib/geoengineer/resources/aws_vpc.rb +24 -0
data/lib/geoengineer/resources/aws_vpc_dhcp_options.rb +29 -0
data/lib/geoengineer/resources/aws_vpc_dhcp_options_association.rb +40 -0
data/lib/geoengineer/resources/aws_vpc_endpoint.rb +26 -0
data/lib/geoengineer/resources/aws_vpc_peering_connection.rb +29 -0
data/lib/geoengineer/resources/aws_vpn_connection.rb +23 -0
data/lib/geoengineer/resources/aws_vpn_connection_route.rb +35 -0
data/lib/geoengineer/resources/aws_vpn_gateway.rb +22 -0
data/lib/geoengineer/resources/aws_vpn_gateway_attachment.rb +41 -0
data/lib/geoengineer/template.rb +20 -4
data/lib/geoengineer/utils/aws_clients.rb +4 -0
data/lib/geoengineer/utils/crc32.rb +61 -0
data/lib/geoengineer/utils/has_attributes.rb +25 -11
data/lib/geoengineer/utils/has_projects.rb +21 -0
data/lib/geoengineer/utils/has_resources.rb +17 -4
data/lib/geoengineer/utils/has_templates.rb +31 -0
data/lib/geoengineer/utils/has_validations.rb +18 -3
data/lib/geoengineer/version.rb +1 -1
data/spec/environment_spec.rb +40 -19
data/spec/project_spec.rb +2 -2
data/spec/resource_spec.rb +87 -6
data/spec/resources/aws_customer_gateway_spec.rb +24 -0
data/spec/resources/aws_eip_spec.rb +29 -0
data/spec/resources/aws_iam_group_membership_spec.rb +83 -0
data/spec/resources/aws_iam_group_spec.rb +43 -0
data/spec/resources/aws_iam_policy_attachment_spec.rb +80 -0
data/spec/resources/{aws_iam_policy.rb → aws_iam_policy_spec.rb} +6 -5
data/spec/resources/aws_iam_role_spec.rb +45 -0
data/spec/resources/aws_internet_gateway_spec.rb +24 -0
data/spec/resources/aws_lambda_alias_spec.rb +39 -0
data/spec/resources/aws_lambda_event_source_mapping_spec.rb +53 -0
data/spec/resources/aws_lambda_function_spec.rb +29 -0
data/spec/resources/aws_lambda_permission_spec.rb +90 -0
data/spec/resources/aws_main_route_table_association_spec.rb +57 -0
data/spec/resources/aws_nat_gateway_spec.rb +31 -0
data/spec/resources/aws_network_acl_rule_spec.rb +73 -0
data/spec/resources/aws_network_acl_spec.rb +31 -0
data/spec/resources/aws_route53_record_spec.rb +5 -0
data/spec/resources/aws_route_spec.rb +47 -0
data/spec/resources/aws_route_table_association_spec.rb +47 -0
data/spec/resources/aws_route_table_spec.rb +24 -0
data/spec/resources/aws_security_group_spec.rb +36 -2
data/spec/resources/aws_subnet_spec.rb +24 -0
data/spec/resources/aws_vpc_dhcp_options_association_spec.rb +43 -0
data/spec/resources/aws_vpc_dhcp_options_spec.rb +24 -0
data/spec/resources/aws_vpc_endpoint_spec.rb +41 -0
data/spec/resources/aws_vpc_peering_connection_spec.rb +33 -0
data/spec/resources/aws_vpc_spec.rb +24 -0
data/spec/resources/aws_vpn_connection_route_spec.rb +43 -0
data/spec/resources/aws_vpn_connection_spec.rb +41 -0
data/spec/resources/aws_vpn_gateway_attachment_spec.rb +41 -0
data/spec/resources/aws_vpn_gateway_spec.rb +39 -0
data/spec/spec_helper.rb +3 -1
data/spec/utils/crc32_spec.rb +14 -0
data/spec/utils/has_attributes_spec.rb +22 -0
data/spec/utils/has_resources_spec.rb +4 -0
data/spec/utils/has_validations_spec.rb +45 -0
metadata +117 -6
metadata.gz.sig +1 -0

data/lib/geoengineer/resources/aws_customer_gateway.rb ADDED

@@ -0,0 +1,23 @@
+########################################################################
+# AwsCustomerGateway is the +aws_customer_gateway+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/customer_gateway.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsCustomerGateway < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:bgp_asn, :ip_address, :type]) }
+  validate -> { validate_has_tag(:Name) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { NullObject.maybe(tags)[:Name] } }
+  def self._fetch_remote_resources
+    AwsClients.ec2.describe_customer_gateways['customer_gateways'].map(&:to_h).map do |gateway|
+      gateway.merge(
+        {
+          _terraform_id: gateway[:customer_gateway_id],
+          _geo_id: gateway[:tags]&.find { |tag| tag[:key] == "Name" }&.dig(:value)
+        }
+      )
+    end
+  end
+end

data/lib/geoengineer/resources/aws_eip.rb ADDED

@@ -0,0 +1,43 @@
+########################################################################
+# AwsEip is the +aws_eip+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/eip.html Terraform Docs}
+########################################################################
+# Currently geo can't create EIPs - only codify existing ones
+# It does this by requiring the '_public_ip' attribute and hard-coding the '_geo_id' to that
+class GeoEngineer::Resources::AwsEip < GeoEngineer::Resource
+  validate :validate_instance_or_network_interface
+  validate -> { validate_required_attributes([:_public_ip]) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id       -> { _public_ip } }
+  # Can't associate both an instance and a network interface with an elastic IP
+  def validate_instance_or_network_interface
+    errors = []
+    unless instance.nil? || network_interface.nil?
+      errors << "Must associate and Elastic IP with either and EC2 instance or a network interface"
+    end
+    errors
+  end
+  def support_tags?
+    false
+  end
+  # Always create within a VPC
+  def vpc
+    true
+  end
+  def self._fetch_remote_resources
+    AwsClients.ec2.describe_addresses['addresses'].map(&:to_h).map do |address|
+      address[:_terraform_id] = address[:allocation_id]
+      address[:_geo_id] = address[:public_ip]
+      address
+    end
+  end
+end

data/lib/geoengineer/resources/aws_iam_group.rb ADDED

@@ -0,0 +1,26 @@
+########################################################################
+# AwsIamGroup +aws_iam_group+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/iam_group.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsIamGroup < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:name]) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { name.to_s } }
+  def support_tags?
+    false
+  end
+  def self._fetch_remote_resources
+    groups = AwsClients.iam.list_groups['groups'].map(&:to_h)
+    groups.map do |g|
+      g[:name] = g[:group_name]
+      g[:_geo_id] = g[:group_name]
+      g[:_terraform_id] = g[:group_name]
+      g
+    end
+  end
+end

data/lib/geoengineer/resources/aws_iam_group_membership.rb ADDED

@@ -0,0 +1,50 @@
+########################################################################
+# AwsIamGroup +aws_iam_group_membership+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/iam_group_membership.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsIamGroupMembership < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:name, :users, :group]) }
+  before :validation, -> { group _group.to_ref(:name) if _group }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { name.to_s } }
+  def to_terraform_state
+    tfstate = super
+    attributes = {
+      'group' => _group.name.to_s,
+      'name' => name.to_s
+    }
+    tfstate[:primary][:attributes] = attributes
+    tfstate
+  end
+  def support_tags?
+    false
+  end
+  def find_remote_as_individual?
+    true
+  end
+  def remote_resource_params
+    return {} unless _group
+    return {} unless _group.remote_resource
+    users = AwsClients.iam.get_group({ group_name: _group.name })['users']
+    build_remote_resource_params(users)
+  end
+  def build_remote_resource_params(users)
+    {
+      name: _group.name,
+      _terraform_id: name.to_s,
+      _geo_id: name.to_s,
+      users: users.map(&:user_name)
+    }
+  end
+end

data/lib/geoengineer/resources/aws_iam_policy.rb CHANGED

@@ -16,12 +16,16 @@ class GeoEngineer::Resources::AwsIamPolicy < GeoEngineer::Resource
   def to_terraform_state
     arn = NullObject.maybe(remote_resource).arn
     default_version_id = NullObject.maybe(remote_resource).default_version_id
     policy = _get_policy_document(arn, default_version_id)
     tfstate = super
-    tfstate[:primary][:attributes] = {
-      'policy' => policy
-    }
+    attributes = { 'policy' => policy }
+    attributes['arn'] = arn if arn
+    tfstate[:primary][:attributes] = attributes
     tfstate
   end
@@ -29,6 +33,10 @@ class GeoEngineer::Resources::AwsIamPolicy < GeoEngineer::Resource
     false
   end
+  def _policy_file(path, binding_obj = nil)
+    _json_file(:policy, path, binding_obj)
+  end
   def _get_policy_document(arn, version_id)
     response = AwsClients.iam.get_policy_version({ policy_arn: arn,
                                                    version_id: version_id })
@@ -36,7 +44,7 @@ class GeoEngineer::Resources::AwsIamPolicy < GeoEngineer::Resource
   end
   def self._all_remote_policies
-    AwsClients.iam.list_policies.each.map(&:policies).flatten.map(&:to_h)
+    AwsClients.iam.list_policies({ scope: "Local" }).each.map(&:policies).flatten.map(&:to_h)
   end
   def self._fetch_remote_resources

data/lib/geoengineer/resources/aws_iam_policy_attachment.rb ADDED

@@ -0,0 +1,95 @@
+########################################################################
+# AwsIamPolicyAttachment +aws_iam_policy_attachment+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsIamPolicyAttachment < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:name, :_policy]) }
+  validate :shares_name_with_policy
+  before :validation, -> { policy_arn _policy.to_ref(:arn) if _policy }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { name.to_s } }
+  def validate_shares_name_with_policy
+    return "Policy attachment must share a name with the policy" unless shares_name_with_policy?
+    []
+  end
+  def shares_name_with_policy?
+    policy && name.to_s == policy.name
+  end
+  def to_terraform_state
+    tfstate = super
+    attributes = { 'name' => name.to_s }
+    attributes['policy_arn'] = remote_resource.policy_arn if remote_resource
+    attributes = attributes
+                 .merge(terraform_users_attributes)
+                 .merge(terraform_groups_attributes)
+                 .merge(terraform_roles_attributes)
+    tfstate[:primary][:attributes] = attributes
+    tfstate
+  end
+  def terraform_users_attributes
+    return {} if users.nil?
+    user_attributes = { 'users.#' => users.count.to_s }
+    users.each_with_index { |u, i| user_attributes["users.#{i}"] = u }
+    user_attributes
+  end
+  def terraform_groups_attributes
+    return {} if groups.nil?
+    groups_attributes = { 'groups.#' => groups.count.to_s }
+    groups.each_with_index { |g, i| groups_attributes["groups.#{i}"] = g }
+    groups_attributes
+  end
+  def terraform_roles_attributes
+    return {} if roles.nil?
+    roles_attributes = { 'roles.#' => roles.count.to_s }
+    roles.each_with_index { |r, i| roles_attributes["roles.#{i}"] = r }
+    roles_attributes
+  end
+  def support_tags?
+    false
+  end
+  def find_remote_as_individual?
+    true
+  end
+  def remote_resource_params
+    return {} unless _policy
+    return {} unless _policy.remote_resource
+    arn = _policy.remote_resource._terraform_id
+    entities = AwsClients.iam.list_entities_for_policy({ policy_arn: arn })
+    build_remote_resource_params(arn, entities)
+  end
+  def build_remote_resource_params(arn, entities)
+    {
+      name: _policy.name,
+      _terraform_id: arn,
+      _geo_id: _policy.name,
+      policy_arn: arn,
+      users: entities[:policy_users].map(&:user_name),
+      groups: entities[:policy_groups].map(&:group_name),
+      roles: entities[:policy_roles].map(&:role_name)
+    }
+  end
+end

data/lib/geoengineer/resources/aws_iam_role.rb ADDED

@@ -0,0 +1,45 @@
+require "uri"
+########################################################################
+# AwsIamGroup +aws_iam_role+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/iam_role.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsIamRole < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:name, :assume_role_policy]) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { name.to_s } }
+  def to_terraform_state
+    tfstate = super
+    arn = NullObject.maybe(remote_resource).arn
+    assume_role_policy = NullObject.maybe(remote_resource).assume_role_policy
+    attributes = {}
+    attributes['arn'] = arn if arn
+    attributes['assume_role_policy'] = _normalize_json(assume_role_policy) if assume_role_policy
+    tfstate[:primary][:attributes] = attributes
+    tfstate
+  end
+  def _assume_role_policy_file(path, binding_obj = nil)
+    _json_file(:assume_role_policy, path, binding_obj)
+  end
+  def support_tags?
+    false
+  end
+  def self._fetch_remote_resources
+    roles = AwsClients.iam.list_roles['roles'].map(&:to_h)
+    roles.map do |r|
+      r.merge({ name: r[:role_name],
+                _geo_id: r[:role_name],
+                _terraform_id: r[:role_name],
+                assume_role_policy: URI.decode(r[:assume_role_policy_document]) })
+    end
+  end
+end

data/lib/geoengineer/resources/aws_instance.rb CHANGED

@@ -15,10 +15,13 @@ class GeoEngineer::Resources::AwsInstance < GeoEngineer::Resource
   end
   def self._fetch_remote_resources
-    _all_remote_instances.map do |i|
-      i[:_terraform_id] = i[:instance_id]
-      i[:_geo_id] = i[:tags] ? i[:tags].select { |x| x[:key] == "Name" }.first[:value] : nil
-      i
+    _all_remote_instances.map do |instance|
+      instance.merge(
+        {
+          _terraform_id: instance[:instance_id],
+          _geo_id: instance[:tags]&.find { |tag| tag[:key] == "Name" }&.dig(:value)
+        }
+      )
     end
   end
 end

data/lib/geoengineer/resources/aws_internet_gateway.rb ADDED

@@ -0,0 +1,23 @@
+########################################################################
+# AwsInternetGateway is the +aws_internet_gateway+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/internet_gateway.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsInternetGateway < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:vpc_id]) }
+  validate -> { validate_has_tag(:Name) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { NullObject.maybe(tags)[:Name] } }
+  def self._fetch_remote_resources
+    AwsClients.ec2.describe_internet_gateways['internet_gateways'].map(&:to_h).map do |gateway|
+      gateway.merge(
+        {
+          _terraform_id: gateway[:internet_gateway_id],
+          _geo_id: gateway[:tags]&.find { |tag| tag[:key] == "Name" }&.dig(:value)
+        }
+      )
+    end
+  end
+end

data/lib/geoengineer/resources/aws_lambda_alias.rb ADDED

@@ -0,0 +1,50 @@
+########################################################################
+# AwsLambdaAlias is the +aws_lambda_function+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/lambda_alias.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsLambdaAlias < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:name, :function_name, :function_version]) }
+  validate -> {
+    !(name =~ /(?!^[0-9]+$)([a-zA-Z0-9\-_]+)/).nil? if name
+  }
+  validate -> {
+    !(function_version =~ /(\$LATEST|[0-9]+)/).nil? if function_version
+  }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { [name, function_name, function_version].join("::") } }
+  def support_tags?
+    false
+  end
+  # TODO(Brad) - May need to implement solution for pagination...
+  def self._fetch_functions
+    AwsClients
+      .lambda
+      .list_functions['functions']
+      .map(&:to_h)
+  end
+  # TODO(Brad) - May need to implement solution for pagination...
+  def self._fetch_aliases(function)
+    options = { function_name: function[:function_name] }
+    AwsClients.lambda.list_aliases(options)[:aliases].map(&:to_h).map do |f_alias|
+      geo_id_components = [f_alias[:name], f_alias[:function_name], f_alias[:function_version]]
+      f_alias.merge(
+        {
+          _terraform_id: f_alias[:alias_arn],
+          _geo_id: geo_id_components.join('::')
+        }
+      )
+    end
+  end
+  def self._fetch_remote_resources
+    _fetch_functions
+      .map { |function| _fetch_aliases(function) }
+      .flatten
+      .compact
+  end
+end

data/lib/geoengineer/resources/aws_lambda_event_source_mapping.rb ADDED

@@ -0,0 +1,47 @@
+########################################################################
+# AwsLambdaEventSourceMapping is the +aws_lambda_event_source_mapping+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/lambda_event_source_mapping.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsLambdaEventSourceMapping < GeoEngineer::Resource
+  validate -> {
+    validate_required_attributes([:event_source_arn, :function_name, :starting_position])
+  }
+  validate -> {
+    if self.starting_position && !%w(TRIM_HORIZON LATEST).include?(self.starting_position)
+      ["starting_position must be either TRIM_HORIZON OR LATEST"]
+    end
+  }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { [event_source_arn, function_name].join("::") } }
+  def support_tags?
+    false
+  end
+  def short_type
+    "event_mapping"
+  end
+  def self._extract_name_from_arn(arn)
+    arn_components = arn.split(":")
+    arn_components[arn_components.index("function") + 1] if arn_components.index("function")
+  end
+  def self._fetch_remote_resources
+    AwsClients
+      .lambda
+      .list_event_source_mappings['event_source_mappings']
+      .map(&:to_h)
+      .map do |event|
+        geo_id = [event[:event_source_arn], self._extract_name_from_arn(event[:function_arn])]
+        event.merge(
+          {
+            _terraform_id: event[:uuid],
+            _geo_id: geo_id.join("::")
+          }
+        )
+      end
+  end
+end