geoengineer 0.1.1 → 0.1.2

data/lib/geoengineer/resources/aws_lambda_function.rb

@@ -18,6 +18,17 @@ class GeoEngineer::Resources::AwsLambdaFunction < GeoEngineer::Resource
 
   after :initialize, -> { _terraform_id -> { function_name } }
 
+  def to_terraform_state
+    tfstate = super
+    tfstate[:primary][:attributes] = {
+      'function_name' => function_name,
+      'publish' => (publish || "false"),
+      's3_bucket' => (s3_bucket || ""),
+      's3_key' => (s3_key || "")
+    }
+    tfstate
+  end
+
   def support_tags?
     false
   end

data/lib/geoengineer/resources/aws_lambda_permission.rb

@@ -12,6 +12,15 @@ class GeoEngineer::Resources::AwsLambdaPermission < GeoEngineer::Resource
     false
   end
 
+  def to_terraform_state
+    tfstate = super
+    tfstate[:primary][:attributes] = {
+      'function_name' => self.function_name,
+      'statement_id' => self.statement_id
+    }
+    tfstate
+  end
+
   def self._fetch_functions
     AwsClients
       .lambda

data/lib/geoengineer/resources/aws_load_balancer_backend_server_policy.rb

@@ -0,0 +1,48 @@
+########################################################################
+# AwsLoadBalancerBackendServerPolicy is the
+#  +aws_load_balancer_backend_server_policy+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/aws_load_balancer_backend_server_policy.html
+#  Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsLoadBalancerBackendServerPolicy < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:instance_port, :load_balancer_name, :policy_names]) }
+
+  after :initialize, -> {
+    _terraform_id -> { "#{load_balancer_name}:#{instance_port}" }
+  }
+
+  def to_terraform_state
+    tfstate = super
+    tfstate[:primary][:attributes] = {
+      'load_balancer_name' => load_balancer_name,
+      'instance_port' => instance_port.to_s
+    }
+    tfstate
+  end
+
+  def support_tags?
+    false
+  end
+
+  def self._fetch_remote_resources
+    AwsClients
+      .elb
+      .describe_load_balancers
+      .load_balancer_descriptions
+      .map { |load_balancer| _extract_backend_servers(load_balancer.to_h) }
+      .flatten
+      .compact
+  end
+
+  def self._extract_backend_servers(load_balancer)
+    load_balancer[:backend_server_descriptions].map do |server|
+      server.merge(
+        {
+          load_balancer_name: load_balancer[:load_balancer_name],
+          _terraform_id: "#{load_balancer[:load_balancer_name]}:#{server[:instance_port]}"
+        }
+      )
+    end
+  end
+end

data/lib/geoengineer/resources/aws_load_balancer_policy.rb

@@ -0,0 +1,43 @@
+########################################################################
+# AwsLoadBalancerPolicy is the +aws_load_balancer_policy+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/aws_load_balancer_policy.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsLoadBalancerPolicy < GeoEngineer::Resource
+  validate -> {
+    validate_required_attributes([:policy_name, :policy_type_name, :load_balancer_name])
+  }
+
+  after :initialize, -> { _terraform_id -> { "#{load_balancer_name}:#{policy_name}" } }
+
+  def support_tags?
+    false
+  end
+
+  def self._fetch_remote_resources
+    AwsClients
+      .elb
+      .describe_load_balancers
+      .load_balancer_descriptions
+      .map(&:to_h)
+      .map { |load_balancer| _policies_for_load_balancer(load_balancer) }
+      .flatten
+      .compact
+  end
+
+  def self._policies_for_load_balancer(load_balancer)
+    AwsClients
+      .elb
+      .describe_load_balancer_policies({ load_balancer_name: load_balancer[:load_balancer_name] })
+      .policy_descriptions
+      .map(&:to_h)
+      .map do |policy|
+        policy.merge(
+          {
+            _terraform_id: "#{load_balancer[:load_balancer_name]}:#{policy[:policy_name]}",
+            load_balancer_name: load_balancer[:load_balancer_name]
+          }
+        )
+      end
+  end
+end

data/lib/geoengineer/resources/aws_network_acl_rule.rb

@@ -16,12 +16,22 @@ class GeoEngineer::Resources::AwsNetworkAclRule < GeoEngineer::Resource
         "#{network_acl_id}-",
         "#{rule_number}-",
         "#{egress}-",
-        "#{protocol == 'all' ? '-1' : protocol}-"
+        "#{self.class._number_for_protocol(protocol)}-"
       ]
       "nacl-#{Crc32.hashcode(terraform_id_components.join)}"
     }
   }
 
+  def to_terraform_state
+    tfstate = super
+    tfstate[:primary][:attributes] = {
+      'network_acl_id' => network_acl_id,
+      'rule_number' => rule_number,
+      'egress' => egress
+    }
+    tfstate
+  end
+
   def support_tags?
     false
   end
@@ -34,6 +44,7 @@ class GeoEngineer::Resources::AwsNetworkAclRule < GeoEngineer::Resource
       .select { |network_acl| !network_acl[:entries].empty? }
       .map { |network_acl| _generate_rules(network_acl) }
       .flatten
+      .reject { |rule| rule[:rule_number] == 32_767 }
   end
 
   def self._generate_rules(network_acl)
@@ -42,9 +53,23 @@ class GeoEngineer::Resources::AwsNetworkAclRule < GeoEngineer::Resource
         "#{network_acl[:network_acl_id]}-",
         "#{rule[:rule_number]}-",
         "#{rule[:egress]}-",
-        "#{rule[:protocol] == 'all' ? '-1' : rule[:protocol]}-"
+        "#{_number_for_protocol(rule[:protocol])}-"
       ]
       rule.merge({ _terraform_id: "nacl-#{Crc32.hashcode(terraform_id_components.join)}" })
     end
   end
+
+  def self._number_for_protocol(protocol)
+    protocols = {
+      ah: 51,
+      esp: 50,
+      udp: 17,
+      tcp: 6,
+      icmp: 1,
+      all: -1
+    }
+    return unless protocol
+    return protocol if protocols.values.map(&:to_s).include?(protocol.to_s)
+    protocols[protocol.to_s.downcase.to_sym]
+  end
 end

data/lib/geoengineer/resources/aws_redshift_cluster.rb

@@ -5,10 +5,11 @@
 # {https://www.terraform.io/docs/providers/aws/r/redshift_cluster.html#cluster_version}
 ########################################################################
 class GeoEngineer::Resources::AwsRedshiftCluster < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:cluster_identifier, :node_type]) }
   validate -> {
-    validate_required_attributes(
-      [:cluster_identifier, :node_type, :master_password, :master_username]
-    )
+    if new? && !snapshot_identifier
+      validate_required_attributes([:master_password, :master_username])
+    end
   }
   validate -> {
     validate_required_attributes([:number_of_nodes]) if self.cluster_type == 'multi-node'
@@ -18,6 +19,11 @@ class GeoEngineer::Resources::AwsRedshiftCluster < GeoEngineer::Resource
   after :initialize, -> { _terraform_id -> { cluster_identifier } }
 
   def self._fetch_remote_resources
-    AwsClients.redshift.describe_clusters.clusters.map(&:to_h)
+    AwsClients
+      .redshift
+      .describe_clusters
+      .clusters
+      .map(&:to_h)
+      .map { |cluster| cluster.merge({ _terraform_id: cluster[:cluster_identifier] }) }
   end
 end

data/lib/geoengineer/resources/aws_route.rb

@@ -30,6 +30,8 @@ class GeoEngineer::Resources::AwsRoute < GeoEngineer::Resource
       .map { |route_table| _extract_routes(route_table) }
       .flatten
       .compact
+      .reject { |route| route[:gateway_id] == "local" }
+      .reject { |route| route.key?(:destination_prefix_list_id) }
   end
 
   def self._extract_routes(route_table)

data/lib/geoengineer/resources/aws_vpn_gateway_attachment.rb

@@ -11,6 +11,14 @@ class GeoEngineer::Resources::AwsVpnGatewayAttachment < GeoEngineer::Resource
   }
   after :initialize, -> { _geo_id -> { "#{vpc_id}::#{vpn_gateway_id}" } }
 
+  def to_terraform_state
+    tfstate = super
+    tfstate[:primary][:attributes] = {
+      'vpn_gateway_id' => vpn_gateway_id
+    }
+    tfstate
+  end
+
   def support_tags?
     false
   end

data/lib/geoengineer/sub_resource.rb

@@ -7,6 +7,7 @@
 ########################################################################
 class GeoEngineer::SubResource
   include HasAttributes
+  include HasSubResources
 
   attr_reader :type
 
@@ -20,16 +21,25 @@ class GeoEngineer::SubResource
     @resource._terraform_id
   end
 
+  ## Terraform methods
   def to_terraform
     sb = ["  #{@type} { "]
+
     sb.concat terraform_attributes.map { |k, v|
-      "    #{k.to_s.inspect} = #{v.inspect}"
+      "  #{k.to_s.inspect} = #{v.inspect}"
     }
-    sb << "  }"
+
+    sb.concat subresources.map(&:to_terraform)
+    sb << " }"
     sb.join("\n")
   end
 
   def to_terraform_json
-    [@type, terraform_attributes]
+    json = terraform_attributes
+    subresources.map(&:to_terraform_json).each do |k, v|
+      json[k] ||= []
+      json[k] << v
+    end
+    [@type, json]
   end
 end

data/lib/geoengineer/utils/aws_clients.rb

@@ -13,6 +13,14 @@ class AwsClients
 
   # Clients
 
+  def self.cloudwatchevents
+    @aws_cloudwatchevents ||= Aws::CloudWatchEvents::Client.new({ stub_responses: stubbed? })
+  end
+
+  def self.dynamo
+    @aws_dynamo ||= Aws::DynamoDB::Client.new({ stub_responses: stubbed? })
+  end
+
   def self.ec2
     @aws_ec2 ||= Aws::EC2::Client.new({ stub_responses: stubbed? })
   end
@@ -33,6 +41,14 @@ class AwsClients
     @aws_iam ||= Aws::IAM::Client.new({ stub_responses: stubbed? })
   end
 
+  def self.kinesis
+    @aws_kinesis ||= Aws::Kinesis::Client.new({ stub_responses: stubbed? })
+  end
+
+  def self.lambda
+    @aws_lambda ||= Aws::Lambda::Client.new({ stub_responses: stubbed? })
+  end
+
   def self.rds
     @aws_rds ||= Aws::RDS::Client.new({ stub_responses: stubbed? })
   end
@@ -61,7 +77,7 @@ class AwsClients
     @aws_sqs ||= Aws::SQS::Client.new({ stub_responses: stubbed? })
   end
 
-  def self.lambda
-    @aws_lambda ||= Aws::Lambda::Client.new({ stub_responses: stubbed? })
+  def self.cloudtrail
+    @aws_cloudtrail ||= Aws::CloudTrail::Client.new({ stub_responses: stubbed? })
   end
 end

data/lib/geoengineer/utils/has_projects.rb

@@ -12,7 +12,9 @@ module HasProjects
     repository = "#{org}/#{name}"
     return projects[repository] if projects.key?(repository)
 
-    GeoEngineer::Project.new(org, name, self, &block)
+    proj = GeoEngineer::Project.new(org, name, self, &block)
+    projects[repository] = proj
+    proj
   end
 
   def all_project_resources

data/lib/geoengineer/utils/has_validations.rb

@@ -4,6 +4,8 @@ require 'netaddr'
 # HasValidations provides methods to enable validations
 ########################################################################
 module HasValidations
+  MAX_POLICY_LENGTH = 5120
+
   def self.included(base)
     base.extend(ClassMethods)
   end
@@ -54,6 +56,11 @@ module HasValidations
     return "Bad cidr block \"#{cidr_block}\" #{for_resource}"
   end
 
+  def validate_policy_length(policy)
+    return unless policy.to_s.length >= MAX_POLICY_LENGTH
+    "Policy is too large - must be less than #{MAX_POLICY_LENGTH} characters"
+  end
+
   # Validates that at least one of the specified attributes is present
   def validate_at_least_one_present(attributes)
     errs = []

data/lib/geoengineer/version.rb

@@ -1,3 +1,3 @@
 module GeoEngineer
-  VERSION = '0.1.1'.freeze
+  VERSION = '0.1.2'.freeze
 end

data/spec/resource_spec.rb

@@ -40,12 +40,26 @@ describe("GeoEngineer::Resource") do
         tags {
           not_blue "FALSE"
         }
+        # i.e. s3 bucket multilevel subresources
+        lifecycle_rule {
+          expiration {
+            days 90
+          }
+        }
+
+        lifecycle_rule {
+          transition {
+            days 60
+          }
+        }
       }
 
       tfjson = res.to_terraform_json
 
       expect(tfjson['blue']).to eq 'TRUE'
       expect(tfjson['tags'][0]['not_blue']).to eq 'FALSE'
+      expect(tfjson['lifecycle_rule'][0]['expiration'][0]['days']).to eq 90
+      expect(tfjson['lifecycle_rule'][1]['transition'][0]['days']).to eq 60
     end
   end
 

data/spec/resources/aws_cloudtrail_spec.rb

@@ -0,0 +1,35 @@
+require_relative '../spec_helper'
+
+describe "GeoEngineer::Resources::AwsCloudtrail" do
+  let(:aws_client) { AwsClients.cloudtrail }
+
+  before { aws_client.setup_stubbing }
+  common_resource_tests(GeoEngineer::Resources::AwsCloudtrail, 'aws_cloudtrail')
+
+  let(:trail_name) { 'some-fake-cloudtrail' }
+
+  describe '#_fetch_remote_resources' do
+    before do
+      aws_client.stub_responses(
+        :describe_trails,
+        {
+          trail_list: [
+            { name: trail_name },
+            { name: 'another-trail-name' }
+          ]
+        }
+      )
+    end
+
+    it 'should create an array of hashes from the AWS response' do
+      resources = GeoEngineer::Resources::AwsCloudtrail._fetch_remote_resources
+      expect(resources.count).to eql 2
+
+      test_cloudtrail = resources.first
+
+      expect(test_cloudtrail[:name]).to eql(trail_name)
+      expect(test_cloudtrail[:_geo_id]).to eql(trail_name)
+      expect(test_cloudtrail[:_terraform_id]).to eql(trail_name)
+    end
+  end
+end

data/spec/resources/aws_cloudwatch_event_rule_spec.rb

@@ -0,0 +1,33 @@
+require_relative '../spec_helper'
+
+describe("GeoEngineer::Resources::AwsCloudwatchEventRule") do
+  let(:aws_client) { AwsClients.cloudwatchevents }
+
+  before { aws_client.setup_stubbing }
+
+  common_resource_tests(GeoEngineer::Resources::AwsCloudwatchEventRule, 'aws_cloudwatch_event_rule')
+
+  describe "#_fetch_remote_resources" do
+    before do
+      aws_client.stub_responses(
+        :list_rules,
+        {
+          rules:
+          [
+            {
+              name: "test",
+              arn: "arn:aws:cloudwatchevents:us-east-1:1234567890:test",
+              state: "ENABLED",
+              schedule_expression: "rate(5 minutes)"
+            }
+          ]
+        }
+      )
+    end
+
+    it 'should create list of hashes from returned AWS SDK' do
+      remote_resources = GeoEngineer::Resources::AwsCloudwatchEventRule._fetch_remote_resources
+      expect(remote_resources.length).to eq 1
+    end
+  end
+end