RubyGems - geoengineer - Versions diffs - 0.1.4 → 0.1.5 - Mend

geoengineer 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/README.md +1 -0
data/lib/geoengineer/cli/geo_cli.rb +1 -0
data/lib/geoengineer/cli/terraform_commands.rb +35 -0
data/lib/geoengineer/environment.rb +1 -0
data/lib/geoengineer/resource.rb +31 -0
data/lib/geoengineer/resources/aws_alb.rb +2 -0
data/lib/geoengineer/resources/aws_alb_listener.rb +16 -6
data/lib/geoengineer/resources/aws_alb_target_group.rb +19 -7
data/lib/geoengineer/resources/aws_customer_gateway.rb +4 -0
data/lib/geoengineer/resources/aws_emr_cluster.rb +20 -0
data/lib/geoengineer/resources/aws_iam_role.rb +1 -0
data/lib/geoengineer/resources/aws_kinesis_stream.rb +10 -7
data/lib/geoengineer/resources/aws_lambda_function.rb +4 -5
data/lib/geoengineer/resources/aws_nat_gateway.rb +6 -7
data/lib/geoengineer/resources/aws_network_interface.rb +22 -0
data/lib/geoengineer/resources/aws_placement_group.rb +25 -0
data/lib/geoengineer/resources/aws_route53_record.rb +45 -4
data/lib/geoengineer/resources/aws_route53_zone.rb +34 -7
data/lib/geoengineer/resources/aws_route_table.rb +1 -1
data/lib/geoengineer/resources/aws_s3_bucket_object.rb +24 -0
data/lib/geoengineer/resources/aws_vpn_connection.rb +17 -9
data/lib/geoengineer/resources/aws_vpn_connection_route.rb +50 -14
data/lib/geoengineer/resources/aws_waf_ipset.rb +35 -0
data/lib/geoengineer/resources/aws_waf_rule.rb +26 -0
data/lib/geoengineer/resources/aws_waf_web_acl.rb +26 -0
data/lib/geoengineer/utils/aws_clients.rb +15 -0
data/lib/geoengineer/utils/has_validations.rb +1 -0
data/lib/geoengineer/version.rb +1 -1
data/spec/resource_spec.rb +56 -0
data/spec/resources/aws_alb_listener_spec.rb +6 -1
data/spec/resources/aws_alb_spec.rb +7 -0
data/spec/resources/aws_alb_target_group_spec.rb +22 -0
data/spec/resources/aws_emr_cluster_spec.rb +23 -0
data/spec/resources/aws_kinesis_stream_spec.rb +26 -11
data/spec/resources/aws_network_interface_spec.rb +32 -0
data/spec/resources/aws_placement_group_spec.rb +29 -0
data/spec/resources/aws_route53_zone_spec.rb +19 -3
data/spec/resources/aws_s3_bucket_object_spec.rb +4 -0
data/spec/resources/aws_waf_ipset_spec.rb +65 -0
data/spec/resources/aws_waf_rule_spec.rb +36 -0
data/spec/resources/aws_waf_web_acl_spec.rb +36 -0
data/spec/spec_helper.rb +1 -1
metadata +23 -2
metadata.gz.sig +0 -0

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ebcdcd4573207cc095eeb99bcc20771ddae9f2fa
-  data.tar.gz: d34079a107d98e72ebb3206395d6982a63238efc
+  metadata.gz: 10c2741c5361a9ab218a96c9de280f01ea20c9a5
+  data.tar.gz: d18876526519536af82c08f15128c20fab9047c5
 SHA512:
-  metadata.gz: '0092827fe84c1e9325ec4511133f7d80299bbd9d67a96e47ac62c84c11fc7e5c792e298ecbc78442d9ab219c9d5168a16eb12b2b162b2df53f138e28bc308e55'
-  data.tar.gz: ddd2677004c40b506e3336fa0882236a8c231181aa1f9ce405816b8de95ec446a02eee7e687c5ab2dec3dc741bc9bc4c9b8f8a72655103bf3764b1155ad54918
+  metadata.gz: ff50a5841f091791bf99ce86b57d5bd74b6f20ae4dbac98b1a096271c3ed54475959bcb2f1801028f9aadcb7839cf60b15630f149d010f409872624375c1e76b
+  data.tar.gz: e67c59d14db3bebc2414d6cf245a5070c78fd43e62a098a92f9682fa47f9f491771ede031eb5242d18d20562b84369b17dd43e6595b2ed7e8c96d8667a0f49c1

checksums.yaml.gz.sig CHANGED

Binary file

data.tar.gz.sig CHANGED

Binary file

data/README.md CHANGED

@@ -61,6 +61,7 @@ environment("staging") {
   account_id  "1"
   subnet      "1"
   vpc_id      "1"
+  allow_destroy true ## Defaults to false.  Set to true to support `geo destroy ...`
 }
 # Create the first_project to be in the `staging` environment

data/lib/geoengineer/cli/geo_cli.rb CHANGED

@@ -189,6 +189,7 @@ class GeoCLI
   def add_commands
     plan_cmd
     apply_cmd
+    destroy_cmd
     graph_cmd
     status_cmd
   end

data/lib/geoengineer/cli/terraform_commands.rb CHANGED

@@ -22,6 +22,7 @@ module GeoCLI::TerraformCommands
   def terraform_plan
     plan_commands = [
       "cd #{@tmpdir}",
+      "terraform init",
       "terraform refresh",
       "terraform plan --refresh=false -parallelism=#{terraform_parallelism}" \
       " -state=#{@terraform_state_file} -out=#{@plan_file} #{@no_color}"
@@ -30,6 +31,17 @@ module GeoCLI::TerraformCommands
     shell_exec(plan_commands.join(" && "), true)
   end
+  def terraform_plan_destroy
+    plan_destroy_commands = [
+      "cd #{@tmpdir}",
+      "terraform refresh",
+      "terraform plan -destroy --refresh=false -parallelism=#{terraform_parallelism}" \
+      " -state=#{@terraform_state_file} -out=#{@plan_file} #{@no_color}"
+    ]
+    shell_exec(plan_destroy_commands.join(" && "), true)
+  end
   def terraform_apply
     apply_commands = [
       "cd #{@tmpdir}",
@@ -39,6 +51,15 @@ module GeoCLI::TerraformCommands
     shell_exec(apply_commands.join(" && "), true)
   end
+  def terraform_destroy
+    destroy_commands = [
+      "cd #{@tmpdir}",
+      "terraform apply -parallelism=#{terraform_parallelism}" \
+      " #{@plan_file} #{@no_color}"
+    ]
+    shell_exec(destroy_commands.join(" && "), true)
+  end
   def plan_cmd
     command :plan do |c|
       c.syntax = 'geo plan [<geo_files>]'
@@ -64,4 +85,18 @@ module GeoCLI::TerraformCommands
       c.action init_action(:apply, &action)
     end
   end
+  def destroy_cmd
+    command :destroy do |c|
+      c.syntax = 'geo destroy [<geo_files>]'
+      c.description = 'Destroy an execution plan'
+      action = lambda do |args, options|
+        create_terraform_files
+        return puts "Plan Broken" if terraform_plan_destroy.exitstatus.nonzero?
+        return puts "Rejecting Plan" unless yes?("Apply the above plan? [YES/NO]")
+        terraform_destroy
+      end
+      c.action init_action(:destroy, &action)
+    end
+  end
 end

data/lib/geoengineer/environment.rb CHANGED

@@ -72,6 +72,7 @@ class GeoEngineer::Environment
   def resource(type, id, &block)
     return find_resource(type, id) unless block_given?
     resource = create_resource(type, id, &block)
     resource.environment = self
     resource

data/lib/geoengineer/resource.rb CHANGED

@@ -114,6 +114,37 @@ class GeoEngineer::Resource
     self
   end
+  def duplicate(new_id, &block)
+    parent = @project || @environment
+    return unless parent
+    duplicated = duplicate_resource(parent, self, new_id)
+    duplicated.reset
+    duplicated.instance_exec(duplicated, &block) if block_given?
+    duplicated.execute_lifecycle(:after, :initialize)
+    duplicated
+  end
+  def duplicate_resource(parent, progenitor, new_id)
+    parent.resource(progenitor.type, new_id) do
+      # We want to set all attributes from the parent, EXCEPT _geo_id and _terraform_id
+      # Which should be set according to the init logic
+      progenitor.attributes.each do |key, value|
+        self[key] = value unless %w(_geo_id _terraform_id).include?(key)
+      end
+      progenitor.subresources.each do |subresource|
+        duplicated_subresource = GeoEngineer::SubResource.new(self, subresource.type) do
+          subresource.attributes.each do |key, value|
+            self[key] = value
+          end
+        end
+        self.subresources << duplicated_subresource
+      end
+    end
+  end
   def _json_file(attribute, path, binding_obj = nil)
     raise "file #{path} not found" unless File.file?(path)

data/lib/geoengineer/resources/aws_alb.rb CHANGED

@@ -29,6 +29,8 @@ class GeoEngineer::Resources::AwsAlb < GeoEngineer::Resource
   def self._fetch_remote_resources(provider)
     albs = AwsClients.alb(provider).describe_load_balancers['load_balancers'].map(&:to_h)
+    return [] if albs.empty?
     tags = AwsClients.alb(provider)
                      .describe_tags({ resource_arns: albs.map { |alb| alb[:load_balancer_arn] } })
                      .tag_descriptions

data/lib/geoengineer/resources/aws_alb_listener.rb CHANGED

@@ -4,23 +4,33 @@
 # {https://www.terraform.io/docs/providers/aws/r/alb_listener.html Terraform Docs}
 ########################################################################
 class GeoEngineer::Resources::AwsAlbListener < GeoEngineer::Resource
-  validate -> { validate_required_attributes([:load_balancer_arn, :port, :default_action]) }
+  validate -> {
+    validate_required_attributes([:_load_balancer_name, :load_balancer_arn, :port, :default_action])
+  }
   validate -> {
     validate_subresource_required_attributes(:default_action, [:target_group_arn, :type])
   }
+  # Since we can't know the ARN until the ALB exists, it is not a good candidate for the
+  # _geo_id - instead we use the ALB name, which is also unique per region
+  after :initialize, -> { _geo_id       -> { "#{_load_balancer_name}::#{port}" } }
   after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
-  after :initialize, -> { _geo_id       -> { "#{load_balancer_arn}::#{port}" } }
   def short_type
     "alb_listener"
   end
-  def self._merge_attributes(listener)
+  def support_tags?
+    false
+  end
+  def self._merge_attributes(listener, alb)
     listener.merge(
       {
-        _geo_id: "#{listener[:load_balancer_arn]}::#{listener[:port]}",
-        _terraform_id: listener[:listener_arn]
+        _geo_id: "#{alb[:load_balancer_name]}::#{listener[:port]}",
+        _terraform_id: listener[:listener_arn],
+        load_balancer_arn: alb[:load_balancer_arn],
+        load_balancer_name: alb[:load_balancer_name]
       }
     )
   end
@@ -33,7 +43,7 @@ class GeoEngineer::Resources::AwsAlbListener < GeoEngineer::Resource
         .describe_listeners({ load_balancer_arn: alb[:load_balancer_arn] })
         .listeners
         .map(&:to_h)
-        .map { |listener| _merge_attributes(listener) }
+        .map { |listener| _merge_attributes(listener, alb) }
     end.flatten.compact
   end
 end

data/lib/geoengineer/resources/aws_alb_target_group.rb CHANGED

@@ -10,21 +10,33 @@ class GeoEngineer::Resources::AwsAlbTargetGroup < GeoEngineer::Resource
   validate -> { validate_subresource_required_attributes(:stickiness, [:type]) }
   after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
-  after :initialize, -> { _geo_id       -> { "#{vpc_id}::#{protocol}::#{port}" } }
+  after :initialize, -> { _geo_id       -> { NullObject.maybe(tags)[:Name] } }
   def short_type
     "alb_target_group"
   end
-  def self._fetch_remote_resources(provider)
-    target_groups = AwsClients.alb(provider).describe_target_groups.target_groups.map(&:to_h)
-    target_groups.map do |group|
-      group.merge(
+  def self._merge_attributes(target_groups, tags)
+    target_groups.map do |target_group|
+      target_tags = tags.find { |desc| desc[:resource_arn] == target_group[:target_group_arn] }
+      target_group.merge(
         {
-          _geo_id: "#{group[:vpc_id]}::#{group[:protocol]}::#{group[:port]}",
-          _terraform_id: group[:target_group_arn]
+          _terraform_id: target_group[:target_group_arn],
+          _geo_id: (target_tags || {})[:tags]&.find { |tag| tag[:key] == "Name" }&.dig(:value)
         }
       )
     end
   end
+  def self._fetch_remote_resources(provider)
+    target_groups = AwsClients.alb(provider).describe_target_groups.target_groups
+    return [] if target_groups.empty?
+    tags = AwsClients.alb(provider)
+                     .describe_tags({ resource_arns: target_groups.map(&:target_group_arn) })
+                     .tag_descriptions
+                     .map(&:to_h)
+    _merge_attributes(target_groups.map(&:to_h), tags)
+  end
 end

data/lib/geoengineer/resources/aws_customer_gateway.rb CHANGED

@@ -10,6 +10,10 @@ class GeoEngineer::Resources::AwsCustomerGateway < GeoEngineer::Resource
   after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
   after :initialize, -> { _geo_id -> { NullObject.maybe(tags)[:Name] } }
+  def gateway_type(val = nil)
+    val ? self["type"] = val : self["type"]
+  end
   def self._fetch_remote_resources(provider)
     AwsClients.ec2(provider)
               .describe_customer_gateways['customer_gateways']

data/lib/geoengineer/resources/aws_emr_cluster.rb ADDED

@@ -0,0 +1,20 @@
+########################################################################
+# AwsEmr is the +aws_emr_cluster+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/emr_cluster.html}
+########################################################################
+class GeoEngineer::Resources::AwsEmrCluster < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:name]) }
+  validate -> { validate_has_tag(:Name) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { name } }
+  def self._fetch_remote_resources(provider)
+    AwsClients.emr(provider).list_clusters['clusters'].map(&:to_h).map do |cluster|
+      cluster[:_terraform_id] = cluster[:id]
+      cluster[:_geo_id] = cluster[:name]
+      cluster
+    end
+  end
+end

data/lib/geoengineer/resources/aws_iam_role.rb CHANGED

@@ -19,6 +19,7 @@ class GeoEngineer::Resources::AwsIamRole < GeoEngineer::Resource
     attributes = {}
     attributes['arn'] = arn if arn
+    attributes['force_detach_policies'] = force_detach_policies || 'false'
     attributes['assume_role_policy'] = _normalize_json(assume_role_policy) if assume_role_policy
     tfstate[:primary][:attributes] = attributes

data/lib/geoengineer/resources/aws_kinesis_stream.rb CHANGED

@@ -19,14 +19,17 @@ class GeoEngineer::Resources::AwsKinesisStream < GeoEngineer::Resource
     tfstate
   end
+  def self._stream_description(stream_name)
+    AwsClients.kinesis
+              .describe_stream({ stream_name: stream_name })
+              .stream_description
+              .to_h
+  end
   def self._all_streams(provider)
-    streams = []
-    AwsClients.kinesis(provider).list_streams[:stream_names].each do |stream_name|
-      AwsClients.kinesis.describe_stream({ stream_name: stream_name }).map(&:to_h).map do |stream|
-        streams << stream[:stream_description]
-      end
-    end
-    streams
+    AwsClients.kinesis(provider)
+              .list_streams[:stream_names]
+              .map { |s| self._stream_description(s) }
   end
   def self._fetch_remote_resources(provider)

data/lib/geoengineer/resources/aws_lambda_function.rb CHANGED

@@ -32,13 +32,12 @@ class GeoEngineer::Resources::AwsLambdaFunction < GeoEngineer::Resource
     tfstate
   end
-  def support_tags?
-    false
-  end
   def self._fetch_remote_resources(provider)
     AwsClients.lambda(provider).list_functions['functions'].map(&:to_h).map do |function|
-      function.merge({ _terraform_id: function[:function_name] })
+      function.merge({
+                       _terraform_id: function[:function_name],
+                       _geo_id: function[:function_name]
+                     })
     end
   end
 end

data/lib/geoengineer/resources/aws_nat_gateway.rb CHANGED

@@ -4,7 +4,7 @@
 # {https://www.terraform.io/docs/providers/aws/r/nat_gateway.html Terraform Docs}
 ########################################################################
 class GeoEngineer::Resources::AwsNatGateway < GeoEngineer::Resource
-  validate -> { validate_required_attributes([:subnet_id, :allocation_id]) }
+  validate -> { validate_required_attributes(%i(subnet_id allocation_id)) }
   after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
   after :initialize, -> { _geo_id -> { "#{allocation_id}::#{subnet_id}" } }
@@ -18,12 +18,11 @@ class GeoEngineer::Resources::AwsNatGateway < GeoEngineer::Resource
       # AWS SDK has `nat_gateway_addresses` as an array, but you should only be able to
       # have exactly 1 elastic IP association. This logic should cover the bases...
       allocation = gateway[:nat_gateway_addresses].find { |addr| addr.key?(:allocation_id) }
-      gateway.merge(
-        {
-          _terraform_id: gateway[:nat_gateway_id],
-          _geo_id: "#{allocation[:allocation_id]}::#{gateway[:subnet_id]}"
-        }
-      )
+      gateway[:_terraform_id] = gateway[:nat_gateway_id]
+      gateway[:_geo_id] = "#{allocation[:allocation_id]}::#{gateway[:subnet_id]}"
+      gateway
     end
   end
 end

data/lib/geoengineer/resources/aws_network_interface.rb ADDED

@@ -0,0 +1,22 @@
+########################################################################
+# AwsNetworkInterface is the +aws_network_interface+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/network_interface.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsNetworkInterface < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:subnet_id]) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id       -> { Array(private_ips).join(',') } }
+  def self._fetch_remote_resources(provider)
+    interfaces = AwsClients.ec2(provider).describe_network_interfaces
+    interfaces['network_interfaces'].map(&:to_h).map do |interface|
+      addresses = interface[:private_ip_addresses].collect { |a| a[:private_ip_address] }
+      interface[:_terraform_id] = interface[:network_interface_id]
+      interface[:_geo_id] = addresses.join(',')
+      interface
+    end
+  end
+end

data/lib/geoengineer/resources/aws_placement_group.rb ADDED

@@ -0,0 +1,25 @@
+########################################################################
+# AwsPlacementGroup is the +aws_placement_group+ terrform resource,
+#
+# {https://www.terraform.io/docs/providers/aws/r/placement_group.html Terraform Docs}
+########################################################################
+class GeoEngineer::Resources::AwsPlacementGroup < GeoEngineer::Resource
+  validate -> { validate_required_attributes([:name, :strategy]) }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id       -> { name } }
+  def support_tags?
+    false
+  end
+  def self._fetch_remote_resources(provider)
+    pgs = AwsClients.ec2(provider).describe_placement_groups['placement_groups']
+    pgs.map(&:to_h).map do |group|
+      group[:_terraform_id] = group[:group_name]
+      group[:_geo_id] = group[:group_name]
+      group[:name] = group[:group_name]
+      group
+    end
+  end
+end

data/lib/geoengineer/resources/aws_route53_record.rb CHANGED

@@ -3,6 +3,8 @@
 #
 # {https://www.terraform.io/docs/providers/aws/r/route53_record.html Terraform Docs}
 ########################################################################
+# Note: Currently, 'name' must be the fully qualified domain name.
 class GeoEngineer::Resources::AwsRoute53Record < GeoEngineer::Resource
   validate -> { validate_required_attributes([:zone_id, :name, :type]) }
   validate -> { validate_required_attributes([:ttl, :records]) unless self.alias }
@@ -13,7 +15,26 @@ class GeoEngineer::Resources::AwsRoute53Record < GeoEngineer::Resource
     end
   }
-  after :initialize, -> { _terraform_id -> { "#{zone_id}_#{name}_#{type}" } }
+  after :initialize, -> { _terraform_id -> { NullObject.maybe(remote_resource)._terraform_id } }
+  after :initialize, -> { _geo_id -> { "#{zone_id}_#{self.name&.downcase}_#{record_type}" } }
+  def to_terraform_state
+    tfstate = super
+    tfstate[:primary][:attributes] = {
+      'id' => _terraform_id,
+      'name' => name,
+      'type' => record_type
+    }
+    tfstate
+  end
+  def record_type(val = nil)
+    val ? self["type"] = val : self["type"]
+  end
+  def fqdn
+    self["name"].downcase
+  end
   def support_tags?
     false
@@ -28,9 +49,29 @@ class GeoEngineer::Resources::AwsRoute53Record < GeoEngineer::Resource
   end
   def self._fetch_records_for_zone(provider, zone)
-    records = AwsClients.route53(provider).list_resource_record_sets({ hosted_zone_id: zone[:id] })
-    records.resource_record_sets.map(&:to_h).map do |record|
-      record.merge({ _terraform_id: "#{record[:zone_id]}_#{record[:name]}_#{record[:type]}" })
+    zone_id = zone[:id].gsub(%r{^/hostedzone/}, '')
+    response = AwsClients.route53(provider).list_resource_record_sets({ hosted_zone_id: zone_id })
+    records = []
+    response.each do |page|
+      records += page.resource_record_sets.map(&:to_h).map do |record|
+        name = _fetch_name(record, zone)
+        id = "#{zone_id}_#{name}_#{record[:type]}"
+        record.merge({ fqdn: name, _terraform_id: id, _geo_id: id })
+      end
+    end
+    records
+  end
+  def self._fetch_name(record, zone)
+    # Need to trim the trailing dot, as well as convert ASCII 42 (Octal 52) to
+    # the wildcard star. Route53 uses that for wildcard records.
+    name = record[:name].downcase.gsub(/\.$/, '').gsub(/^\\052/, '*')
+    zone_name = zone[:name].gsub(/\.$/, '')
+    if name !~ /#{zone_name}$/
+      name = name.empty? ? zone_name : "#{name}.#{zone_name}"
     end
+    name
   end
 end