hako 2.3.1 → 2.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -1
  3. data/lib/hako/container.rb +2 -0
  4. data/lib/hako/schedulers/ecs.rb +15 -3
  5. data/lib/hako/schedulers/ecs_definition_comparator.rb +2 -0
  6. data/lib/hako/schedulers/ecs_elb_v2.rb +17 -0
  7. data/lib/hako/version.rb +1 -1
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 126110ac130316221e7ac640144170031d9efceb2cf81f89c1c22525d2be6275
4
- data.tar.gz: dd1934716a185d3e653b6d0343424b72a3afd62207ad566568b7ea19218d997d
3
+ metadata.gz: abb1bf796a54d7417e7f17bc3ff04a9fee504b4a7ad93a2ef40a7d3e8e12aa24
4
+ data.tar.gz: 5c00e175b2e6e4868923966cd85193a56784f8863c90c0a36bd077ad538fd0a1
5
5
  SHA512:
6
- metadata.gz: ce6f9bba7385b6cdba908d70e268a299e24db76a63276cc96ae774f7d699ac830acce6224eaabf08caae2dc7d50d7df9a76b2dbcb206438e3920b97d6f84a182
7
- data.tar.gz: 6954189052e21677c5cda4dab43b438b88287ae6975160a82bdd8c7350d2a3eb5630411f6e798a756cb9f53bd46b91ade81e04cd9e7e5eabcb81034972183bb2
6
+ metadata.gz: d2ddc3d4a5b056fd2a2bfa2ac4bc81149ede6ef93310b5d1575c46e40faf7ca1c635ec20441fac1739d4d1212e1e002f4d88d0b390f7f255c3997ccecc8f51d6
7
+ data.tar.gz: 81c559831ad9fbd2f46ae4e7596b92677c76e0bbe103c6d767d9745033409499854501254ddab16a14e8e223715067245dc8f1f1b9ebf820d873c07e89565a7c
data/CHANGELOG.md CHANGED
@@ -1,7 +1,16 @@
1
+ # 2.4.0 (2018-11-13)
2
+ ## New features
3
+ - Support `readonly_root_filesystem` parameter
4
+ - Support `docker_security_options` parameter
5
+ - Support `ssl_policy` option in `elb_v2`
6
+
7
+ ## Bug fixes
8
+ - Skip updating `desired_count` before removing service using daemon scheduling strategy
9
+
1
10
  # 2.3.1 (2018-09-26)
2
11
  ## Changes
3
12
  - Change show-definition output from YAML to JSON
4
- - The show-definition output is still persable as YAML
13
+ - The show-definition output is still parsable as YAML
5
14
 
6
15
  ## Bug fixes
7
16
  - Set `deployment_configuration` to nil when absent
data/lib/hako/container.rb CHANGED
@@ -29,6 +29,8 @@ module Hako
29
29
  command
30
30
  user
31
31
  privileged
32
+ readonly_root_filesystem
33
+ docker_security_options
32
34
  ].each do |name|
33
35
  define_method(name) do
34
36
  @definition[name]
data/lib/hako/schedulers/ecs.rb CHANGED
@@ -289,10 +289,14 @@ module Hako
289
289
  service = describe_service
290
290
  if service
291
291
  if @dry_run
292
- Hako.logger.info "ecs_client.update_service(cluster: #{service.cluster_arn}, service: #{service.service_arn}, desired_count: 0)"
292
+ unless service.scheduling_strategy == 'DAEMON'
293
+ Hako.logger.info "ecs_client.update_service(cluster: #{service.cluster_arn}, service: #{service.service_arn}, desired_count: 0)"
294
+ end
293
295
  Hako.logger.info "ecs_client.delete_service(cluster: #{service.cluster_arn}, service: #{service.service_arn})"
294
296
  else
295
- ecs_client.update_service(cluster: service.cluster_arn, service: service.service_arn, desired_count: 0)
297
+ unless service.scheduling_strategy == 'DAEMON'
298
+ ecs_client.update_service(cluster: service.cluster_arn, service: service.service_arn, desired_count: 0)
299
+ end
296
300
  ecs_client.delete_service(cluster: service.cluster_arn, service: service.service_arn)
297
301
  Hako.logger.info "#{service.service_arn} is deleted"
298
302
  end
@@ -600,6 +604,8 @@ module Hako
600
604
  health_check: container.health_check,
601
605
  ulimits: container.ulimits,
602
606
  extra_hosts: container.extra_hosts,
607
+ readonly_root_filesystem: container.readonly_root_filesystem,
608
+ docker_security_options: container.docker_security_options,
603
609
  }
604
610
  end
605
611
 
@@ -918,7 +924,7 @@ module Hako
918
924
  end
919
925
  end
920
926
 
921
- TASK_ID_RE = /\(task ([\h-]+)\)\.\z/
927
+ TASK_ID_RE = /\(task ([\h-]+)\)\.\z/.freeze
922
928
  # @param [String] message
923
929
  # @return [String, nil]
924
930
  def extract_task_id(message)
@@ -1175,6 +1181,12 @@ module Hako
1175
1181
  if definition[:user]
1176
1182
  cmd << '--user' << definition[:user]
1177
1183
  end
1184
+ if definition[:readonly_root_filesystem]
1185
+ cmd << '--read-only'
1186
+ end
1187
+ (definition[:docker_security_options] || []).each do |docker_security_option|
1188
+ cmd << '--security-opt' << docker_security_option
1189
+ end
1178
1190
 
1179
1191
  cmd << "\\\n "
1180
1192
  definition.fetch(:environment).each do |env|
data/lib/hako/schedulers/ecs_definition_comparator.rb CHANGED
@@ -39,6 +39,8 @@ module Hako
39
39
  struct.member(:ulimits, Schema::Nullable.new(ulimits_schema))
40
40
  struct.member(:extra_hosts, Schema::Nullable.new(extra_hosts_schema))
41
41
  struct.member(:linux_parameters, Schema::Nullable.new(linux_parameters_schema))
42
+ struct.member(:readonly_root_filesystem, Schema::Nullable.new(Schema::Boolean.new))
43
+ struct.member(:docker_security_options, Schema::Nullable.new(Schema::UnorderedArray.new(Schema::String.new)))
42
44
  end
43
45
  end
44
46
 
data/lib/hako/schedulers/ecs_elb_v2.rb CHANGED
@@ -108,6 +108,7 @@ module Hako
108
108
  load_balancer_arn: load_balancer.load_balancer_arn,
109
109
  protocol: l.fetch('protocol'),
110
110
  port: l.fetch('port'),
111
+ ssl_policy: l['ssl_policy'],
111
112
  default_actions: [{ type: 'forward', target_group_arn: target_group.target_group_arn }],
112
113
  }
113
114
  certificate_arn = l.fetch('certificate_arn', nil)
@@ -141,6 +142,22 @@ module Hako
141
142
  end
142
143
  end
143
144
 
145
+ new_listeners = @elb_v2_config.fetch('listeners')
146
+ if load_balancer
147
+ current_listeners = elb_client.describe_listeners(load_balancer_arn: load_balancer.load_balancer_arn).listeners
148
+ new_listeners.each do |new_listener|
149
+ current_listener = current_listeners.find { |l| l.port == new_listener['port'] }
150
+ if current_listener && new_listener['ssl_policy'] && new_listener['ssl_policy'] != current_listener.ssl_policy
151
+ if @dry_run
152
+ Hako.logger.info("elb_client.modify_listener(listener_arn: #{current_listener.listener_arn}, ssl_policy: #{new_listener['ssl_policy']}) (dry-run)")
153
+ else
154
+ Hako.logger.info("Updating ELBv2 listener #{new_listener['port']} ssl_policy to #{new_listener['ssl_policy']}")
155
+ elb_client.modify_listener(listener_arn: current_listener.listener_arn, ssl_policy: new_listener['ssl_policy'])
156
+ end
157
+ end
158
+ end
159
+ end
160
+
144
161
  if @elb_v2_config.key?('load_balancer_attributes')
145
162
  attributes = @elb_v2_config.fetch('load_balancer_attributes').map { |key, value| { key: key, value: value } }
146
163
  if @dry_run
data/lib/hako/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Hako
4
- VERSION = '2.3.1'
4
+ VERSION = '2.4.0'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hako
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.1
4
+ version: 2.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kohei Suzuki
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-09-26 00:00:00.000000000 Z
11
+ date: 2018-11-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-applicationautoscaling