hippo-cli 1.1.0 → 1.1.1

data/lib/hippo/stage.rb

@@ -3,6 +3,7 @@
 require 'liquid'
 require 'open3'
 require 'hippo/secret_manager'
+require 'hippo/package'
 
 module Hippo
   class Stage
@@ -21,6 +22,10 @@ module Hippo
       @options['branch']
     end
 
+    def image_tag
+      @options['image-tag']
+    end
+
     def namespace
       @options['namespace']
     end
@@ -29,31 +34,43 @@ module Hippo
       @options['context']
     end
 
-    def vars
-      @options['vars']
+    def config
+      @options['config']
+    end
+
+    def images
+      @images ||= @manifest.images.deep_merge(@options['images'] || {}).each_with_object({}) do |(key, image), hash|
+        hash[key] = Image.new(key, image)
+      end
     end
 
     # These are the vars to represent this
     def template_vars
-      {
-        'name' => name,
-        'branch' => branch,
-        'namespace' => namespace,
-        'context' => context,
-        'images' => @manifest.images.values.each_with_object({}) { |image, hash| hash[image.name] = image.image_path_for_branch(branch) },
-        'vars' => vars
-      }
+      @template_vars ||= begin
+        {
+          'manifest' => @manifest.template_vars,
+          'stage-name' => name,
+          'branch' => branch,
+          'image-tag' => image_tag,
+          'namespace' => namespace,
+          'context' => context,
+          'images' => images.values.each_with_object({}) { |image, hash| hash[image.name] = image.template_vars },
+          'config' => @manifest.config.deep_merge(config),
+          'secrets' => secret_manager.all
+        }
+      end
     end
 
     # Return a new decorator object that can be passed to objects that
     # would like to decorator things.
     def decorator
       proc do |data|
-        template = Liquid::Template.parse(data)
-        template.render(
-          'stage' => template_vars,
-          'manifest' => @manifest.template_vars
-        )
+        begin
+          template = Liquid::Template.parse(data)
+          template.render(template_vars)
+        rescue Liquid::SyntaxError => e
+          raise Error, "Template error: #{e.message}"
+        end
       end
     end
 
@@ -69,28 +86,46 @@ module Hippo
     #
     # @return [Hash<String,Hippo::ObjectDefinition>]
     def deployments
-      Util.create_object_definitions(objects('deployments'), self, required_kinds: ['Deployment'])
+      @deployments ||= Util.create_object_definitions(objects('deployments'), self, required_kinds: ['Deployment'])
     end
 
     # Return an array of all services/ingresses for this stage
     #
     # @return [Hash<String,Hippo::ObjectDefinition>]
     def services
-      Util.create_object_definitions(objects('services'), self, required_kinds: %w[Service Ingress NetworkPolicy])
+      @services ||= Util.create_object_definitions(objects('services'), self, required_kinds: %w[Service Ingress NetworkPolicy])
     end
 
     # Return an array of all configuration objects
     #
     # @return [Hash<String,Hippo::ObjectDefinition>]
     def configs
-      Util.create_object_definitions(objects('config'), self)
+      @configs ||= Util.create_object_definitions(objects('config'), self)
     end
 
     # Return an array of all job objects
     #
     # @return [Hash<String,Hippo::ObjectDefinition>]
     def jobs(type)
-      Util.create_object_definitions(objects("jobs/#{type}"), self)
+      @jobs ||= {}
+      @jobs[type] ||= Util.create_object_definitions(objects("jobs/#{type}"), self)
+    end
+
+    # Return a hash of all packages available in the stage
+    #
+    # @return [Hash<String, Hippo::Package>]
+    def packages
+      @packages ||= objects('packages').values.each_with_object({}) do |package_hash, hash|
+        package = Package.new(package_hash.first, self)
+        hash[package.name] = package
+      end
+    end
+
+    # Return any package values that have been defined
+    #
+    # @return [Hash]
+    def overridden_package_values
+      @options['packages'] || {}
     end
 
     # Return a kubectl command ready for use within this stage's
@@ -109,7 +144,7 @@ module Hippo
     # @param objects [Array<Hippo::ObjectDefinition>]
     # @return [Hash]
     def apply(objects)
-      yaml_to_apply = objects.map(&:yaml).join("\n")
+      yaml_to_apply = objects.map(&:yaml_to_apply).join("\n")
 
       command = ['kubectl']
       command += ['--context', context] if context
@@ -144,13 +179,12 @@ module Hippo
     # @return [Array<Hippo::ObjectDefinition>]
     def get(*names)
       command = kubectl('get', '-o', 'yaml', *names)
-      Open3.popen3(*command) do |_, stdout, stderr, wt|
-        raise Error, "[kutectl] #{stderr.read}" unless wt.value.success?
+      stdout, stderr, status = Open3.capture3(*command)
+      raise Error, "[kubectl] #{stderr}" unless status.success?
 
-        yaml = YAML.safe_load(stdout.read, permitted_classes: [Time])
-        yaml = yaml['items'] || [yaml]
-        yaml.map { |y| ObjectDefinition.new(y, self, clean: true) }
-      end
+      yaml = YAML.safe_load(stdout, permitted_classes: [Time])
+      yaml = yaml['items'] || [yaml]
+      yaml.map { |y| ObjectDefinition.new(y, self, clean: true) }
     end
 
     # Delete an object from the kubernetes API

data/lib/hippo/util.rb

@@ -68,6 +68,40 @@ module Hippo
           tmpfile.unlink
         end
       end
+
+      def confirm(question)
+        response = ask(question)
+        if %w[yes y].include?(response.downcase)
+          puts
+          true
+        else
+          false
+        end
+      end
+
+      def select(question, items)
+        items.each_with_index do |item, index|
+          puts "#{index + 1}) #{item}"
+        end
+        selected_item = nil
+
+        until selected_item
+          response = ask(question)
+          selected_item = items[response.to_i - 1]
+          if selected_item.nil?
+            puts "\e[31mThat is not a valid option. Try again.\e[0m"
+          end
+        end
+
+        selected_item
+      end
+
+      def ask(question, default: nil)
+        puts "\e[35m#{question}\e[0m" + (default ? " [#{default}]" : '')
+        response = STDIN.gets
+        response = response.to_s.strip
+        response.empty? ? default : response
+      end
     end
   end
 end

data/lib/hippo/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Hippo
-  VERSION = '1.1.0'
+  VERSION = '1.1.1'
 end

data/template/Hippofile

@@ -7,8 +7,16 @@ name: myapp
 
 images:
   main:
-    repository: git@github.com:myorg/myapp
-    url: myorg/myapp
+    host: index.docker.io
+    name: myorg/myapp
+    tag: latest
+    # Alternatively, load the tag name from the current HEAD commit of a
+    # branch of a remote repository...
+    #
+    # tag:
+    #   fromRepository:
+    #     url: git@github.com:myorg/myapp
+    #     branch: master
 
 # If you wish, you can define a console command that allows you to easil
 # open a console using `hippo [stage] console`

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hippo-cli
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.1
 platform: ruby
 authors:
 - Adam Cooke
@@ -30,7 +30,7 @@ cert_chain:
   3wUJNGnT5XYq+qvTqmjkTSTfdGvZCM63C6bGdN5CAyMokGOOatGqyCMAONolWnfC
   gm3t2GWWrxY=
   -----END CERTIFICATE-----
-date: 2020-02-01 00:00:00.000000000 Z
+date: 2020-02-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: encryptor
@@ -92,6 +92,26 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: secure_random_string
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: swamp-cli
   requirement: !ruby/object:Gem::Requirement
@@ -124,34 +144,45 @@ files:
 - cli/apply_config.rb
 - cli/apply_services.rb
 - cli/console.rb
+- cli/create.rb
 - cli/deploy.rb
 - cli/help.rb
 - cli/init.rb
 - cli/install.rb
+- cli/key.rb
 - cli/kubectl.rb
-- cli/secrets_edit.rb
-- cli/secrets_key.rb
+- cli/logs.rb
+- cli/objects.rb
+- cli/package_install.rb
+- cli/package_list.rb
+- cli/package_notes.rb
+- cli/package_test.rb
+- cli/package_uninstall.rb
+- cli/package_upgrade.rb
+- cli/package_values.rb
+- cli/prepare.rb
+- cli/run.rb
+- cli/secrets.rb
+- cli/stages.rb
+- cli/status.rb
+- cli/vars.rb
+- cli/version.rb
 - lib/hippo.rb
+- lib/hippo/bootstrap_parser.rb
 - lib/hippo/cli.rb
 - lib/hippo/deployment_monitor.rb
 - lib/hippo/error.rb
+- lib/hippo/extensions.rb
 - lib/hippo/image.rb
 - lib/hippo/manifest.rb
 - lib/hippo/object_definition.rb
-- lib/hippo/secret.rb
+- lib/hippo/package.rb
+- lib/hippo/repository_tag.rb
 - lib/hippo/secret_manager.rb
 - lib/hippo/stage.rb
 - lib/hippo/util.rb
 - lib/hippo/version.rb
 - template/Hippofile
-- template/config/env-vars.yaml
-- template/deployments/web.yaml
-- template/deployments/worker.yaml
-- template/jobs/deploy/db-migration.yaml
-- template/jobs/install/load-schema.yaml
-- template/services/main.ingress.yaml
-- template/services/web.svc.yaml
-- template/stages/production.yaml
 homepage: https://github.com/adamcooke/hippo
 licenses:
 - MIT

data/cli/secrets_edit.rb

@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-command :'secrets:edit' do
-  desc 'Create/edit an encrypted secrets file'
-
-  action do |context|
-    require 'hippo/cli'
-    cli = Hippo::CLI.setup(context)
-
-    secret_name = context.args[0]
-    raise Hippo::Error, 'You must provide a secret name' if secret_name.nil?
-
-    manager = cli.stage.secret_manager
-    unless manager.key_available?
-      puts "\e[31mNo key has been published for this stage yet.\e[0m"
-      puts "Use `hippo #{cli.stage.name} secrets:key --generate` to generate one."
-      exit 2
-    end
-
-    secret = manager.secret(secret_name)
-    if secret.exists?
-      secret.edit
-    else
-      puts "No secret exists at #{secret.path}. Would you like to create one?"
-      response = STDIN.gets.strip.downcase.strip
-      if %w[y yes please].include?(response)
-        secret.create
-        secret.edit
-      else
-        puts 'Not a problem. You can make it later.'
-      end
-    end
-  end
-end

data/cli/secrets_key.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-command :'secrets:key' do
-  desc 'Display/generate details about the secret encryption key'
-
-  action do |context|
-    require 'hippo/cli'
-    cli = Hippo::CLI.setup(context)
-    sm = cli.stage.secret_manager
-    if sm.key_available?
-      puts 'Secret encryption key is stored in secret/hippo-secret-key.'
-    else
-      puts 'Secret encryption key has not been generated yet.'
-      puts 'Generate a new using:'
-      puts
-      puts "     hippo #{cli.stage.name} secrets:key --generate"
-      puts
-    end
-  end
-end

data/lib/hippo/secret.rb

@@ -1,112 +0,0 @@
-# frozen_string_literal: true
-
-module Hippo
-  class Secret
-    HEADER = [
-      '# This file is encrypted and managed by Hippo.',
-      '# Use `hippo [stage] secrets:edit [name]` to make changes to it.',
-      '#',
-      '# Note: this cannot be applied directly to your Kubernetes server because',
-      '# HippoEncryptedSecret is not a valid object. It will be automatically ',
-      '# converted to a Secret when it is applied by Hippo.'
-    ].join("\n")
-
-    EDIT_HEADER = [
-      '# This file has been unencrypted for you to edit it.',
-      '# Make your changes and close your edit to re-encrypt and save the file.',
-      '# You can change the apiVersion or add any additional metadata.',
-      '#',
-      '# You should not change the kind of document, it should be HippoEncryptedSecret.'
-    ].join("\n")
-
-    def initialize(manager, name)
-      @manager = manager
-      @name = name
-    end
-
-    # Return the path where this secret is stored
-    #
-    # @return [String]
-    def path
-      File.join(@manager.root, "#{@name}.yaml")
-    end
-
-    # Does this secret exist yet?
-    #
-    # @return [Boolean]
-    def exists?
-      File.file?(path)
-    end
-
-    # Create a new empty secret file on the file system
-    #
-    # @return [void]
-    def create
-      return if exists?
-
-      od = ObjectDefinition.new(
-        {
-          'kind' => 'HippoEncryptedSecret',
-          'apiVersion' => 'v1',
-          'metadata' => {
-            'name' => @name
-          },
-          'data' => {
-            'example-value' => @manager.encrypt('This is an example encrypted value!')
-          }
-        },
-        @manager.stage,
-        clean: true
-      )
-      File.open(path, 'w') { |f| f.write(HEADER + "\n" + od.yaml) }
-    end
-
-    # Read the value from the file and decrypt all values that are present
-    #
-    # @return [String]
-    def editable_yaml
-      return unless exists?
-
-      objects = Util.load_yaml_from_file(path)
-      objects.each do |hash|
-        hash['data'].each do |key, value|
-          hash['data'][key] = @manager.decrypt(value)
-        end
-      end
-
-      objects.map(&:to_yaml).join("\n---\n")
-    end
-
-    # Edit this secret
-    #
-    # @return [void]
-    def edit
-      contents = Util.open_in_editor("secret-#{@name}", EDIT_HEADER + "\n" + editable_yaml)
-      yamls = Util.load_yaml_from_data(contents)
-      ods = Util.create_object_definitions({ 'secret' => yamls }, @manager.stage, required_kinds: ['HippoEncryptedSecret'], clean: true)
-      ods.each do |od|
-        od['data'].each do |key, value|
-          od['data'][key] = @manager.encrypt(value)
-        end
-      end
-      File.open(path, 'w') { |f| f.write(HEADER + "\n" + ods.map(&:yaml).join("\n---\n")) }
-    rescue StandardError => e
-      puts "Failed to edit secret (#{e.message})"
-      retry
-    end
-
-    # Return this secret as it can be exported to kubernetes
-    #
-    # @return [Array<ObjectDefinition>]
-    def applyable_yaml
-      objects = Util.load_yaml_from_file(path)
-      objects = objects.each do |hash|
-        hash['kind'] = 'Secret'
-        hash['data'].each do |key, value|
-          hash['data'][key] = Base64.encode64(@manager.decrypt(value)).gsub("\n", '')
-        end
-      end
-      Util.create_object_definitions({ 'secret' => objects }, @manager.stage)
-    end
-  end
-end