jets 0.6.9 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +1 -1
- data/lib/jets/cfn/template_builders.rb +1 -0
- data/lib/jets/cfn/template_builders/base_child_builder.rb +7 -3
- data/lib/jets/cfn/template_builders/function_properties/base_builder.rb +2 -2
- data/lib/jets/cfn/template_builders/iam_policy/application_policy.rb +2 -1
- data/lib/jets/cfn/template_builders/managed_iam_policy.rb +6 -0
- data/lib/jets/cfn/template_builders/managed_iam_policy/application_policy.rb +11 -0
- data/lib/jets/cfn/template_builders/managed_iam_policy/base_policy.rb +22 -0
- data/lib/jets/cfn/template_builders/managed_iam_policy/class_policy.rb +10 -0
- data/lib/jets/cfn/template_builders/managed_iam_policy/function_policy.rb +10 -0
- data/lib/jets/cfn/template_mappers/iam_policy/application_policy_mapper.rb +9 -0
- data/lib/jets/cfn/template_mappers/iam_policy/base_policy_mapper.rb +6 -1
- data/lib/jets/cfn/template_mappers/iam_policy/class_policy_mapper.rb +10 -0
- data/lib/jets/cfn/template_mappers/iam_policy/function_policy_mapper.rb +10 -0
- data/lib/jets/lambda/dsl.rb +32 -6
- data/lib/jets/lambda/task.rb +6 -1
- data/lib/jets/version.rb +1 -1
- metadata +7 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9aa29acf2df1aa6895322b3ca3b552ec19588dfbf30572c1c48669c49476fa5b
|
|
4
|
+
data.tar.gz: f8447813c033772d32e7799f6163cebfb5db60d2e44b7538a500e90c4750db6f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 55c640eb1ce2bce89e4e8d22756491c0bef3d29a692ffa67ece43f8a9be202e0f79853347b02fba4e29272c98bbdda08f048cdffd0bfd4ce8ba6aa2898850ba3
|
|
7
|
+
data.tar.gz: ccd75d822e8289486b14839499c6bf69e907fcd7b8a22a138f25189bb31ae5d78db3adcf2763c31cb0acb6ece0a7892ed5d27a3353af10ec7d36533fc52f2463
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,10 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
|
5
5
|
|
|
6
|
+
## [0.7.0]
|
|
7
|
+
- add managed_iam_policy concept, pull request #19
|
|
8
|
+
- bump to 0.7.0, enough changes since 0.6.x
|
|
9
|
+
|
|
6
10
|
## [0.6.9]
|
|
7
11
|
- add aws managed rule support, pull request #18
|
|
8
12
|
|
data/Gemfile.lock
CHANGED
|
@@ -20,5 +20,6 @@ class Jets::Cfn
|
|
|
20
20
|
# separate beasts:
|
|
21
21
|
autoload :FunctionProperties, "jets/cfn/template_builders/function_properties" # sort of a builder
|
|
22
22
|
autoload :IamPolicy, "jets/cfn/template_builders/iam_policy" # resource only
|
|
23
|
+
autoload :ManagedIamPolicy, "jets/cfn/template_builders/managed_iam_policy" # resource only
|
|
23
24
|
end
|
|
24
25
|
end
|
|
@@ -20,10 +20,10 @@ class Jets::Cfn::TemplateBuilders
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def add_functions
|
|
23
|
-
add_class_iam_policy
|
|
23
|
+
add_class_iam_policy
|
|
24
24
|
@app_klass.tasks.each do |task|
|
|
25
25
|
add_function(task)
|
|
26
|
-
|
|
26
|
+
add_function_iam_policy(task)
|
|
27
27
|
end
|
|
28
28
|
end
|
|
29
29
|
|
|
@@ -38,13 +38,17 @@ class Jets::Cfn::TemplateBuilders
|
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
def add_class_iam_policy
|
|
41
|
+
return unless @app_klass.build_class_iam?
|
|
42
|
+
|
|
41
43
|
map = Jets::Cfn::TemplateMappers::IamPolicy::ClassPolicyMapper.new(@app_klass)
|
|
42
44
|
logical_id = map.logical_id
|
|
43
45
|
properties = map.properties
|
|
44
46
|
add_resource(logical_id, "AWS::IAM::Role", properties)
|
|
45
47
|
end
|
|
46
48
|
|
|
47
|
-
def
|
|
49
|
+
def add_function_iam_policy(task)
|
|
50
|
+
return unless task.build_function_iam?
|
|
51
|
+
|
|
48
52
|
map = Jets::Cfn::TemplateMappers::IamPolicy::FunctionPolicyMapper.new(task)
|
|
49
53
|
logical_id = map.logical_id
|
|
50
54
|
properties = map.properties
|
|
@@ -88,7 +88,7 @@ module Jets::Cfn::TemplateBuilders::FunctionProperties
|
|
|
88
88
|
# klass is PostsController, HardJob, GameRule, Hello or HelloFunction
|
|
89
89
|
klass = Jets::Klass.from_task(@task)
|
|
90
90
|
class_properties = klass.class_properties
|
|
91
|
-
if klass.
|
|
91
|
+
if klass.build_class_iam?
|
|
92
92
|
map = Jets::Cfn::TemplateMappers::IamPolicy::ClassPolicyMapper.new(klass)
|
|
93
93
|
class_properties[:Role] = "!GetAtt #{map.logical_id}.Arn"
|
|
94
94
|
end
|
|
@@ -112,7 +112,7 @@ module Jets::Cfn::TemplateBuilders::FunctionProperties
|
|
|
112
112
|
#
|
|
113
113
|
def function_properties
|
|
114
114
|
properties = @task.properties
|
|
115
|
-
if @task.
|
|
115
|
+
if @task.build_function_iam?
|
|
116
116
|
map = Jets::Cfn::TemplateMappers::IamPolicy::FunctionPolicyMapper.new(@task)
|
|
117
117
|
properties[:Role] = "!GetAtt #{map.logical_id}.Arn"
|
|
118
118
|
end
|
|
@@ -6,7 +6,8 @@ module Jets::Cfn::TemplateBuilders::IamPolicy
|
|
|
6
6
|
class ApplicationPolicy < BasePolicy
|
|
7
7
|
def initialize
|
|
8
8
|
setup
|
|
9
|
-
@definitions = Jets.config.iam_policy
|
|
9
|
+
@definitions = Jets.config.iam_policy # config.iam_policy contains definitions
|
|
10
|
+
@definitions = [@definitions].flatten if @definitions
|
|
10
11
|
end
|
|
11
12
|
|
|
12
13
|
# Example: PostsControllerPolicy or SleepJobPolicy
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
module Jets::Cfn::TemplateBuilders::ManagedIamPolicy
|
|
2
|
+
autoload :ApplicationPolicy, "jets/cfn/template_builders/managed_iam_policy/application_policy"
|
|
3
|
+
autoload :BasePolicy, "jets/cfn/template_builders/managed_iam_policy/base_policy"
|
|
4
|
+
autoload :ClassPolicy, "jets/cfn/template_builders/managed_iam_policy/class_policy"
|
|
5
|
+
autoload :FunctionPolicy, "jets/cfn/template_builders/managed_iam_policy/function_policy"
|
|
6
|
+
end
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# Implements:
|
|
2
|
+
# initialize
|
|
3
|
+
#
|
|
4
|
+
module Jets::Cfn::TemplateBuilders::ManagedIamPolicy
|
|
5
|
+
class ApplicationPolicy < BasePolicy
|
|
6
|
+
def initialize
|
|
7
|
+
@definitions = Jets.config.managed_iam_policy # config.managed_iam_policy contains definitions
|
|
8
|
+
@definitions = [@definitions].flatten if @definitions
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
# Classes that inherit this Base class should implement:
|
|
2
|
+
#
|
|
3
|
+
# initialize - each initializer has a different signature
|
|
4
|
+
#
|
|
5
|
+
module Jets::Cfn::TemplateBuilders::ManagedIamPolicy
|
|
6
|
+
class BasePolicy
|
|
7
|
+
extend Memoist
|
|
8
|
+
attr_reader :definitions
|
|
9
|
+
|
|
10
|
+
def arns
|
|
11
|
+
definitions.map { |definition| standardize(definition) }
|
|
12
|
+
end
|
|
13
|
+
memoize :arns # only process arns once
|
|
14
|
+
|
|
15
|
+
# AmazonEC2ReadOnlyAccess => arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess
|
|
16
|
+
def standardize(definition)
|
|
17
|
+
return definition if definition.include?('iam::aws:policy')
|
|
18
|
+
|
|
19
|
+
"arn:aws:iam::aws:policy/#{definition}"
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
#
|
|
3
3
|
# initialize
|
|
4
4
|
# iam_policy
|
|
5
|
+
# managed_iam_policy
|
|
5
6
|
# logical_id
|
|
6
7
|
# role_name
|
|
7
8
|
#
|
|
@@ -9,11 +10,19 @@ module Jets::Cfn::TemplateMappers::IamPolicy
|
|
|
9
10
|
class ApplicationPolicyMapper < BasePolicyMapper
|
|
10
11
|
def initialize; end # does nothing
|
|
11
12
|
|
|
13
|
+
# Assume we always have at least some baseline iam policy permissions.
|
|
12
14
|
def iam_policy
|
|
13
15
|
Jets::Cfn::TemplateBuilders::IamPolicy::ApplicationPolicy.new
|
|
14
16
|
end
|
|
15
17
|
memoize :iam_policy
|
|
16
18
|
|
|
19
|
+
def managed_iam_policy
|
|
20
|
+
return unless Jets.config.managed_iam_policy
|
|
21
|
+
|
|
22
|
+
Jets::Cfn::TemplateBuilders::ManagedIamPolicy::ApplicationPolicy.new
|
|
23
|
+
end
|
|
24
|
+
memoize :managed_iam_policy
|
|
25
|
+
|
|
17
26
|
# Example: PostsControllerLambdaFunction
|
|
18
27
|
# Note there are is no "Show" action in the name
|
|
19
28
|
def logical_id
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
#
|
|
3
3
|
# initialize
|
|
4
4
|
# iam_policy
|
|
5
|
+
# managed_iam_policy
|
|
5
6
|
# logical_id
|
|
6
7
|
# role_name
|
|
7
8
|
#
|
|
@@ -20,10 +21,14 @@ module Jets::Cfn::TemplateMappers::IamPolicy
|
|
|
20
21
|
]},
|
|
21
22
|
Path: "/"
|
|
22
23
|
}
|
|
24
|
+
|
|
23
25
|
properties[:Policies] = [
|
|
24
26
|
PolicyName: iam_policy.policy_name,
|
|
25
27
|
PolicyDocument: iam_policy.policy_document,
|
|
26
|
-
]
|
|
28
|
+
] if iam_policy
|
|
29
|
+
|
|
30
|
+
properties[:ManagedPolicyArns] = managed_iam_policy.arns if managed_iam_policy
|
|
31
|
+
|
|
27
32
|
properties[:RoleName] = role_name
|
|
28
33
|
properties.deep_stringify_keys!
|
|
29
34
|
properties
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
#
|
|
3
3
|
# initialize
|
|
4
4
|
# iam_policy
|
|
5
|
+
# managed_iam_policy
|
|
5
6
|
# logical_id
|
|
6
7
|
# role_name
|
|
7
8
|
#
|
|
@@ -13,10 +14,19 @@ module Jets::Cfn::TemplateMappers::IamPolicy
|
|
|
13
14
|
end
|
|
14
15
|
|
|
15
16
|
def iam_policy
|
|
17
|
+
return unless @app_class.class_iam_policy
|
|
18
|
+
|
|
16
19
|
Jets::Cfn::TemplateBuilders::IamPolicy::ClassPolicy.new(@app_class)
|
|
17
20
|
end
|
|
18
21
|
memoize :iam_policy
|
|
19
22
|
|
|
23
|
+
def managed_iam_policy
|
|
24
|
+
return unless @app_class.class_managed_iam_policy
|
|
25
|
+
|
|
26
|
+
Jets::Cfn::TemplateBuilders::ManagedIamPolicy::ClassPolicy.new(@app_class)
|
|
27
|
+
end
|
|
28
|
+
memoize :managed_iam_policy
|
|
29
|
+
|
|
20
30
|
# Example: PostsControllerLambdaFunction
|
|
21
31
|
# Note there are is no "Show" action in the name
|
|
22
32
|
# There should be no namespace in the logical_id.
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
#
|
|
3
3
|
# initialize
|
|
4
4
|
# iam_policy
|
|
5
|
+
# managed_iam_policy
|
|
5
6
|
# logical_id
|
|
6
7
|
# role_name
|
|
7
8
|
#
|
|
@@ -14,10 +15,19 @@ module Jets::Cfn::TemplateMappers::IamPolicy
|
|
|
14
15
|
end
|
|
15
16
|
|
|
16
17
|
def iam_policy
|
|
18
|
+
return unless @task.iam_policy
|
|
19
|
+
|
|
17
20
|
Jets::Cfn::TemplateBuilders::IamPolicy::FunctionPolicy.new(@task)
|
|
18
21
|
end
|
|
19
22
|
memoize :iam_policy
|
|
20
23
|
|
|
24
|
+
def managed_iam_policy
|
|
25
|
+
return unless @task.managed_iam_policy
|
|
26
|
+
|
|
27
|
+
Jets::Cfn::TemplateBuilders::ManagedIamPolicy::FunctionPolicy.new(@task)
|
|
28
|
+
end
|
|
29
|
+
memoize :managed_iam_policy
|
|
30
|
+
|
|
21
31
|
# Example: PostsControllerShowLambdaFunction
|
|
22
32
|
# There should be no namespace in the logical_id.
|
|
23
33
|
def logical_id
|
data/lib/jets/lambda/dsl.rb
CHANGED
|
@@ -80,7 +80,16 @@ module Jets::Lambda::Dsl
|
|
|
80
80
|
end
|
|
81
81
|
alias_method :props, :properties
|
|
82
82
|
|
|
83
|
-
# definitions: one more
|
|
83
|
+
# definitions: one or more definitions
|
|
84
|
+
def iam_policy(*definitions)
|
|
85
|
+
if definitions.empty?
|
|
86
|
+
@iam_policy
|
|
87
|
+
else
|
|
88
|
+
@iam_policy = definitions.flatten
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
# definitions: one or more definitions
|
|
84
93
|
def class_iam_policy(*definitions)
|
|
85
94
|
if definitions.empty?
|
|
86
95
|
@class_iam_policy
|
|
@@ -89,15 +98,28 @@ module Jets::Lambda::Dsl
|
|
|
89
98
|
end
|
|
90
99
|
end
|
|
91
100
|
|
|
92
|
-
# definitions: one more
|
|
93
|
-
def
|
|
101
|
+
# definitions: one or more definitions
|
|
102
|
+
def managed_iam_policy(*definitions)
|
|
94
103
|
if definitions.empty?
|
|
95
|
-
@
|
|
104
|
+
@managed_iam_policy
|
|
96
105
|
else
|
|
97
|
-
@
|
|
106
|
+
@managed_iam_policy = definitions.flatten
|
|
98
107
|
end
|
|
99
108
|
end
|
|
100
109
|
|
|
110
|
+
# definitions: one or more definitions
|
|
111
|
+
def class_managed_iam_policy(*definitions)
|
|
112
|
+
if definitions.empty?
|
|
113
|
+
@class_managed_iam_policy
|
|
114
|
+
else
|
|
115
|
+
@class_managed_iam_policy = definitions.flatten
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
def build_class_iam?
|
|
120
|
+
!!(class_iam_policy || class_managed_iam_policy)
|
|
121
|
+
end
|
|
122
|
+
|
|
101
123
|
# meth is a Symbol
|
|
102
124
|
def method_added(meth)
|
|
103
125
|
return if %w[initialize method_missing].include?(meth.to_s)
|
|
@@ -111,7 +133,10 @@ module Jets::Lambda::Dsl
|
|
|
111
133
|
# We adjust the class name when we build the functions later in
|
|
112
134
|
# FunctionContstructor#adjust_tasks.
|
|
113
135
|
all_tasks[meth] = Jets::Lambda::Task.new(self.name, meth,
|
|
114
|
-
properties: @properties,
|
|
136
|
+
properties: @properties,
|
|
137
|
+
iam_policy: @iam_policy,
|
|
138
|
+
managed_iam_policy: @managed_iam_policy,
|
|
139
|
+
lang: lang)
|
|
115
140
|
|
|
116
141
|
# Done storing options, clear out for the next added method.
|
|
117
142
|
clear_properties
|
|
@@ -129,6 +154,7 @@ module Jets::Lambda::Dsl
|
|
|
129
154
|
def clear_properties
|
|
130
155
|
@properties = nil
|
|
131
156
|
@iam_policy = nil
|
|
157
|
+
@managed_iam_policy = nil
|
|
132
158
|
end
|
|
133
159
|
|
|
134
160
|
# Returns the all tasks for this class with their method names as keys.
|
data/lib/jets/lambda/task.rb
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class Jets::Lambda::Task
|
|
2
2
|
attr_accessor :class_name, :type
|
|
3
|
-
attr_reader :meth, :properties, :iam_policy, :lang
|
|
3
|
+
attr_reader :meth, :properties, :iam_policy, :managed_iam_policy, :lang
|
|
4
4
|
def initialize(class_name, meth, options={})
|
|
5
5
|
@class_name = class_name.to_s # use at EventsRuleMapper#full_task_name
|
|
6
6
|
@meth = meth
|
|
@@ -8,9 +8,14 @@ class Jets::Lambda::Task
|
|
|
8
8
|
@type = options[:type] || get_type # controller, job, or function
|
|
9
9
|
@properties = options[:properties] || {}
|
|
10
10
|
@iam_policy = options[:iam_policy]
|
|
11
|
+
@managed_iam_policy = options[:managed_iam_policy]
|
|
11
12
|
@lang = options[:lang] || :ruby
|
|
12
13
|
end
|
|
13
14
|
|
|
15
|
+
def build_function_iam?
|
|
16
|
+
!!(@iam_policy || @managed_iam_policy)
|
|
17
|
+
end
|
|
18
|
+
|
|
14
19
|
def name
|
|
15
20
|
@meth
|
|
16
21
|
end
|
data/lib/jets/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jets
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-08-
|
|
11
|
+
date: 2018-08-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thor
|
|
@@ -446,6 +446,11 @@ files:
|
|
|
446
446
|
- lib/jets/cfn/template_builders/iam_policy/function_policy.rb
|
|
447
447
|
- lib/jets/cfn/template_builders/interface.rb
|
|
448
448
|
- lib/jets/cfn/template_builders/job_builder.rb
|
|
449
|
+
- lib/jets/cfn/template_builders/managed_iam_policy.rb
|
|
450
|
+
- lib/jets/cfn/template_builders/managed_iam_policy/application_policy.rb
|
|
451
|
+
- lib/jets/cfn/template_builders/managed_iam_policy/base_policy.rb
|
|
452
|
+
- lib/jets/cfn/template_builders/managed_iam_policy/class_policy.rb
|
|
453
|
+
- lib/jets/cfn/template_builders/managed_iam_policy/function_policy.rb
|
|
449
454
|
- lib/jets/cfn/template_builders/parent_builder.rb
|
|
450
455
|
- lib/jets/cfn/template_builders/rule_builder.rb
|
|
451
456
|
- lib/jets/cfn/template_builders/templates/minimal-stack.yml
|