RubyGems - kakine - Versions diffs - 0.1.0 - Mend

kakine 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 4768538b225d648ebf64a3eb52c7a2841cb14334
+  data.tar.gz: 5361d5d1eb968a8d238910ff5995fb4ee3b53592
+SHA512:
+  metadata.gz: 5b8b3bc37780557a3c8fe2edd9209aa3f7f36e5de23bd0135f68aff7b541401609e4f77f70c04a3d0a6c803c4403c9d323be2e6d04bd2ed83ca5a620f4573cec
+  data.tar.gz: 5f8b2b5c7389bd4faea0752ff304dada6e433255d5dee7d926c7ec15df4d8281edab36b65597245e36f1157324caa7743c487354aa5ef5d13b4485de3b39bb88

data/.gitignore ADDED

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/*.yaml

data/.travis.yml ADDED

@@ -0,0 +1,5 @@
+language: ruby
+rvm:
+  - 2.0.0
+  - 2.1.6
+  - 2.2.2

data/Gemfile ADDED

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in kakine.gemspec
+gemspec

data/README.md ADDED

@@ -0,0 +1,83 @@
+# Kakine
+[![Build Status](https://secure.travis-ci.org/hsbt/kaname.png)](https://travis-ci.org/hsbt/kaname)
+Kakine(垣根) is configuration management tool of Security Group on OpenStack.
+## Installation
+Add this line to your application's Gemfile:
+```ruby
+gem 'kakine'
+```
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install kakine
+## Usage
+You can define Security Group configuration for OpenStack via YAML format. Like following syntax.
+```yaml
+app:
+  - direction: ingress
+    protocol: tcp
+    port: 443
+    remote_ip: 0.0.0.0/0
+  - direction: ingress
+    protocol: tcp
+    port: 80
+    remote_ip: 0.0.0.0/0
+rails:
+  - direction: ingress
+    protocol: tcp
+    port: 3000
+    remote_ip: 0.0.0.0/0
+```
+You need to put fog configuration to home directory.
+```sh
+% cat ~/.fog
+default:
+  openstack_auth_url: "http://your-openstack-endpoint/v2.0/tokens"
+  openstack_username: "admin"
+  openstack_tenant: "admin"
+  openstack_api_key: "admin-no-password"
+```
+run following command.
+```sh
+$ kakine show tenant_name # show Security Group of tenant_name
+$ kaname apply tenant_name --dryrun # You can see all of invoke commands(dryrun)
+$ kaname apply tenant_name # apply configuration into OpenStack
+```
+You can create or change Security Group on targeting tenant.
+If you need to initialize your Security Gruop, you can get it via following command:
+```sh
+$ kaname show tenant_name > tenant_name.yaml
+```
+## Development
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `bin/console` for an interactive prompt that will allow you to experiment.
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release` to create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+## Contributing
+1. Fork it ( https://github.com/hsbt/kakine/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile ADDED

@@ -0,0 +1,9 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+Rake::TestTask.new do |t|
+  t.libs << "test"
+  t.test_files = FileList['test/test_*.rb']
+end
+task(default: :test)

data/bin/console ADDED

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+require "bundler/setup"
+require "kakine"
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+require "irb"
+IRB.start

data/bin/setup ADDED

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+IFS=$'\n\t'
+bundle install
+# Do any other automated setup that you need to do here

data/exe/kakine ADDED

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+$: << File.expand_path("#{File.dirname __FILE__}/../lib")
+require 'rubygems'
+require 'kakine'
+Kakine::CLI.start

data/kakine.gemspec ADDED

@@ -0,0 +1,30 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'kakine/version'
+Gem::Specification.new do |spec|
+  spec.name          = "kakine"
+  spec.version       = Kakine::VERSION
+  spec.authors       = ["SHIBATA Hiroshi"]
+  spec.email         = ["hsbt@ruby-lang.org"]
+  spec.summary       = %q{Security Group configuration tool for OpenStack.}
+  spec.description   = %q{Security Group configuration tool for OpenStack. You can apply simple YAML definition into Security Group on OpenStack.}
+  spec.homepage      = "https://github.com/hsbt/kakine"
+  spec.license       = "MIT"
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+  spec.add_dependency 'fog'
+  spec.add_dependency 'thor'
+  spec.add_dependency 'hashdiff'
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "minitest"
+  spec.add_development_dependency "mocha"
+end

data/lib/kakine.rb ADDED

@@ -0,0 +1,7 @@
+require "kakine/version"
+require 'kakine/cli'
+require 'kakine/adapter'
+require 'kakine/resource'
+module Kakine
+end

data/lib/kakine/adapter.rb ADDED

	@@ -0,0 +1,2 @@
1	+ require 'kakine/adapter/real'
2	+ require 'kakine/adapter/mock'

data/lib/kakine/adapter/mock.rb ADDED

@@ -0,0 +1,34 @@
+module Kakine
+  class Adapter
+    class Mock
+      def create_rule(security_group_id, direction, attributes)
+        attributes.delete("direction")
+        if attributes["port"]
+          attributes["port_range_max"] = attributes["port_range_min"] = attributes.delete("port")
+        end
+        if attributes["remote_ip"]
+          attributes["remote_ip_prefix"] = attributes.delete("remote_ip")
+        end
+        data = {}
+        attributes.each{|k,v| data[k.to_sym] = v}
+        puts "Create Rule: #{security_group_id} - #{direction}: #{attributes}"
+      end
+      def delete_rule(security_group_rule_id)
+        puts "Delete Rule: #{security_group_rule_id}"
+      end
+      def create_security_group(attributes)
+        data = {}
+        attributes.each{|k,v| data[k.to_sym] = v}
+        puts "Create Security Group: #{data}"
+        "[Mock] #{attributes[:name]} ID"
+      end
+      def delete_security_group(security_group_id)
+        puts "Delete Security Group: #{security_group_id}"
+      end
+    end
+  end
+end

data/lib/kakine/adapter/real.rb ADDED

@@ -0,0 +1,34 @@
+module Kakine
+  class Adapter
+    class Real
+      def create_rule(security_group_id, direction, attributes)
+        attributes.delete("direction")
+        if attributes["port"]
+          attributes["port_range_max"] = attributes["port_range_min"] = attributes.delete("port")
+        end
+        if attributes["remote_ip"]
+          attributes["remote_ip_prefix"] = attributes.delete("remote_ip")
+        end
+        data = {}
+        attributes.each{|k,v| data[k.to_sym] = v}
+        Fog::Network[:openstack].create_security_group_rule(security_group_id, direction, data)
+      end
+      def delete_rule(security_group_rule_id)
+        Fog::Network[:openstack].delete_security_group_rule(security_group_rule_id)
+      end
+      def create_security_group(attributes)
+        data = {}
+        attributes.each{|k,v| data[k.to_sym] = v}
+        response = Fog::Network[:openstack].create_security_group(data)
+        response.data[:body]["security_group"]["id"]
+      end
+      def delete_security_group(security_group_id)
+        Fog::Network[:openstack].delete_security_group(security_group_id)
+      end
+    end
+  end
+end

data/lib/kakine/cli.rb ADDED

@@ -0,0 +1,70 @@
+require 'thor'
+require 'fog'
+require 'yaml'
+require 'hashdiff'
+module Kakine
+  class CLI < Thor
+    option :tenant, type: :string, aliases: '-t'
+    desc 'show', 'show Security Groups specified tenant'
+    def show
+      puts Kakine::Resource.security_groups_hash(options[:tenant]).to_yaml
+    end
+    option :tenant, type: :string, aliases: "-t"
+    option :dryrun, type: :boolean, aliases: "-d"
+    option :filename, type: :string, aliases: "-f"
+    desc 'apply', "apply local configuration into OpenStack"
+    def apply
+      adapter = if options[:dryrun]
+        Kakine::Adapter::Mock.new
+      else
+        Kakine::Adapter::Real.new
+      end
+      filename = options[:filename] ? options[:filename] : "#{options[:tenant]}.yaml"
+      diffs = HashDiff.diff(Kakine::Resource.security_groups_hash(options[:tenant]), Kakine::Resource.yaml(filename))
+      diffs.each do |diff|
+        sg_name, rule_modification = *diff[1].scan(/^([\w-]+)(\[\d\])?/)[0]
+        if rule_modification # foo[2]
+          security_group = Kakine::Resource.security_group(options[:tenant], sg_name)
+          if diff[2]["remote_group"]
+            remote_security_group = Kakine::Resource.security_group(options[:tenant], diff[2].delete("remote_group"))
+            diff[2]["remote_group_id"] = remote_security_group.id
+          end
+          case diff[0]
+          when "+"
+            diff[2].merge!({"ethertype" => "IPv4", "tenant_id" => Kakine::Resource.tenant(options[:tenant]).id})
+            adapter.create_rule(security_group.id, diff[2]["direction"], diff[2])
+          when "-"
+            security_group_rule = Kakine::Resource.security_group_rule(security_group, diff[2])
+            adapter.delete_rule(security_group_rule.id)
+          else
+            raise
+          end
+        else # foo
+          case diff[0]
+          when "+"
+            attributes = {name: sg_name, description: "", tenant_id: Kakine::Resource.tenant(options[:tenant]).id}
+            security_group_id = adapter.create_security_group(attributes)
+            diff[2].each do |rule|
+              rule.merge!({"ethertype" => "IPv4", "tenant_id" => Kakine::Resource.tenant(options[:tenant]).id})
+              if rule["remote_group"]
+                remote_security_group = Kakine::Resource.security_group(options[:tenant], rule.delete("remote_group"))
+                rule["remote_group_id"] = remote_security_group.id
+              end
+              adapter.create_rule(security_group_id, rule["direction"], rule)
+            end if diff[2]
+          when "-"
+            security_group = Kakine::Resource.security_group(options[:tenant], sg_name)
+            adapter.delete_security_group(security_group.id)
+          else
+            raise
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kakine/resource.rb ADDED

@@ -0,0 +1,77 @@
+module Kakine
+  class Resource
+    class << self
+      def yaml(filename)
+        YAML.load_file(filename).to_hash
+      end
+      def tenant(tenant_name)
+        tenants = Fog::Identity[:openstack].tenants
+        tenants.detect{|t| t.name == tenant_name}
+      end
+      def security_group(tenant_name, security_group_name)
+        security_groups_on_tenant(tenant_name).detect{|sg| sg.name == security_group_name}
+      end
+      def security_group_rule(security_group, attributes)
+        security_group.security_group_rules.detect do |sg|
+          if attributes["port"]
+            attributes["port_range_max"] = attributes["port_range_min"] = attributes["port"]
+          end
+          sg.direction == attributes["direction"] &&
+          sg.protocol == attributes["protocol"] &&
+          sg.port_range_max == attributes["port_range_max"] &&
+          sg.port_range_min == attributes["port_range_min"] &&
+          sg.remote_ip_prefix == attributes["remote_ip"] &&
+          sg.remote_group_id == attributes["remote_group_id"]
+        end
+      end
+      def security_groups_on_tenant(tenant_name)
+        security_groups = Fog::Network[:openstack].security_groups
+        security_groups.select{|sg| sg.tenant_id == tenant(tenant_name).id}
+      end
+      def security_groups_hash(tenant_name)
+        sg_hash = {}
+        security_groups_on_tenant(tenant_name).each do |sg|
+          sg_hash[sg.name] = format_security_group(sg)
+        end
+        sg_hash
+      end
+      def format_security_group(security_group)
+        rules = []
+        security_group.security_group_rules.each do |rule|
+          rule_hash = {}
+          rule_hash["direction"] = rule.direction
+          rule_hash["protocol"] = rule.protocol
+          if rule.port_range_max == rule.port_range_min
+            rule_hash["port"] = rule.port_range_max
+          else
+            rule_hash["port_range_max"] = rule.port_range_max
+            rule_hash["port_range_min"] = rule.port_range_min
+          end
+          if rule.remote_group_id
+            response = Fog::Network[:openstack].get_security_group(rule.remote_group_id)
+            rule_hash["remote_group"] = response.data[:body]["security_group"]["name"]
+          else
+            rule_hash["remote_ip"] = rule.remote_ip_prefix
+          end
+          rules << rule_hash
+        end
+        rules
+      end
+    end
+  end
+end

data/lib/kakine/version.rb ADDED

@@ -0,0 +1,3 @@
+module Kakine
+  VERSION = "0.1.0"
+end

metadata ADDED

@@ -0,0 +1,161 @@
+--- !ruby/object:Gem::Specification
+name: kakine
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- SHIBATA Hiroshi
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2015-04-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: fog
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: hashdiff
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Security Group configuration tool for OpenStack. You can apply simple
+  YAML definition into Security Group on OpenStack.
+email:
+- hsbt@ruby-lang.org
+executables:
+- kakine
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- exe/kakine
+- kakine.gemspec
+- lib/kakine.rb
+- lib/kakine/adapter.rb
+- lib/kakine/adapter/mock.rb
+- lib/kakine/adapter/real.rb
+- lib/kakine/cli.rb
+- lib/kakine/resource.rb
+- lib/kakine/version.rb
+homepage: https://github.com/hsbt/kakine
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.6
+signing_key:
+specification_version: 4
+summary: Security Group configuration tool for OpenStack.
+test_files: []
+has_rdoc: