kakine 0.2.0 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (16) hide show
  1. checksums.yaml +4 -4
  2. data/lib/kakine.rb +3 -3
  3. data/lib/kakine/adapter.rb +20 -0
  4. data/lib/kakine/adapter/mock.rb +5 -7
  5. data/lib/kakine/adapter/real.rb +27 -8
  6. data/lib/kakine/cli.rb +14 -54
  7. data/lib/kakine/operation.rb +38 -0
  8. data/lib/kakine/resource.rb +32 -23
  9. data/lib/kakine/security_group.rb +51 -47
  10. data/lib/kakine/security_rule.rb +58 -0
  11. data/lib/kakine/validate.rb +42 -0
  12. data/lib/kakine/version.rb +1 -1
  13. metadata +5 -5
  14. data/lib/kakine/cli/operation.rb +0 -44
  15. data/lib/kakine/diff_parser.rb +0 -88
  16. data/lib/kakine/hash_sort.rb +0 -13
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d3f0de2336304ed3476ccfc1b63e2bdc01a9c1cd
4
- data.tar.gz: c1b97adbc29b5a659b1fb38b79f04dcb596a1f53
3
+ metadata.gz: 70641f4e229c0b370d35779df007a7df6da8652f
4
+ data.tar.gz: 2dde1b80581774ea0c74f8848e4f703e25faf22f
5
5
  SHA512:
6
- metadata.gz: c402eeb05b5d24368f1b66694965fa8fac9116a8354c11a69a33c5bc64695f9d107ed63072f523a1da22d9520bf86eed35bedff78e1811da249ae91b5ccd1c11
7
- data.tar.gz: a2c41d220786673210a397f27d049f7d52c6ec5ae5aa623361eb08fd62d8634d7d70350d3a303f931ff2799657d9c1295dc28df9432d065ec9ed61ed9ae2fbde
6
+ metadata.gz: 4cead3fba0343c55d0af964843358cdcaaee3e6b0249a5e18195b8fc84cc266cab4930faa0c6cac8012ed111c32a36ac567fa3bc00a32f8fced787a74d6d92d1
7
+ data.tar.gz: 08660d1645a78545d7bf22aff0f0dd074de1d0b358045428a559a1b604350e2f165812eb8351c17d9a63742c0e33bd009e87fc251a8d0f217e3c47c7e32fc85a
data/lib/kakine.rb CHANGED
@@ -1,11 +1,11 @@
1
1
  require "kakine/version"
2
2
  require 'kakine/cli'
3
- require 'kakine/cli/operation'
3
+ require 'kakine/operation'
4
4
  require 'kakine/adapter'
5
5
  require 'kakine/resource'
6
- require 'kakine/hash_sort'
7
6
  require 'kakine/security_group'
8
- require 'kakine/diff_parser'
7
+ require 'kakine/security_rule'
8
+ require 'kakine/validate'
9
9
 
10
10
  module Kakine
11
11
  end
data/lib/kakine/adapter.rb CHANGED
@@ -1,2 +1,22 @@
1
1
  require 'kakine/adapter/real'
2
2
  require 'kakine/adapter/mock'
3
+
4
+ module Kakine
5
+ class Adapter
6
+ def self.set_option(dryrun)
7
+ @@dryrun = dryrun
8
+ end
9
+
10
+ def self.get_instance
11
+ @@adapter ||= if @@dryrun
12
+ Kakine::Adapter::Mock.new
13
+ else
14
+ Kakine::Adapter::Real.new
15
+ end
16
+ end
17
+
18
+ private
19
+ def initialize
20
+ end
21
+ end
22
+ end
data/lib/kakine/adapter/mock.rb CHANGED
@@ -1,18 +1,16 @@
1
1
  module Kakine
2
2
  class Adapter
3
3
  class Mock
4
- def create_rule(security_group_id, direction, attributes)
5
- attributes.delete("direction")
6
- if attributes["port"]
7
- attributes["port_range_max"] = attributes["port_range_min"] = attributes.delete("port")
4
+ def create_rule(security_group_id, direction, security_rule)
5
+ attributes = {}
6
+ %w(protocol port_range_max port_range_min remote_ip ethertype).each do |k|
7
+ attributes[k] = eval("security_rule.#{k}")
8
8
  end
9
9
  if attributes["remote_ip"]
10
10
  attributes["remote_ip_prefix"] = attributes.delete("remote_ip")
11
11
  end
12
12
 
13
- data = {}
14
- attributes.each{|k,v| data[k.to_sym] = v}
15
- puts "Create Rule: #{security_group_id} - #{direction}: #{attributes}"
13
+ puts "Create Rule: #{security_group_id} - #{security_rule.direction}: #{attributes}"
16
14
  end
17
15
 
18
16
  def delete_rule(security_group_rule_id)
data/lib/kakine/adapter/real.rb CHANGED
@@ -1,10 +1,11 @@
1
+ require 'json'
1
2
  module Kakine
2
3
  class Adapter
3
4
  class Real
4
- def create_rule(security_group_id, direction, attributes)
5
- attributes.delete("direction")
6
- if attributes["port"]
7
- attributes["port_range_max"] = attributes["port_range_min"] = attributes.delete("port")
5
+ def create_rule(security_group_id, direction, security_rule)
6
+ attributes = {}
7
+ %w(protocol port_range_max port_range_min remote_ip ethertype).each do |k|
8
+ attributes[k] = eval("security_rule.#{k}")
8
9
  end
9
10
  if attributes["remote_ip"]
10
11
  attributes["remote_ip_prefix"] = attributes.delete("remote_ip")
@@ -12,7 +13,13 @@ module Kakine
12
13
 
13
14
  data = {}
14
15
  attributes.each{|k,v| data[k.to_sym] = v}
15
- Fog::Network[:openstack].create_security_group_rule(security_group_id, direction, data)
16
+ begin
17
+ Fog::Network[:openstack].create_security_group_rule(security_group_id, direction, data)
18
+ rescue Excon::Errors::Conflict => e
19
+ JSON.parse(e.response[:body]).each { |e,m| puts "#{e}:#{m["message"]}" }
20
+ rescue Excon::Errors::BadRequest => e
21
+ JSON.parse(e.response[:body]).each { |e,m| puts "#{e}:#{m["message"]}" }
22
+ end
16
23
  end
17
24
 
18
25
  def delete_rule(security_group_rule_id)
@@ -22,12 +29,24 @@ module Kakine
22
29
  def create_security_group(attributes)
23
30
  data = {}
24
31
  attributes.each{|k,v| data[k.to_sym] = v}
25
- response = Fog::Network[:openstack].create_security_group(data)
26
- response.data[:body]["security_group"]["id"]
32
+ begin
33
+ response = Fog::Network[:openstack].create_security_group(data)
34
+ response.data[:body]["security_group"]["id"]
35
+ rescue Excon::Errors::Conflict => e
36
+ JSON.parse(e.response[:body]).each { |e,m| puts "#{e}:#{m["message"]}" }
37
+ rescue Excon::Errors::BadRequest => e
38
+ JSON.parse(e.response[:body]).each { |e,m| puts "#{e}:#{m["message"]}" }
39
+ end
27
40
  end
28
41
 
29
42
  def delete_security_group(security_group_id)
30
- Fog::Network[:openstack].delete_security_group(security_group_id)
43
+ begin
44
+ Fog::Network[:openstack].delete_security_group(security_group_id)
45
+ rescue Excon::Errors::Conflict => e
46
+ JSON.parse(e.response[:body]).each { |e,m| puts "#{e}:#{m["message"]}" }
47
+ rescue Excon::Errors::BadRequest => e
48
+ JSON.parse(e.response[:body]).each { |e,m| puts "#{e}:#{m["message"]}" }
49
+ end
31
50
  end
32
51
  end
33
52
  end
data/lib/kakine/cli.rb CHANGED
@@ -2,7 +2,6 @@ require 'thor'
2
2
  require 'fog'
3
3
  require 'yaml'
4
4
  require 'hashdiff'
5
-
6
5
  module Kakine
7
6
  class CLI < Thor
8
7
 
@@ -17,62 +16,23 @@ module Kakine
17
16
  option :filename, type: :string, aliases: "-f"
18
17
  desc 'apply', "apply local configuration into OpenStack"
19
18
  def apply
20
- adapter = if options[:dryrun]
21
- Kakine::Adapter::Mock.new
22
- else
23
- Kakine::Adapter::Real.new
24
- end
25
-
26
- operation = Kakine::CLI::Operation.new
27
- operation.set_adapter(adapter)
28
-
29
19
  filename = options[:filename] ? options[:filename] : "#{options[:tenant]}.yaml"
30
-
31
- security_groups = []
32
- delay_create = []
33
-
34
- diffs = HashDiff.diff(
35
- Kakine::Resource.security_groups_hash(options[:tenant]),
36
- Kakine::Resource.yaml(filename)
37
- )
38
-
39
- diffs.each do |diff|
40
- security_groups << Kakine::SecurityGroup.new(options[:tenant], diff)
41
- end
42
-
43
- security_groups.each do |sg|
44
- if sg.update_rule? # foo[2]
45
- case
46
- when sg.add?
47
- operation.create_security_rule(sg)
48
- when sg.delete?
49
- operation.delete_security_rule(sg)
50
- when sg.update_attr?
51
- pre_sg = sg.get_prev_instance
52
- operation.delete_security_rule(pre_sg)
53
- delay_create << sg # avoid duplication entry
54
- else
55
- raise
56
- end
57
- else # foo
58
- case
59
- when sg.add?
60
- security_group_id = operation.create_security_group(sg)
61
- operation.create_security_rule(sg, security_group_id)
62
- when sg.delete?
63
- operation.delete_security_group(sg)
64
- when sg.update_attr?
65
- operation.delete_security_group(sg)
66
- security_group_id = operation.create_security_group(sg)
67
- operation.create_security_rule(sg, security_group_id)
68
- else
69
- raise
70
- end
20
+ Kakine::Adapter.set_option(options[:dryrun])
21
+
22
+ current_security_groups = Kakine::Resource.get_current(options[:tenant])
23
+ new_security_groups = Kakine::Resource.load_security_group_by_yaml(filename, options[:tenant])
24
+
25
+ return unless new_security_groups
26
+ new_security_groups.each do |new_sg|
27
+ registered_sg = current_security_groups.find { |cur_sg| cur_sg.name == new_sg.name }
28
+ if registered_sg
29
+ new_sg.convergence!(registered_sg) if new_sg != registered_sg
30
+ else
31
+ new_sg.register!
71
32
  end
72
33
  end
73
- # update rule attributes delay create
74
- delay_create.each do |sg|
75
- operation.create_security_rule(sg)
34
+ current_security_groups.each do |current_sg|
35
+ current_sg.unregister! if new_security_groups.none? { |new_sg| current_sg.name == new_sg.name }
76
36
  end
77
37
  end
78
38
  end
data/lib/kakine/operation.rb ADDED
@@ -0,0 +1,38 @@
1
+ module Kakine
2
+ class Operation
3
+ class << self
4
+ def adapter
5
+ @@adapter ||= Kakine::Adapter.get_instance
6
+ end
7
+
8
+ def create_security_group(sg)
9
+ attributes = {name: sg.name, description: sg.description, tenant_id: sg.tenant_id}
10
+ security_group_id = adapter.create_security_group(attributes)
11
+
12
+ #delete default rule
13
+ sg.get_default_rule_instance.rules.each { |rule| rule.unregister! } unless adapter.instance_of?(Kakine::Adapter::Mock)
14
+ security_group_id
15
+ end
16
+
17
+ def delete_security_group(sg)
18
+ security_group = Kakine::Resource.security_group(sg.tenant_name, sg.name)
19
+ adapter.delete_security_group(security_group.id)
20
+ end
21
+
22
+ def create_security_rule(tenant_name, sg_name, rule)
23
+ security_group_id = if adapter.instance_of?(Kakine::Adapter::Mock)
24
+ "[Mock] #{sg_name} ID"
25
+ else
26
+ Kakine::Resource.security_group(tenant_name, sg_name).id
27
+ end
28
+ adapter.create_rule(security_group_id, rule.direction, rule)
29
+ end
30
+
31
+ def delete_security_rule(tenant_name, sg_name, rule)
32
+ security_group = Kakine::Resource.security_group(tenant_name, sg_name)
33
+ security_group_rule = Kakine::Resource.security_group_rule(security_group, rule)
34
+ adapter.delete_rule(security_group_rule.id)
35
+ end
36
+ end
37
+ end
38
+ end
data/lib/kakine/resource.rb CHANGED
@@ -1,9 +1,20 @@
1
- require 'kakine/hash_sort'
2
1
  module Kakine
3
2
  class Resource
4
3
  class << self
4
+ def load_security_group_by_yaml(filename, tenant_name)
5
+ load_yaml = yaml(filename)
6
+ return false unless Kakine::Validate.validate_file_input(load_yaml)
7
+ load_yaml.map { |sg| Kakine::SecurityGroup.new(tenant_name, sg) }
8
+ end
9
+
10
+ def get_current(tenant_name)
11
+ Kakine::Resource.security_groups_hash(tenant_name).map do |sg|
12
+ Kakine::SecurityGroup.new(tenant_name, sg)
13
+ end
14
+ end
15
+
5
16
  def yaml(filename)
6
- YAML.load_file(filename).to_hash.sg_rules_sort
17
+ YAML.load_file(filename).to_hash
7
18
  end
8
19
 
9
20
  def tenant(tenant_name)
@@ -16,22 +27,20 @@ module Kakine
16
27
 
17
28
  def security_group_rule(security_group, attributes)
18
29
  security_group.security_group_rules.detect do |sg|
19
- if attributes["port"]
20
- attributes["port_range_max"] = attributes["port_range_min"] = attributes["port"]
21
- end
22
30
 
23
- sg.direction == attributes["direction"] &&
24
- sg.protocol == attributes["protocol"] &&
25
- sg.port_range_max == attributes["port_range_max"] &&
26
- sg.port_range_min == attributes["port_range_min"] &&
31
+ sg.direction == attributes.direction &&
32
+ sg.protocol == attributes.protocol &&
33
+ sg.port_range_max == attributes.port_range_max &&
34
+ sg.port_range_min == attributes.port_range_min &&
35
+ sg.ethertype == attributes.ethertype &&
27
36
  (
28
37
  (
29
- sg.remote_ip_prefix == attributes["remote_ip"] &&
30
- sg.ethertype == attributes["ethertype"]
38
+ attributes.remote_group_id.nil? &&
39
+ sg.remote_ip_prefix == attributes.remote_ip
31
40
  ) ||
32
41
  (
33
- sg.remote_group_id == attributes["remote_group_id"] &&
34
- !attributes["remote_group_id"].nil?
42
+ attributes.remote_ip.nil? &&
43
+ sg.remote_group_id == attributes.remote_group_id
35
44
  )
36
45
  )
37
46
  end
@@ -48,22 +57,24 @@ module Kakine
48
57
  sg_hash[sg.name]["rules"] = format_security_group(sg)
49
58
  sg_hash[sg.name]["description"] = sg.description
50
59
  end
51
- sg_hash.sg_rules_sort
60
+ sg_hash
52
61
  end
53
62
 
54
63
  def format_security_group(security_group)
55
- rules = []
56
-
57
- security_group.security_group_rules.each do |rule|
64
+ security_group.security_group_rules.map do |rule|
58
65
  rule_hash = {}
59
66
  rule_hash["direction"] = rule.direction
60
- rule_hash["protocol"] = rule.protocol
67
+ rule_hash["protocol"] = rule.protocol
68
+ rule_hash["ethertype"] = rule.ethertype
61
69
 
62
- if rule.port_range_max == rule.port_range_min
70
+ if rule.protocol == "icmp"
71
+ rule_hash["type"] = rule.port_range_min
72
+ rule_hash["code"] = rule.port_range_max
73
+ elsif rule.port_range_max == rule.port_range_min
63
74
  rule_hash["port"] = rule.port_range_max
64
75
  else
65
- rule_hash["port_range_max"] = rule.port_range_max
66
76
  rule_hash["port_range_min"] = rule.port_range_min
77
+ rule_hash["port_range_max"] = rule.port_range_max
67
78
  end
68
79
 
69
80
  if rule.remote_group_id
@@ -71,11 +82,9 @@ module Kakine
71
82
  rule_hash["remote_group"] = response.data[:body]["security_group"]["name"]
72
83
  else
73
84
  rule_hash["remote_ip"] = rule.remote_ip_prefix
74
- rule_hash["ethertype"] = rule.ethertype
75
85
  end
76
- rules << rule_hash
86
+ rule_hash
77
87
  end
78
- rules
79
88
  end
80
89
  end
81
90
  end
data/lib/kakine/security_group.rb CHANGED
@@ -1,76 +1,80 @@
1
+ require 'json'
1
2
  module Kakine
2
3
  class SecurityGroup
3
- attr_reader :target_object_name, :name, :transaction_type, :tenant_id, :tenant_name, :description, :rules, :prev_rules
4
+ attr_reader :name, :tenant_id, :tenant_name, :description, :rules
4
5
 
5
- def initialize(tenant_name, diff)
6
- unset_security_rules
7
- Kakine::DiffParser.parse_parameters(tenant_name, diff).each do|k,v|
8
- instance_variable_set(eval(":@#{k.to_s}"), v)
9
- end
10
- set_remote_security_group_id
6
+ def initialize(tenant_name, parameter)
7
+ @name = parameter[0]
8
+ @tenant_name = tenant_name
9
+ @tenant_id = Kakine::Resource.tenant(tenant_name).id
10
+ @description = parameter[1]["description"] || ""
11
+ @rules = parameter[1]["rules"].map do |rule|
12
+ SecurityRule.new(rule, @tenant_name, @name)
13
+ end unless parameter[1]["rules"].nil?
14
+ @rules ||= []
11
15
  end
12
16
 
13
17
  def initialize_copy(obj)
14
18
  @rules = Marshal.load(Marshal.dump(obj.rules))
15
- @prev_rules = Marshal.load(Marshal.dump(obj.prev_rules))
16
- unset_security_rules
17
- end
18
-
19
- def has_rules?
20
- @rules.detect {|v| !v.nil? && v.size > 0}
21
19
  end
22
20
 
23
- def add?
24
- @transaction_type == "+"
21
+ def ==(target_sg)
22
+ instance_variables.reject{ |k| k == :@rules }.each do |val|
23
+ return false unless self.instance_variable_get(val) == target_sg.instance_variable_get(val)
24
+ end
25
+ @rules.each do |rule|
26
+ return false unless target_sg.find_by_rule(rule)
27
+ end
28
+ target_sg.rules.each do |rule|
29
+ return false unless find_by_rule(rule)
30
+ end
31
+ true
25
32
  end
26
33
 
27
- def delete?
28
- @transaction_type == "-"
34
+ def !=(target_sg)
35
+ !(self == target_sg)
29
36
  end
30
37
 
31
- def update_attr?
32
- @transaction_type == "~"
38
+ def find_by_rule(target_rule)
39
+ @rules.find { |rule| rule == target_rule }
33
40
  end
34
41
 
35
- def update_rule?
36
- !@target_object_name.split(/[\[]/, 2)[1].nil?
42
+ def register!
43
+ Kakine::Operation.create_security_group(self)
44
+ @rules.each { |rule| rule.register! } if has_rules?
37
45
  end
38
46
 
39
- def get_prev_instance
40
- prev_sg = self.clone
41
- prev_sg.add_security_rules(@prev_rules)
42
- prev_sg
47
+ def unregister!
48
+ Kakine::Operation.delete_security_group(self)
43
49
  end
44
50
 
45
- def set_default_rules
46
- unset_security_rules
47
- ["IPv4", "IPv6"].each do |ip|
48
- add_security_rules({"direction"=>"egress", "protocol"=>nil, "port"=>nil, "remote_ip"=>nil, "ethertype"=>ip})
51
+ def convergence!(target_sg)
52
+ if @description != target_sg.description
53
+ target_sg.unregister!
54
+ register!
55
+ else
56
+ target_sg.rules.each do |rule|
57
+ rule.unregister! unless find_by_rule(rule)
58
+ end
59
+ @rules.each do |rule|
60
+ rule.register! unless target_sg.find_by_rule(rule)
61
+ end
49
62
  end
50
63
  end
51
64
 
52
- def add_security_rules(rule)
53
- case
54
- when rule.instance_of?(Array)
55
- @rules = rule
56
- when rule.instance_of?(Hash)
57
- @rules << rule
58
- end
65
+ def has_rules?
66
+ @rules.detect {|v| !v.nil?}
59
67
  end
60
68
 
61
- private
62
-
63
- def unset_security_rules
64
- @rules = []
69
+ def get_default_rule_instance
70
+ default_sg = self.clone
71
+ default_sg.set_default_rule
72
+ default_sg
65
73
  end
66
74
 
67
- def set_remote_security_group_id
68
- @rules.each do |rule|
69
- unless rule['remote_group'].nil?
70
- remote_security_group = Kakine::Resource.security_group(@tenant_name, rule.delete("remote_group"))
71
- rule["remote_group_id"] = remote_security_group.id
72
- end
73
- end if has_rules?
75
+ def set_default_rule
76
+ @rules = %w(IPv4 IPv6).map { |v| {"direction"=>"egress", "protocol" => nil, "port"=>nil, "remote_ip"=>nil, "ethertype"=>v } }.
77
+ map{ |rule| SecurityRule.new(rule, @tenant_name, @name) }
74
78
  end
75
79
  end
76
80
  end
data/lib/kakine/security_rule.rb ADDED
@@ -0,0 +1,58 @@
1
+ module Kakine
2
+ class SecurityRule
3
+ attr_reader :direction, :protocol, :port_range_max, :port_range_min, :remote_ip, :remote_group, :remote_group_id, :ethertype
4
+
5
+ def initialize(rule, tenant_name, sg_name)
6
+ @tenant_name = tenant_name
7
+ @sg_name = sg_name
8
+
9
+ rule.each do|k,v|
10
+ instance_variable_set(eval(":@#{k.to_s}"), v) unless k.include?("port")
11
+ end
12
+
13
+ @port_range_min, @port_range_max = *convert_port_format(rule)
14
+ set_remote_security_group_id
15
+
16
+ end
17
+
18
+ def register!
19
+ Kakine::Operation.create_security_rule(@tenant_name, @sg_name, self)
20
+ end
21
+
22
+ def unregister!
23
+ Kakine::Operation.delete_security_rule(@tenant_name, @sg_name, self)
24
+ end
25
+
26
+ def ==(target_sg)
27
+ instance_variables.each do |val|
28
+ unless self.instance_variable_get(val) == target_sg.instance_variable_get(val)
29
+ return false
30
+ end
31
+ end
32
+ true
33
+ end
34
+
35
+ private
36
+
37
+ def convert_port_format(rule)
38
+ case
39
+ when rule.has_key?('port')
40
+ [rule['port'] ,rule['port']]
41
+ when rule.has_key?('type'), rule.has_key?('code')
42
+ [rule['type'] ,rule['code']]
43
+ when rule.has_key?('port_range_max'), rule.has_key?('port_range_min')
44
+ [rule['port_range_min'] ,rule['port_range_max']]
45
+ else
46
+ raise "no match port format"
47
+ end
48
+ end
49
+
50
+ def set_remote_security_group_id
51
+ unless @remote_group.nil?
52
+ remote_security_group = Kakine::Resource.security_group(@tenant_name, @remote_group)
53
+ raise "not exists #{@remote_group}" unless remote_security_group
54
+ @remote_group_id = remote_security_group.id
55
+ end
56
+ end
57
+ end
58
+ end
data/lib/kakine/validate.rb ADDED
@@ -0,0 +1,42 @@
1
+ module Kakine
2
+ class Validate
3
+ class << self
4
+ def validate_file_input(load_sg)
5
+ err = []
6
+ load_sg.each do |sg|
7
+ err << validate_attributes(sg)
8
+ err << validate_rules(sg)
9
+ end
10
+ return true unless err.detect {|e| !e.nil? }
11
+ err.map { |m| puts m unless m.nil? }
12
+ false
13
+ end
14
+
15
+ def validate_attributes(sg)
16
+ case
17
+ when sg[1].nil?
18
+ "[error] #{sg[0]}:rules and description is required"
19
+ when !sg[1].key?("rules")
20
+ "[error] #{sg[0]}:rules is required"
21
+ when !sg[1].key?("description")
22
+ "[error] #{sg[0]}:description is required"
23
+ end
24
+ end
25
+
26
+ def validate_rules(sg)
27
+ sg[1]["rules"].each do |rule|
28
+ if !rule.key?("port") &&
29
+ (!rule.key?("port_range_max") || !rule.key?("port_range_min")) &&
30
+ (!rule.key?("type") || !rule.key?("code"))
31
+ return "[error] #{sg[0]}:rules port(icmp code) is required"
32
+ elsif !rule.key?("remote_ip") && !rule.key?("remote_group")
33
+ return "[error] #{sg[0]}:rules remote_ip or remote_group required"
34
+ elsif col = %w(direction protocol ethertype).find { |k| !rule.key?(k) }
35
+ return "[error] #{sg[0]}:rules #{col} is required"
36
+ end
37
+ end unless sg[1]["rules"].nil?
38
+ nil
39
+ end
40
+ end
41
+ end
42
+ end
data/lib/kakine/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Kakine
2
- VERSION = "0.2.0"
2
+ VERSION = "0.3.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: kakine
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - SHIBATA Hiroshi
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2015-05-20 00:00:00.000000000 Z
11
+ date: 2015-05-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: fog
@@ -131,11 +131,11 @@ files:
131
131
  - lib/kakine/adapter/mock.rb
132
132
  - lib/kakine/adapter/real.rb
133
133
  - lib/kakine/cli.rb
134
- - lib/kakine/cli/operation.rb
135
- - lib/kakine/diff_parser.rb
136
- - lib/kakine/hash_sort.rb
134
+ - lib/kakine/operation.rb
137
135
  - lib/kakine/resource.rb
138
136
  - lib/kakine/security_group.rb
137
+ - lib/kakine/security_rule.rb
138
+ - lib/kakine/validate.rb
139
139
  - lib/kakine/version.rb
140
140
  homepage: https://github.com/hsbt/kakine
141
141
  licenses:
data/lib/kakine/cli/operation.rb DELETED
@@ -1,44 +0,0 @@
1
- module Kakine
2
- class CLI < Thor
3
- class Operation
4
- def set_adapter(adapter)
5
- @adapter = adapter
6
- end
7
-
8
- def create_security_group(sg)
9
- attributes = {name: sg.name, description: sg.description, tenant_id: sg.tenant_id}
10
- security_group_id = @adapter.create_security_group(attributes)
11
-
12
- #delete default rule
13
- delete_sg = sg.clone
14
- delete_sg.set_default_rules
15
-
16
- delete_security_rule(delete_sg) unless @adapter.instance_of?(Kakine::Adapter::Mock)
17
- security_group_id
18
- end
19
-
20
- def delete_security_group(sg)
21
- security_group = Kakine::Resource.security_group(sg.tenant_name, sg.name)
22
- @adapter.delete_security_group(security_group.id)
23
- end
24
-
25
- def create_security_rule(sg, security_group_id=nil)
26
- if security_group_id.nil?
27
- security_group = Kakine::Resource.security_group(sg.tenant_name, sg.name)
28
- security_group_id = security_group.id
29
- end
30
- sg.rules.each do |rule|
31
- @adapter.create_rule(security_group_id, rule["direction"], rule)
32
- end if sg.has_rules?
33
- end
34
-
35
- def delete_security_rule(sg)
36
- security_group = Kakine::Resource.security_group(sg.tenant_name, sg.name)
37
- sg.rules.each do |rule|
38
- security_group_rule = Kakine::Resource.security_group_rule(security_group, rule)
39
- @adapter.delete_rule(security_group_rule.id)
40
- end if sg.has_rules?
41
- end
42
- end
43
- end
44
- end
data/lib/kakine/diff_parser.rb DELETED
@@ -1,88 +0,0 @@
1
- module Kakine
2
- class DiffParser
3
- @diff = ""
4
- class << self
5
- def parse_parameters(tenant_name, diff)
6
- @diff = diff
7
-
8
- registered_sg = Kakine::Resource.security_groups_hash(tenant_name)
9
- if ["+", "-"].include?(parse_transaction_type)
10
- if unit_is_security_group?
11
- rules = parse_security_group["rules"]
12
- description = parse_security_group["description"]
13
- elsif unit_is_security_rule?
14
- rules = [parse_security_group_rule]
15
- description = registered_sg[parse_security_group_name]["description"]
16
- elsif unit_is_description?
17
- raise "description is not exists"
18
- end
19
- else
20
- regex_update_description = /^[\w-]+\.description$/
21
- regex_update_rules = /^[\w-]+\.rules$/
22
- regex_update_attr = /^[\w-]+.[\w]+\[(\d)\].([\w]+)$/
23
-
24
- if parse_target_object_name.match(regex_update_description)
25
- rules = registered_sg[parse_security_group_name]["rules"]
26
- description = parse_after_description
27
- elsif parse_target_object_name.match(regex_update_rules)
28
- rules = parse_after_rules
29
- description = registered_sg[parse_security_group_name]["description"]
30
- elsif m = parse_target_object_name.match(regex_update_attr)
31
- rules = [registered_sg[parse_security_group_name]["rules"][m[1].to_i]]
32
- prev_rules = Marshal.load(Marshal.dump(rules)) # backup before value
33
- rules[0][m[2]] = parse_after_attr
34
- description = registered_sg[parse_security_group_name]["description"]
35
- end
36
- end
37
- rules ||= []
38
-
39
- {
40
- target_object_name: parse_target_object_name,
41
- name: parse_security_group_name,
42
- transaction_type: parse_transaction_type,
43
- tenant_id: Kakine::Resource.tenant(tenant_name).id,
44
- tenant_name: tenant_name,
45
- description: description,
46
- rules: rules,
47
- prev_rules: prev_rules
48
- }
49
- end
50
-
51
- def parse_security_group_name
52
- parse_target_object_name.split(/[\.\[]/, 2)[0]
53
- end
54
-
55
-
56
- def parse_transaction_type
57
- @diff[0]
58
- end
59
-
60
- def parse_target_object_name
61
- @diff[1]
62
- end
63
-
64
- def parse_security_group
65
- @diff[2]
66
- end
67
- alias :parse_security_group_rule :parse_security_group
68
-
69
- def parse_after_attr
70
- @diff[3]
71
- end
72
- alias :parse_after_description :parse_after_attr
73
- alias :parse_after_rules :parse_after_attr
74
-
75
- def unit_is_security_group?
76
- parse_security_group && parse_security_group["rules"]
77
- end
78
-
79
- def unit_is_security_rule?
80
- !(parse_security_group_rule.nil? || unit_is_description?)
81
- end
82
-
83
- def unit_is_description?
84
- parse_target_object_name.index('description')
85
- end
86
- end
87
- end
88
- end
data/lib/kakine/hash_sort.rb DELETED
@@ -1,13 +0,0 @@
1
- class Hash
2
- def sg_rules_sort
3
- self.each do |sg|
4
- sg[1]['rules'].sort_by! do |rule|
5
- rule.inject(0) do |ascii,(k,v)|
6
- ascii += v.ord.to_i unless v.nil?
7
- ascii
8
- end
9
- end unless sg[1].nil? || sg[1]['rules'].nil?
10
- end
11
- Hash[self]
12
- end
13
- end