kumogata-template 0.0.23 → 0.0.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/kumogata/template.rb +1 -0
- data/lib/kumogata/template/ecr.rb +24 -0
- data/lib/kumogata/template/iam.rb +4 -4
- data/lib/kumogata/template/version.rb +1 -1
- data/template/ecr-repository.rb +21 -0
- data/test/template/ecr-repository_test.rb +55 -0
- metadata +5 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cbf61b8ef2bf5c32a549e814951df8e3b0d4cb07
|
|
4
|
+
data.tar.gz: 6a90ad4bf7b62fe24b80e2fd2eb3ae7168a69d40
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0019ed1d64bad5e176a59482d69d4cba3f29e7ce5782e934aca546a92acdb55182e1521b3065cdcdfdcf56e06a4d7d4560d4e12a1fcbd3cc82a9756bb7571bff'
|
|
7
|
+
data.tar.gz: 4612fc3e3861d342cb056bd1ada8db81817ed3a270ba6827bf87273e063d88e82066c11834f2576a92c28555ff3cac38e22bf17705662f040e512482a774e7ec
|
data/Gemfile.lock
CHANGED
data/lib/kumogata/template.rb
CHANGED
|
@@ -10,6 +10,7 @@ require 'kumogata/template/const'
|
|
|
10
10
|
require 'kumogata/template/datapipeline'
|
|
11
11
|
require 'kumogata/template/dynamodb'
|
|
12
12
|
require 'kumogata/template/ec2'
|
|
13
|
+
require 'kumogata/template/ecr'
|
|
13
14
|
require 'kumogata/template/ecs'
|
|
14
15
|
require 'kumogata/template/elasticache'
|
|
15
16
|
require 'kumogata/template/elasticbeanstalk'
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
#
|
|
2
|
+
# Helper - ECR
|
|
3
|
+
#
|
|
4
|
+
require 'kumogata/template/helper'
|
|
5
|
+
|
|
6
|
+
|
|
7
|
+
def _ecr_policy(name, args)
|
|
8
|
+
action = args[name.to_sym][:action] || []
|
|
9
|
+
user = args[name.to_sym][:user] || []
|
|
10
|
+
users = []
|
|
11
|
+
user.each do |v|
|
|
12
|
+
users << _iam_arn("iam", { account_id: v[:id], type: "user", user: v[:name] })
|
|
13
|
+
end
|
|
14
|
+
principal = _{
|
|
15
|
+
AWS users
|
|
16
|
+
}
|
|
17
|
+
policy = {
|
|
18
|
+
service: "ecr",
|
|
19
|
+
action: action,
|
|
20
|
+
principal: principal,
|
|
21
|
+
no_resource: true,
|
|
22
|
+
}
|
|
23
|
+
_iam_policy_document("policy", { policy: [ policy ] })
|
|
24
|
+
end
|
|
@@ -18,7 +18,7 @@ end
|
|
|
18
18
|
|
|
19
19
|
def _iam_policies(name, args)
|
|
20
20
|
array = []
|
|
21
|
-
policies = args[
|
|
21
|
+
policies = args[name.to_sym] || []
|
|
22
22
|
policies.each_with_index do |v, i|
|
|
23
23
|
array << _{
|
|
24
24
|
PolicyDocument _iam_policy_document("document", v)
|
|
@@ -30,7 +30,7 @@ end
|
|
|
30
30
|
|
|
31
31
|
def _iam_policy_document(name, args)
|
|
32
32
|
array = []
|
|
33
|
-
documents = args[
|
|
33
|
+
documents = args[name.to_sym] || []
|
|
34
34
|
|
|
35
35
|
documents.each do |v|
|
|
36
36
|
service = v[:service] || ""
|
|
@@ -51,7 +51,7 @@ def _iam_policy_document(name, args)
|
|
|
51
51
|
array << _{
|
|
52
52
|
Effect v[:effect] || "Allow"
|
|
53
53
|
Action actions
|
|
54
|
-
Resource resource
|
|
54
|
+
Resource resource unless v.key? :no_resource
|
|
55
55
|
Principal v[:principal] if v.key? :principal
|
|
56
56
|
}
|
|
57
57
|
end
|
|
@@ -150,7 +150,7 @@ def _iam_s3_bucket_policy(region, bucket, prefix, aws_account_id)
|
|
|
150
150
|
service: "s3",
|
|
151
151
|
action: [ "PutObject" ],
|
|
152
152
|
principal: {
|
|
153
|
-
|
|
153
|
+
AWS: [ account_id ],
|
|
154
154
|
},
|
|
155
155
|
resource: resource,
|
|
156
156
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
KUMOGATA_TEMPLATE_VERSION = '0.0.
|
|
1
|
+
KUMOGATA_TEMPLATE_VERSION = '0.0.24'
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
#
|
|
2
|
+
# ECR Repository resource
|
|
3
|
+
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html
|
|
4
|
+
#
|
|
5
|
+
require 'kumogata/template/helper'
|
|
6
|
+
require 'kumogata/template/ecr'
|
|
7
|
+
|
|
8
|
+
name = _resource_name(args[:name], "ecr repository")
|
|
9
|
+
repo_name = _ref_name("name", args)
|
|
10
|
+
policy = _ecr_policy("policy", args)
|
|
11
|
+
|
|
12
|
+
_(name) do
|
|
13
|
+
Type "AWS::ECR::Repository"
|
|
14
|
+
Properties do
|
|
15
|
+
RepositoryName repo_name
|
|
16
|
+
RepositoryPolicyText do
|
|
17
|
+
Version "2012-10-17"
|
|
18
|
+
Statement policy
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
require 'abstract_unit'
|
|
2
|
+
|
|
3
|
+
class EcrRepositoryTest < Minitest::Test
|
|
4
|
+
def test_normal
|
|
5
|
+
template = <<-EOS
|
|
6
|
+
action = %w(
|
|
7
|
+
GetDownloadUrlForLayer
|
|
8
|
+
BatchGetImage
|
|
9
|
+
BatchCheckLayerAvailability
|
|
10
|
+
PutImage
|
|
11
|
+
InitiateLayerUpload
|
|
12
|
+
UploadLayerPart
|
|
13
|
+
CompleteLayerUpload
|
|
14
|
+
)
|
|
15
|
+
user = [
|
|
16
|
+
{ id: 1, name: "test" }
|
|
17
|
+
]
|
|
18
|
+
_ecr_repository "test", { policy: { action: action, user: user } }
|
|
19
|
+
EOS
|
|
20
|
+
act_template = run_client_as_json(template)
|
|
21
|
+
exp_template = <<-EOS
|
|
22
|
+
{
|
|
23
|
+
"TestEcrRepository": {
|
|
24
|
+
"Type": "AWS::ECR::Repository",
|
|
25
|
+
"Properties": {
|
|
26
|
+
"RepositoryName": "test",
|
|
27
|
+
"RepositoryPolicyText": {
|
|
28
|
+
"Version": "2012-10-17",
|
|
29
|
+
"Statement": [
|
|
30
|
+
{
|
|
31
|
+
"Effect": "Allow",
|
|
32
|
+
"Action": [
|
|
33
|
+
"ecr:GetDownloadUrlForLayer",
|
|
34
|
+
"ecr:BatchGetImage",
|
|
35
|
+
"ecr:BatchCheckLayerAvailability",
|
|
36
|
+
"ecr:PutImage",
|
|
37
|
+
"ecr:InitiateLayerUpload",
|
|
38
|
+
"ecr:UploadLayerPart",
|
|
39
|
+
"ecr:CompleteLayerUpload"
|
|
40
|
+
],
|
|
41
|
+
"Principal": {
|
|
42
|
+
"AWS": [
|
|
43
|
+
"arn:aws:iam::1:user/test"
|
|
44
|
+
]
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
]
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
EOS
|
|
53
|
+
assert_equal exp_template.chomp, act_template
|
|
54
|
+
end
|
|
55
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kumogata-template
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.24
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Naoya Nakazawa
|
|
@@ -111,6 +111,7 @@ files:
|
|
|
111
111
|
- lib/kumogata/template/datapipeline.rb
|
|
112
112
|
- lib/kumogata/template/dynamodb.rb
|
|
113
113
|
- lib/kumogata/template/ec2.rb
|
|
114
|
+
- lib/kumogata/template/ecr.rb
|
|
114
115
|
- lib/kumogata/template/ecs.rb
|
|
115
116
|
- lib/kumogata/template/elasticache.rb
|
|
116
117
|
- lib/kumogata/template/elasticbeanstalk.rb
|
|
@@ -169,6 +170,7 @@ files:
|
|
|
169
170
|
- template/ec2-vpc-endpoint.rb
|
|
170
171
|
- template/ec2-vpc-gateway-attachment.rb
|
|
171
172
|
- template/ec2-vpc.rb
|
|
173
|
+
- template/ecr-repository.rb
|
|
172
174
|
- template/ecs-cluster.rb
|
|
173
175
|
- template/ecs-service.rb
|
|
174
176
|
- template/ecs-task-definition.rb
|
|
@@ -311,6 +313,7 @@ files:
|
|
|
311
313
|
- test/template/ec2-volume_test.rb
|
|
312
314
|
- test/template/ec2-vpc-gateway-attachment_test.rb
|
|
313
315
|
- test/template/ec2-vpc_test.rb
|
|
316
|
+
- test/template/ecr-repository_test.rb
|
|
314
317
|
- test/template/ecs-cluster_test.rb
|
|
315
318
|
- test/template/ecs-service_test.rb
|
|
316
319
|
- test/template/ecs-task-definition_test.rb
|
|
@@ -479,6 +482,7 @@ test_files:
|
|
|
479
482
|
- test/template/ec2-volume_test.rb
|
|
480
483
|
- test/template/ec2-vpc-gateway-attachment_test.rb
|
|
481
484
|
- test/template/ec2-vpc_test.rb
|
|
485
|
+
- test/template/ecr-repository_test.rb
|
|
482
486
|
- test/template/ecs-cluster_test.rb
|
|
483
487
|
- test/template/ecs-service_test.rb
|
|
484
488
|
- test/template/ecs-task-definition_test.rb
|