kybus-cli 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 2787f36a297b9c14e6c9fb0d4b28284721e4065c0c2a7c4f64db8246da1767fc
+  data.tar.gz: 619dcf54613ed6d18aecec46e84ae1b1fecad32c05882ec5e2b6d1d4ca4bc8aa
+SHA512:
+  metadata.gz: 4e2cd597770a3f06ef11a3077752d35608f90883def9e89be0b78cc10c4256d1039fa5877dd38d217c1702fbe9b7b82d1026c3cf9a0d79ac90e41429b2b06ed9
+  data.tar.gz: f2fc53893eb88358018a1a3251c0b78d24120735d8ec9e09ce81ef26ab985768800bb9e83de51810b7b66f18931041a6d6eaf67a5cb4a0797ae31cdfdcfb6008

data/bin/kybus

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'kybus/cli'
+
+Kybus::CLI.start(ARGV)

data/lib/kybus/aws/code_packager.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Kybus
+  module AWS
+    class CodePackager < Resource
+      def create_or_update!
+        ruby_version = RUBY_VERSION.split('.')[0..1].join('.') + '.0'
+        create_zip('.deps.zip', "vendor/bundle/ruby/#{ruby_version}", zip_root: "ruby/gems/#{ruby_version}")
+        create_zip('.kybuscode.zip', @config['repo_path'], exclude_files: [
+                     'test', 'Gemfile*', 'Rakefile', '.gitignore', '.bundle', '.git', '.deps.zip', '.kybuscode.zip', 'kybusbot.yaml', 'vendor', '.ruby-version'
+                   ], extra_files: { '.bundle/config' => 'BUNDLE_PATH: "/opt/vendor/bundle"' }, zip_root: '.')
+      end
+
+      def create_zip(zip_name, directory, exclude_files: [], extra_files: {}, zip_root: '')
+        require 'zip'
+        FileUtils.rm(zip_name, force: true)
+        entries = Dir.entries(directory) - %w[. ..]
+
+        Zip::File.open(zip_name, Zip::File::CREATE) do |zipfile|
+          extra_files.each do |entry, contents|
+            zipfile.get_output_stream(entry) { |f| f.puts(contents) }
+          end
+
+          entries.each do |entry|
+            entry_path = File.join(directory, entry)
+            next if exclude_files.any? { |pattern| File.fnmatch(pattern, entry) || File.fnmatch(pattern, entry_path) }
+
+            puts "Adding #{entry} to #{zip_name}"
+
+            if File.directory?(entry_path)
+              zipfile.mkdir("#{zip_root}#{entry_path.sub(directory, '')}")
+              Dir[File.join(entry_path, '**', '**')].each do |file|
+                next if exclude_files.any? { |pattern| File.fnmatch(pattern, file) }
+
+                zipfile.add("#{zip_root}#{file.sub(directory, '')}", file)
+              end
+            else
+              zipfile.add("#{zip_root}#{entry_path.sub(directory, '')}", entry_path)
+            end
+          end
+        end
+      end
+
+      def destroy!; end
+    end
+  end
+end

data/lib/kybus/aws/lambda.rb

@@ -0,0 +1,166 @@
+# frozen_string_literal: true
+
+require 'digest'
+
+def calculate_md5(file_path)
+  md5 = Digest::MD5.new
+  File.open(file_path, 'rb') do |file|
+    buffer = String.new
+    md5.update(buffer) while file.read(4096, buffer)
+  end
+  md5.hexdigest
+end
+
+module Kybus
+  module AWS
+    class Lambda < Resource
+      attr_reader :url, :name
+
+      def initialize(configs, name)
+        super(configs)
+        @name = name
+      end
+
+      def lambda_client
+        @lambda_client ||= Aws::Lambda::Client.new(region: @region)
+      end
+
+      def function_name
+        @name
+      end
+
+      def deploy_lambda!
+        layer_arn_deps = create_or_update_layer('.deps.zip', "#{function_name}-deps")
+
+        function_exists = begin
+          lambda_client.get_function(function_name:)
+        rescue StandardError
+          false
+        end
+
+        if function_exists
+          update_lambda!(layer_arn_deps)
+        else
+          create_lambda!(layer_arn_deps)
+        end
+      end
+
+      def create_layer(zip_file, layer_name, zipfile_hash)
+        response = lambda_client.publish_layer_version({
+                                                         layer_name:,
+                                                         content: {
+                                                           zip_file: File.read(zip_file)
+                                                         },
+                                                         description: zipfile_hash,
+                                                         compatible_runtimes: ["ruby3.3"]
+                                                       })
+        puts "Layer '#{layer_name}' created: #{response.layer_version_arn}"
+        response.layer_version_arn
+      end
+
+      def create_or_update_layer(zip_file, layer_name)
+        layer_exists = begin
+          response = lambda_client.list_layer_versions({
+            layer_name: layer_name,
+            max_items: 1
+          })
+
+          response.layer_versions.first
+        end
+
+        zipfile_hash = calculate_md5('Gemfile.lock')
+        
+        if !layer_exists || layer_exists.description != zipfile_hash
+          create_layer(zip_file, layer_name, zipfile_hash)
+        else
+          puts "Layer unmodified: #{layer_name}"
+          layer_exists.layer_version_arn
+        end
+      end
+
+      def update_lambda!(layer_arn_deps)
+        with_retries(Aws::Lambda::Errors::ResourceConflictException) do
+          lambda_client.update_function_configuration({
+                                                        function_name:,
+                                                        layers: [layer_arn_deps],
+                                                        timeout: @config['timeout'] || 3,
+                                                        environment: {
+                                                          variables: {
+                                                            'SECRET_TOKEN' => @config['secret_token']
+                                                          }
+                                                        }
+                                                      })
+        end
+
+        with_retries(Aws::Lambda::Errors::ResourceConflictException) do
+          lambda_client.update_function_code(function_name:, zip_file: File.read('.kybuscode.zip'))
+        end
+        puts "Lambda function '#{function_name}' updated."
+      end
+
+      def create_lambda!(layer_arn_deps)
+        with_retries(Aws::Lambda::Errors::ResourceConflictException) do
+          lambda_client.create_function({
+                                          function_name:,
+                                          runtime: 'ruby3.3',
+                                          role: "arn:aws:iam::#{account_id}:role/#{function_name}",
+                                          handler: 'handler.lambda_handler',
+                                          layers: [layer_arn_deps],
+                                          code: {
+                                            zip_file: File.read('.kybuscode.zip')
+                                          },
+                                          timeout: @config['timeout'] || 3,
+                                          environment: {
+                                            variables: {
+                                              'SECRET_TOKEN' => @config['secret_token']
+                                            }
+                                          }
+                                        })
+          puts "Lambda function '#{function_name}' created."
+        end
+      end
+
+      def make_public!
+        with_retries(Aws::Lambda::Errors::ResourceConflictException) do
+          response = lambda_client.create_function_url_config({
+                                                                function_name:,
+                                                                auth_type: 'NONE'
+                                                              })
+          puts "Function URL created: #{response.function_url}"
+          @url = response.function_url
+        rescue Aws::Lambda::Errors::ResourceConflictException
+          response = lambda_client.get_function_url_config({
+                                                             function_name:
+                                                           })
+          puts "Function URL exists: #{response.function_url}"
+          @url = response.function_url
+        end
+
+        begin
+          response = lambda_client.add_permission({
+                                                    function_name:,
+                                                    statement_id: 'AllowPublicInvoke',
+                                                    action: 'lambda:InvokeFunctionUrl',
+                                                    principal: '*',
+                                                    function_url_auth_type: 'NONE'
+                                                  })
+          puts "Permission added successfully: #{response}"
+        rescue Aws::Lambda::Errors::ServiceError => e
+          puts "Error adding permission: #{e.message}"
+        end
+      end
+
+      def create_or_update!
+        deploy_lambda!
+        make_public!
+      end
+
+      def destroy!
+        lambda_client.delete_function(function_name:)
+        puts "Lambda function '#{function_name}' deleted."
+      rescue Aws::Lambda::Errors::ResourceNotFoundException
+        puts "Lambda function '#{function_name}' not found."
+      end
+    end
+  end
+end

data/lib/kybus/aws/log_group.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Kybus
+  module AWS
+    class LogGroup < Resource
+      def initialize(config, name)
+        super(config)
+        @name = name
+      end
+
+      def logs_client
+        @logs_client ||= Aws::CloudWatchLogs::Client.new(region: @region)
+      end
+
+      def log_group_name
+        "/aws/lambda/#{@name}"
+      end
+
+      def create_or_update!
+        logs_client.create_log_group(log_group_name:)
+        puts "Log group '#{log_group_name}' created."
+      rescue Aws::CloudWatchLogs::Errors::ResourceAlreadyExistsException
+        puts "Log group '#{log_group_name}' already exists."
+      end
+
+      def destroy!
+        logs_client.delete_log_group(log_group_name:)
+        puts "Log group '#{log_group_name}' deleted."
+      rescue Aws::CloudWatchLogs::Errors::ResourceNotFoundException
+        puts "Log group '#{log_group_name}' not found."
+      end
+    end
+  end
+end

data/lib/kybus/aws/policy.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Kybus
+  module AWS
+    class Policy < Resource
+      attr_reader :name
+
+      def initialize(config, name, body)
+        super(config)
+        @name = name
+        @body = body
+        @iam_client = Aws::IAM::Client.new
+      end
+
+      def arn
+        "arn:aws:iam::#{account_id}:policy/#{name}"
+      end
+
+      def create_or_update!
+        @iam_client.create_policy(policy_name: @name, policy_document: @body.to_json)
+        puts "Policy '#{@name}' created."
+      rescue Aws::IAM::Errors::EntityAlreadyExists
+        puts "Policy '#{@name}' already exists."
+      end
+
+      def destroy!
+        @iam_client.delete_policy(policy_arn: arn)
+        puts "Policy '#{@name}' deleted."
+      rescue Aws::IAM::Errors::NoSuchEntity
+        puts "Policy '#{@name}' not found."
+      end
+    end
+  end
+end

data/lib/kybus/aws/resource.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Kybus
+  module AWS
+    class Resource
+      def initialize(config)
+        @config = config
+        @region = @config['region'] || 'us-east-1'
+      end
+
+      def account_id
+        @config['account_id']
+      end
+
+      def with_retries(exception, max_retries = 5)
+        retry_count = 0
+        begin
+          yield
+        rescue exception
+          retry_count += 1
+          unless retry_count <= max_retries
+            raise "Failed to apply #{self.class} after #{max_retries} attempts due to ongoing updates."
+          end
+
+          sleep_time = 2**retry_count
+          puts "Update in progress, retrying in #{sleep_time} seconds..."
+          sleep(sleep_time)
+          retry
+        end
+      end
+    end
+  end
+end

data/lib/kybus/aws/role.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+module Kybus
+  module AWS
+    class Role < Resource
+      LAMBDA_ASSUME_ROLE_POLICY = {
+        Version: '2012-10-17',
+        Statement: [
+          {
+            Effect: 'Allow',
+            Principal: {
+              Service: 'lambda.amazonaws.com'
+            },
+            Action: 'sts:AssumeRole'
+          }
+        ]
+      }.to_json.freeze
+
+      def initialize(config, name, type)
+        super(config)
+        @type = type
+        @name = name
+        @iam_client = Aws::IAM::Client.new
+        @policies = []
+      end
+
+      def add_policy(policy)
+        @policies << policy
+      end
+
+      def assume_role_policy
+        case @type
+        when :lambda
+          LAMBDA_ASSUME_ROLE_POLICY
+        else
+          raise 'Invalid Role Type'
+        end
+      end
+
+      def create_or_update!
+        begin
+          @iam_client.create_role({
+                                    role_name: @name,
+                                    assume_role_policy_document: assume_role_policy
+                                  })
+          puts "Role '#{@name}' created."
+        rescue Aws::IAM::Errors::EntityAlreadyExists
+          puts "Role '#{@name}' already exists."
+        end
+
+        @policies.each do |policy|
+          @iam_client.attach_role_policy(role_name: @name, policy_arn: policy.arn)
+          puts "Policy '#{policy.name}' attached to role '#{@name}'."
+        rescue Aws::IAM::Errors::EntityAlreadyExists
+          puts "Policy '#{policy.name}' already attached to role '#{@name}'."
+        end
+      end
+
+      def destroy!
+        @policies.each do |policy|
+          @iam_client.detach_role_policy({ role_name: @name, policy_arn: policy.arn })
+          puts "Policy '#{policy.name}' deleted."
+        rescue Aws::IAM::Errors::NoSuchEntity
+          puts "Policy '#{policy.name}' not found."
+        end
+
+        begin
+          @iam_client.delete_role(role_name: @name)
+          puts "Role '#{@name}' deleted."
+        rescue Aws::IAM::Errors::NoSuchEntity
+          puts "Role '#{@name}' not found."
+        end
+      end
+    end
+  end
+end

data/lib/kybus/aws.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require_relative 'aws/resource'
+require_relative 'aws/code_packager'
+require_relative 'aws/lambda'
+require_relative 'aws/log_group'
+require_relative 'aws/policy'
+require_relative 'aws/role'

data/lib/kybus/cli/bot/controller_generator.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Kybus
+  class CLI < Thor
+    class Bot < Thor
+      class ControllerGenerator
+        def initialize(name)
+          @name = name
+          @file_writer = Kybus::CLI::FileWriter.new('routes')
+        end
+
+        def generate
+          @file_writer.write("#{@name}_controller.rb", controller_content)
+        end
+
+        private
+
+        def controller_content
+          <<~RUBY
+            # frozen_string_literal: true
+
+            module #{@name.capitalize}Controller
+              def self.included(base)
+                base.instance_eval do
+                  include Routes
+
+                  def #{@name}_routes
+                    # Define your routes here
+                  end
+                end
+              end
+            end
+          RUBY
+        end
+      end
+    end
+  end
+end

data/lib/kybus/cli/bot/deploy_init_generator.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Kybus
+  module CLI
+    module Bot
+      class DeployInitGenerator
+        def initialize(name, options)
+          @file_writer = Kybus::CLI::FileWriter.new(name)
+          @options = options
+        end
+
+        def generate
+          @file_writer.write('.kybusbot.yaml', config_yaml_content)
+        end
+
+        private
+
+        def config_yaml_content
+          <<~YAML
+            bot_name: #{bot_name_snake_case}
+            cloud_provider: #{@options[:cloud_provider] || 'aws'}
+            dynamo:
+              capacity: #{@options[:dynamo_capacity] || 'on_demand'}
+              table_name: #{@options[:dynamo_table] || 'bot_sessions'}
+            chat_provider: #{@options[:chat_provider] || 'telegram'}
+            telegram:
+              token: 'REPLACE_ME'
+          YAML
+        end
+      end
+    end
+  end
+end

data/lib/kybus/cli/bot/deployer.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'uri'
+require 'json'
+require 'rake'
+require 'securerandom'
+require 'fileutils'
+require 'yaml'
+require 'aws-sdk-iam'
+require 'aws-sdk-lambda'
+require 'aws-sdk-cloudwatchlogs'
+require 'zip'
+
+require 'kybus/aws'
+require_relative 'deployers/telegram_configurator'
+require_relative 'deployers/aws_bot_deployer'
+
+module Kybus
+  class CLI < Thor
+    class Deployer
+      DEFAULT_CONFIGS = {
+        'repo_path' => '.',
+        'output_path' => './.kybusbotcode.zip'
+      }.freeze
+
+      def initialize(options)
+        @params = options
+        load_kybusdeploy_file!
+        @telegram = ::Kybus::CLI::BotDeployerTelegramConfigurator.new(@url, config_with_options)
+        @lambda = ::Kybus::CLI::AWSBotDeployer.new(config_with_options)
+      end
+
+      def run_migrations!
+        Rake::Task.clear
+        load 'Rakefile'
+        Rake::Task['db:migrate'].invoke
+      end
+
+      def load_kybusdeploy_file!
+        @config = YAML.load_file('./kybusbot.yaml')
+      end
+
+      def config_with_options
+        @config_with_options ||= DEFAULT_CONFIGS.merge(@config.merge(@params))
+      end
+
+      def compress_repo!
+        code = ::Kybus::AWS::CodePackager.new(config_with_options)
+        code.create_or_update!
+      end
+
+      def deploy_lambda!
+        @lambda.create_or_update!
+        @telegram.url = @lambda.url
+      end
+
+      def run
+        compress_repo!
+        deploy_lambda!
+        @telegram.create_or_update!
+      end
+
+      def destroy
+        @lambda.destroy!
+        @telegram.destroy!
+      end
+    end
+  end
+end

data/lib/kybus/cli/bot/deployers/aws_bot_deployer.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+module Kybus
+  class CLI < Thor
+    class AWSBotDeployer < BotDeployerBase
+      def make_dynamo_policy_document
+        {
+          Version: '2012-10-17',
+          Statement: [
+            {
+              Effect: 'Allow',
+              Action: [
+                'dynamodb:BatchGetItem',
+                'dynamodb:BatchWriteItem',
+                'dynamodb:Describe*',
+                'dynamodb:Get*',
+                'dynamodb:List*',
+                'dynamodb:PutItem',
+                'dynamodb:Query',
+                'dynamodb:Scan',
+                'dynamodb:UpdateItem',
+                'dynamodb:DeleteItem'
+              ],
+              Resource: "arn:aws:dynamodb:#{@region}:#{account_id}:table/#{function_name}*"
+            }, {
+              Effect: :Allow,
+              Action: [
+                'dynamodb:Describe*',
+                'dynamodb:Get*',
+                'dynamodb:List*'
+              ],
+              Resource: '*'
+            }
+          ]
+        }
+      end
+
+      def make_log_groupo_policy_document
+        {
+          Version: '2012-10-17',
+          Statement: [
+            {
+              Effect: 'Allow',
+              Action: 'logs:CreateLogGroup',
+              Resource: "arn:aws:logs:#{@region}:#{account_id}:*"
+            },
+            {
+              Effect: 'Allow',
+              Action: [
+                'logs:CreateLogStream',
+                'logs:PutLogEvents'
+              ],
+              Resource: [
+                "arn:aws:logs:#{@region}:#{account_id}:log-group:/aws/lambda/#{function_name}:*"
+              ]
+            }
+          ]
+        }
+      end
+
+      def initialize(configs)
+        configs['account_id'] = account_id
+        super
+        @role = ::Kybus::AWS::Role.new(configs, function_name, :lambda)
+        @dynamo_policy = ::Kybus::AWS::Policy.new(configs, "#{function_name}-dynamo", make_dynamo_policy_document)
+        @cloudwatch_policy = ::Kybus::AWS::Policy.new(configs, "#{function_name}-cloudwatch",
+                                                      make_log_groupo_policy_document)
+        @role.add_policy(@dynamo_policy)
+        @role.add_policy(@cloudwatch_policy)
+        @log_group = ::Kybus::AWS::LogGroup.new(configs, function_name)
+        @lambda = ::Kybus::AWS::Lambda.new(configs, function_name)
+      end
+
+      def destroy!
+        @lambda.destroy!
+        @role.destroy!
+        @dynamo_policy.destroy!
+        @cloudwatch_policy.destroy!
+        @log_group.destroy!
+      end
+
+      def url
+        @lambda.url
+      end
+
+      def create_or_update!
+        @log_group.create_or_update!
+        @dynamo_policy.create_or_update!
+        @cloudwatch_policy.create_or_update!
+        @role.create_or_update!
+        @lambda.create_or_update!
+      end
+    end
+  end
+end

data/lib/kybus/cli/bot/deployers/deployer_base.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Kybus
+  class CLI < Thor
+    class BotDeployerBase
+      def initialize(configs)
+        @config = configs
+      end
+
+      def function_name
+        "#{@config[:env] || 'production'}-#{@config['name']}"
+      end
+
+      def account_id
+        @account_id ||= begin
+          sts_client = Aws::STS::Client.new
+          response = sts_client.get_caller_identity
+          response.account
+        end
+      end
+    end
+  end
+end