lucid-cumulus 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/.gitignore +3 -0
- data/.travis.yml +11 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +29 -0
- data/LICENSE +202 -0
- data/README.md +41 -0
- data/autocomplete +137 -0
- data/bin/cumulus +658 -0
- data/cumulus +2 -0
- data/lib/autoscaling/AutoScaling.rb +40 -0
- data/lib/autoscaling/loader/Loader.rb +56 -0
- data/lib/autoscaling/manager/Manager.rb +360 -0
- data/lib/autoscaling/models/AlarmConfig.rb +165 -0
- data/lib/autoscaling/models/AlarmDiff.rb +172 -0
- data/lib/autoscaling/models/AutoScalingDiff.rb +178 -0
- data/lib/autoscaling/models/GroupConfig.rb +330 -0
- data/lib/autoscaling/models/PolicyConfig.rb +135 -0
- data/lib/autoscaling/models/PolicyDiff.rb +73 -0
- data/lib/autoscaling/models/ScheduledActionDiff.rb +53 -0
- data/lib/autoscaling/models/ScheduledConfig.rb +96 -0
- data/lib/aws_extensions/ec2/DhcpOptions.rb +41 -0
- data/lib/aws_extensions/ec2/Instance.rb +29 -0
- data/lib/aws_extensions/ec2/NetworkAcl.rb +25 -0
- data/lib/aws_extensions/ec2/NetworkInterface.rb +14 -0
- data/lib/aws_extensions/ec2/RouteTable.rb +26 -0
- data/lib/aws_extensions/ec2/SecurityGroup.rb +16 -0
- data/lib/aws_extensions/ec2/Subnet.rb +28 -0
- data/lib/aws_extensions/ec2/Volume.rb +24 -0
- data/lib/aws_extensions/ec2/Vpc.rb +14 -0
- data/lib/aws_extensions/ec2/VpcEndpoint.rb +11 -0
- data/lib/aws_extensions/elb/BackendServerDescription.rb +12 -0
- data/lib/aws_extensions/elb/PolicyDescription.rb +14 -0
- data/lib/aws_extensions/kinesis/StreamDescription.rb +12 -0
- data/lib/aws_extensions/route53/AliasTarget.rb +21 -0
- data/lib/aws_extensions/s3/Bucket.rb +33 -0
- data/lib/aws_extensions/s3/BucketAcl.rb +28 -0
- data/lib/aws_extensions/s3/BucketCors.rb +17 -0
- data/lib/aws_extensions/s3/BucketLifecycle.rb +21 -0
- data/lib/aws_extensions/s3/BucketLogging.rb +18 -0
- data/lib/aws_extensions/s3/BucketNotification.rb +23 -0
- data/lib/aws_extensions/s3/BucketPolicy.rb +18 -0
- data/lib/aws_extensions/s3/BucketTagging.rb +15 -0
- data/lib/aws_extensions/s3/BucketVersioning.rb +14 -0
- data/lib/aws_extensions/s3/BucketWebsite.rb +49 -0
- data/lib/aws_extensions/s3/CORSRule.rb +27 -0
- data/lib/aws_extensions/s3/ReplicationConfiguration.rb +22 -0
- data/lib/cloudfront/CloudFront.rb +83 -0
- data/lib/cloudfront/loader/Loader.rb +31 -0
- data/lib/cloudfront/manager/Manager.rb +183 -0
- data/lib/cloudfront/models/CacheBehaviorConfig.rb +237 -0
- data/lib/cloudfront/models/CacheBehaviorDiff.rb +211 -0
- data/lib/cloudfront/models/CustomOriginConfig.rb +51 -0
- data/lib/cloudfront/models/CustomOriginDiff.rb +74 -0
- data/lib/cloudfront/models/DistributionConfig.rb +183 -0
- data/lib/cloudfront/models/DistributionDiff.rb +131 -0
- data/lib/cloudfront/models/InvalidationConfig.rb +37 -0
- data/lib/cloudfront/models/OriginConfig.rb +144 -0
- data/lib/cloudfront/models/OriginDiff.rb +86 -0
- data/lib/cloudfront/models/OriginSslProtocols.rb +28 -0
- data/lib/cloudfront/models/OriginSslProtocolsDiff.rb +39 -0
- data/lib/common/BaseLoader.rb +80 -0
- data/lib/common/manager/Manager.rb +148 -0
- data/lib/common/models/Diff.rb +114 -0
- data/lib/common/models/ListChange.rb +21 -0
- data/lib/common/models/TagsDiff.rb +55 -0
- data/lib/common/models/UTCTimeSource.rb +17 -0
- data/lib/conf/Configuration.rb +365 -0
- data/lib/ec2/EC2.rb +503 -0
- data/lib/ec2/IPProtocolMapping.rb +165 -0
- data/lib/ec2/loaders/EbsLoader.rb +19 -0
- data/lib/ec2/loaders/InstanceLoader.rb +32 -0
- data/lib/ec2/managers/EbsManager.rb +176 -0
- data/lib/ec2/managers/InstanceManager.rb +509 -0
- data/lib/ec2/models/EbsGroupConfig.rb +133 -0
- data/lib/ec2/models/EbsGroupDiff.rb +48 -0
- data/lib/ec2/models/InstanceConfig.rb +202 -0
- data/lib/ec2/models/InstanceDiff.rb +95 -0
- data/lib/elb/ELB.rb +148 -0
- data/lib/elb/loader/Loader.rb +65 -0
- data/lib/elb/manager/Manager.rb +581 -0
- data/lib/elb/models/AccessLogConfig.rb +82 -0
- data/lib/elb/models/AccessLogDiff.rb +47 -0
- data/lib/elb/models/HealthCheckConfig.rb +91 -0
- data/lib/elb/models/HealthCheckDiff.rb +50 -0
- data/lib/elb/models/ListenerConfig.rb +99 -0
- data/lib/elb/models/ListenerDiff.rb +91 -0
- data/lib/elb/models/LoadBalancerConfig.rb +239 -0
- data/lib/elb/models/LoadBalancerDiff.rb +265 -0
- data/lib/iam/IAM.rb +36 -0
- data/lib/iam/loader/Loader.rb +117 -0
- data/lib/iam/manager/IamGroups.rb +98 -0
- data/lib/iam/manager/IamResource.rb +288 -0
- data/lib/iam/manager/IamRoles.rb +112 -0
- data/lib/iam/manager/IamUsers.rb +54 -0
- data/lib/iam/manager/Manager.rb +29 -0
- data/lib/iam/migration/AssumeRoleUnifier.rb +34 -0
- data/lib/iam/migration/PolicyUnifier.rb +90 -0
- data/lib/iam/models/GroupConfig.rb +40 -0
- data/lib/iam/models/IamDiff.rb +132 -0
- data/lib/iam/models/PolicyConfig.rb +67 -0
- data/lib/iam/models/ResourceWithPolicy.rb +208 -0
- data/lib/iam/models/RoleConfig.rb +53 -0
- data/lib/iam/models/StatementConfig.rb +35 -0
- data/lib/iam/models/UserConfig.rb +21 -0
- data/lib/kinesis/Kinesis.rb +94 -0
- data/lib/kinesis/loader/Loader.rb +19 -0
- data/lib/kinesis/manager/Manager.rb +206 -0
- data/lib/kinesis/models/StreamConfig.rb +75 -0
- data/lib/kinesis/models/StreamDiff.rb +58 -0
- data/lib/lambda/Lambda.rb +41 -0
- data/lib/route53/loader/Loader.rb +32 -0
- data/lib/route53/manager/Manager.rb +241 -0
- data/lib/route53/models/AliasTarget.rb +86 -0
- data/lib/route53/models/RecordConfig.rb +178 -0
- data/lib/route53/models/RecordDiff.rb +140 -0
- data/lib/route53/models/Vpc.rb +24 -0
- data/lib/route53/models/ZoneConfig.rb +156 -0
- data/lib/route53/models/ZoneDiff.rb +118 -0
- data/lib/s3/S3.rb +89 -0
- data/lib/s3/loader/Loader.rb +66 -0
- data/lib/s3/manager/Manager.rb +296 -0
- data/lib/s3/models/BucketConfig.rb +321 -0
- data/lib/s3/models/BucketDiff.rb +167 -0
- data/lib/s3/models/GrantConfig.rb +189 -0
- data/lib/s3/models/GrantDiff.rb +50 -0
- data/lib/s3/models/LifecycleConfig.rb +142 -0
- data/lib/s3/models/LifecycleDiff.rb +46 -0
- data/lib/s3/models/LoggingConfig.rb +81 -0
- data/lib/s3/models/NotificationConfig.rb +157 -0
- data/lib/s3/models/NotificationDiff.rb +62 -0
- data/lib/s3/models/ReplicationConfig.rb +133 -0
- data/lib/s3/models/ReplicationDiff.rb +60 -0
- data/lib/s3/models/WebsiteConfig.rb +107 -0
- data/lib/security/SecurityGroups.rb +39 -0
- data/lib/security/loader/Loader.rb +94 -0
- data/lib/security/manager/Manager.rb +246 -0
- data/lib/security/models/RuleConfig.rb +161 -0
- data/lib/security/models/RuleDiff.rb +72 -0
- data/lib/security/models/RuleMigration.rb +127 -0
- data/lib/security/models/SecurityGroupConfig.rb +172 -0
- data/lib/security/models/SecurityGroupDiff.rb +112 -0
- data/lib/sns/SNS.rb +40 -0
- data/lib/sqs/SQS.rb +62 -0
- data/lib/sqs/loader/Loader.rb +34 -0
- data/lib/sqs/manager/Manager.rb +128 -0
- data/lib/sqs/models/DeadLetterConfig.rb +70 -0
- data/lib/sqs/models/DeadLetterDiff.rb +35 -0
- data/lib/sqs/models/QueueConfig.rb +115 -0
- data/lib/sqs/models/QueueDiff.rb +89 -0
- data/lib/util/Colors.rb +111 -0
- data/lib/util/StatusCodes.rb +51 -0
- data/lib/vpc/loader/Loader.rb +73 -0
- data/lib/vpc/manager/Manager.rb +954 -0
- data/lib/vpc/models/AclEntryConfig.rb +150 -0
- data/lib/vpc/models/AclEntryDiff.rb +54 -0
- data/lib/vpc/models/DhcpConfig.rb +100 -0
- data/lib/vpc/models/DhcpDiff.rb +90 -0
- data/lib/vpc/models/EndpointConfig.rb +76 -0
- data/lib/vpc/models/EndpointDiff.rb +69 -0
- data/lib/vpc/models/NetworkAclConfig.rb +87 -0
- data/lib/vpc/models/NetworkAclDiff.rb +116 -0
- data/lib/vpc/models/RouteConfig.rb +82 -0
- data/lib/vpc/models/RouteDiff.rb +50 -0
- data/lib/vpc/models/RouteTableConfig.rb +92 -0
- data/lib/vpc/models/RouteTableDiff.rb +101 -0
- data/lib/vpc/models/SubnetConfig.rb +113 -0
- data/lib/vpc/models/SubnetDiff.rb +78 -0
- data/lib/vpc/models/VpcConfig.rb +173 -0
- data/lib/vpc/models/VpcDiff.rb +315 -0
- data/lucid-cumulus.gemspec +20 -0
- data/rakefile.rb +8 -0
- metadata +245 -0
@@ -0,0 +1,321 @@
|
|
1
|
+
require "aws_extensions/s3/Bucket"
|
2
|
+
require "aws_extensions/s3/BucketAcl"
|
3
|
+
require "aws_extensions/s3/BucketCors"
|
4
|
+
require "aws_extensions/s3/BucketLifecycle"
|
5
|
+
require "aws_extensions/s3/BucketLogging"
|
6
|
+
require "aws_extensions/s3/BucketNotification"
|
7
|
+
require "aws_extensions/s3/BucketPolicy"
|
8
|
+
require "aws_extensions/s3/BucketTagging"
|
9
|
+
require "aws_extensions/s3/BucketVersioning"
|
10
|
+
require "aws_extensions/s3/BucketWebsite"
|
11
|
+
require "aws_extensions/s3/CORSRule"
|
12
|
+
require "aws_extensions/s3/ReplicationConfiguration"
|
13
|
+
require "s3/loader/Loader"
|
14
|
+
require "s3/models/BucketDiff"
|
15
|
+
require "s3/models/GrantConfig"
|
16
|
+
require "s3/models/GrantDiff"
|
17
|
+
require "s3/models/LifecycleConfig"
|
18
|
+
require "s3/models/LoggingConfig"
|
19
|
+
require "s3/models/NotificationConfig"
|
20
|
+
require "s3/models/ReplicationConfig"
|
21
|
+
require "s3/models/ReplicationDiff"
|
22
|
+
require "s3/models/WebsiteConfig"
|
23
|
+
|
24
|
+
require "json"
|
25
|
+
|
26
|
+
module Cumulus
|
27
|
+
module S3
|
28
|
+
# Monkey patch the bucket so that it can get the bucket's replication configuration
|
29
|
+
Aws::S3::Bucket.send(:include, AwsExtensions::S3::Bucket)
|
30
|
+
# Also monkey patch buckets so they can get their location
|
31
|
+
Aws::S3::Bucket.send(:include, AwsExtensions::S3::Types::Bucket)
|
32
|
+
# Monkey patch BucketPolicy so you can get the policy without an exception
|
33
|
+
Aws::S3::BucketPolicy.send(:include, AwsExtensions::S3::BucketPolicy)
|
34
|
+
# Monkey patch BucketCors for the same reason
|
35
|
+
Aws::S3::BucketCors.send(:include, AwsExtensions::S3::BucketCors)
|
36
|
+
# Same for BucketTagging
|
37
|
+
Aws::S3::BucketTagging.send(:include, AwsExtensions::S3::BucketTagging)
|
38
|
+
# Monkey patch CORSRule to provide a decent to string
|
39
|
+
Aws::S3::Types::CORSRule.send(:include, AwsExtensions::S3::CORSRule)
|
40
|
+
# Monkey patch BucketAcl to provide a way to get grants in Cumulus format
|
41
|
+
Aws::S3::BucketAcl.send(:include, AwsExtensions::S3::BucketAcl)
|
42
|
+
# Monkey patch BucketWebsite to convert BucketWebsite to Cumulus format
|
43
|
+
Aws::S3::BucketWebsite.send(:include, AwsExtensions::S3::BucketWebsite)
|
44
|
+
# Monkey patch BucketLogging to convert BucketLogging to Cumulus format
|
45
|
+
Aws::S3::BucketLogging.send(:include, AwsExtensions::S3::BucketLogging)
|
46
|
+
# Make it so BucketVersioning has a versioning method that matches our versioning method
|
47
|
+
Aws::S3::BucketVersioning.send(:include, AwsExtensions::S3::BucketVersioning)
|
48
|
+
# Monkey patch BucketNotification to return an array of EventConfigs
|
49
|
+
Aws::S3::BucketNotification.send(:include, AwsExtensions::S3::BucketNotification)
|
50
|
+
# Monkey patch BucketLifecycle to return an array of LifecycleConfigs
|
51
|
+
Aws::S3::BucketLifecycle.send(:include, AwsExtensions::S3::BucketLifecycle)
|
52
|
+
# Monkey patch ReplicationConfiguration to convert to Cumulus format
|
53
|
+
Aws::S3::Types::ReplicationConfiguration.send(:include, AwsExtensions::S3::ReplicationConfiguration)
|
54
|
+
|
55
|
+
# Public: An object representing configuration for an S3 bucket
|
56
|
+
class BucketConfig
|
57
|
+
attr_reader :cors
|
58
|
+
attr_reader :grants
|
59
|
+
attr_reader :lifecycle
|
60
|
+
attr_reader :logging
|
61
|
+
attr_reader :name
|
62
|
+
attr_reader :notifications
|
63
|
+
attr_reader :policy
|
64
|
+
attr_reader :region
|
65
|
+
attr_reader :replication
|
66
|
+
attr_reader :tags
|
67
|
+
attr_reader :versioning
|
68
|
+
attr_reader :website
|
69
|
+
|
70
|
+
# Public: Constructor
|
71
|
+
#
|
72
|
+
# name - the name of the bucket
|
73
|
+
# json - a hash containing the JSON configuration for the bucket
|
74
|
+
def initialize(name, json = nil)
|
75
|
+
@name = name
|
76
|
+
if json
|
77
|
+
@region = json["region"]
|
78
|
+
@tags = json["tags"] || {}
|
79
|
+
if json["permissions"]["cors"]
|
80
|
+
@cors = Loader.cors_policy(
|
81
|
+
json["permissions"]["cors"]["template"],
|
82
|
+
json["permissions"]["cors"]["vars"] || {}
|
83
|
+
)
|
84
|
+
end
|
85
|
+
if json["permissions"]["policy"]
|
86
|
+
@policy = Loader.bucket_policy(
|
87
|
+
json["permissions"]["policy"]["template"],
|
88
|
+
json["permissions"]["policy"]["vars"] || {}
|
89
|
+
)
|
90
|
+
end
|
91
|
+
if json["permissions"]["grants"]
|
92
|
+
@grants = Hash[json["permissions"]["grants"].map do |g|
|
93
|
+
[g["name"], GrantConfig.new(g)]
|
94
|
+
end]
|
95
|
+
end
|
96
|
+
@website = if json["website"] then WebsiteConfig.new(json["website"]) end
|
97
|
+
@logging = if json["logging"] then LoggingConfig.new(json["logging"]) end
|
98
|
+
@notifications = Hash[(json["notifications"] || []).map { |n| [n["name"], NotificationConfig.new(n)] }]
|
99
|
+
@lifecycle = Hash[(json["lifecycle"] || []).map { |l| [l["name"], LifecycleConfig.new(l)] }]
|
100
|
+
@versioning = json["versioning"] || false
|
101
|
+
@replication = if json["replication"] then ReplicationConfig.new(json["replication"]) end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
# Public: Populate this BucketConfig from the values in an AWS bucket.
|
106
|
+
#
|
107
|
+
# aws - the aws resource
|
108
|
+
# cors - a hash of the names of cors policies to the string value of those policies
|
109
|
+
# policies - a hash of the names of policies to the string value of those policies
|
110
|
+
#
|
111
|
+
# Returns the key names of the new policy or cors policy so they can be written
|
112
|
+
# to file immediately
|
113
|
+
def populate!(aws, cors, policies)
|
114
|
+
@region = aws.location
|
115
|
+
@grants = aws.acl.to_cumulus
|
116
|
+
@website = aws.website.to_cumulus
|
117
|
+
@logging = aws.logging.to_cumulus
|
118
|
+
@notifications = aws.notification.to_cumulus
|
119
|
+
@lifecycle = aws.lifecycle.to_cumulus
|
120
|
+
@versioning = aws.versioning.enabled
|
121
|
+
@replication = aws.replication.to_cumulus rescue nil
|
122
|
+
@tags = Hash[aws.tagging.safe_tags.map { |t| [t.key, t.value] }]
|
123
|
+
|
124
|
+
policy = aws.policy.policy_string
|
125
|
+
if policy and policy != ""
|
126
|
+
policy = JSON.pretty_generate(JSON.parse(policy))
|
127
|
+
if policies.has_value? policy
|
128
|
+
@policy_name = policies.key(policy)
|
129
|
+
else
|
130
|
+
@policy_name = "#{@name}-policy"
|
131
|
+
policies[@policy_name] = policy
|
132
|
+
@new_policy_key = @policy_name
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
136
|
+
cors_string = JSON.pretty_generate(aws.cors.rules.map(&:to_h))
|
137
|
+
if cors_string and !aws.cors.rules.empty?
|
138
|
+
if cors.has_value? cors_string
|
139
|
+
@cors_name = cors.key(cors_string)
|
140
|
+
else
|
141
|
+
@cors_name = "#{@name}-cors"
|
142
|
+
cors[@cors_name] = cors_string
|
143
|
+
@new_cors_key = @cors_name
|
144
|
+
end
|
145
|
+
end
|
146
|
+
|
147
|
+
return @new_policy_key, @new_cors_key
|
148
|
+
end
|
149
|
+
|
150
|
+
# Public: Produce a pretty JSON version of this BucketConfig.
|
151
|
+
#
|
152
|
+
# Returns the pretty JSON string.
|
153
|
+
def pretty_json
|
154
|
+
JSON.pretty_generate({
|
155
|
+
region: @region,
|
156
|
+
permissions: {
|
157
|
+
policy: if @policy_name then {
|
158
|
+
template: @policy_name,
|
159
|
+
} end,
|
160
|
+
cors: if @cors_name then {
|
161
|
+
template: @cors_name,
|
162
|
+
} end,
|
163
|
+
grants: @grants.values.map(&:to_h)
|
164
|
+
}.reject { |k, v| v.nil? },
|
165
|
+
website: if @website then @website.to_h end,
|
166
|
+
logging: if @logging then @logging.to_h end,
|
167
|
+
notifications: if !@notifications.empty? then @notifications.values.map(&:to_h) end,
|
168
|
+
lifecycle: if !@lifecycle.empty? then @lifecycle.values.map(&:to_h) end,
|
169
|
+
versioning: @versioning,
|
170
|
+
replication: if @replication then @replication.to_h end,
|
171
|
+
tags: @tags,
|
172
|
+
}.reject { |k, v| v.nil? })
|
173
|
+
end
|
174
|
+
|
175
|
+
# Public: Produce an array of differences between this local configuration and the
|
176
|
+
# configuration in AWS
|
177
|
+
#
|
178
|
+
# aws - the AWS resource
|
179
|
+
#
|
180
|
+
# Returns an array of the BucketDiffs that were found
|
181
|
+
def diff(aws)
|
182
|
+
diffs = []
|
183
|
+
|
184
|
+
if @tags != Hash[aws.tagging.safe_tags.map { |t| [t.key, t.value] }]
|
185
|
+
diffs << BucketDiff.new(BucketChange::TAGS, aws, self)
|
186
|
+
end
|
187
|
+
if @policy != aws.policy.policy_string and !(@policy.nil? and aws.policy.policy_string == "")
|
188
|
+
diffs << BucketDiff.new(BucketChange::POLICY, aws, self)
|
189
|
+
end
|
190
|
+
if @cors != aws.cors.rules and !(@cors.nil? and aws.cors.rules == [])
|
191
|
+
diffs << BucketDiff.new(BucketChange::CORS, aws, self)
|
192
|
+
end
|
193
|
+
if @website != aws.website.to_cumulus
|
194
|
+
diffs << BucketDiff.new(BucketChange::WEBSITE, aws, self)
|
195
|
+
end
|
196
|
+
if @logging != aws.logging.to_cumulus
|
197
|
+
diffs << BucketDiff.new(BucketChange::LOGGING, aws, self)
|
198
|
+
end
|
199
|
+
if @versioning != aws.versioning.enabled
|
200
|
+
diffs << BucketDiff.new(BucketChange::VERSIONING, aws, self)
|
201
|
+
end
|
202
|
+
|
203
|
+
grants_diffs = diff_grants(@grants, aws.acl.to_cumulus)
|
204
|
+
if !grants_diffs.empty?
|
205
|
+
diffs << BucketDiff.grant_changes(grants_diffs, self)
|
206
|
+
end
|
207
|
+
|
208
|
+
notification_diffs = diff_notifications(@notifications, aws.notification.to_cumulus)
|
209
|
+
if !notification_diffs.empty?
|
210
|
+
diffs << BucketDiff.notification_changes(notification_diffs, self)
|
211
|
+
end
|
212
|
+
|
213
|
+
lifecycle_diffs = diff_lifecycle(@lifecycle, aws.lifecycle.to_cumulus)
|
214
|
+
if !lifecycle_diffs.empty?
|
215
|
+
diffs << BucketDiff.lifecycle_changes(lifecycle_diffs, self)
|
216
|
+
end
|
217
|
+
|
218
|
+
aws_replication = aws.replication
|
219
|
+
if aws_replication then aws_replication = aws_replication.to_cumulus end
|
220
|
+
replication_diffs = diff_replication(@replication, aws_replication)
|
221
|
+
if !replication_diffs.empty?
|
222
|
+
diffs << BucketDiff.replication_changes(replication_diffs, self)
|
223
|
+
end
|
224
|
+
|
225
|
+
diffs
|
226
|
+
end
|
227
|
+
|
228
|
+
private
|
229
|
+
|
230
|
+
# Internal: Determine changes in grants.
|
231
|
+
#
|
232
|
+
# local - the grants defined locally (hash from name to config)
|
233
|
+
# aws - the grants defined in aws (hash from name to config)
|
234
|
+
#
|
235
|
+
# Returns an array of GrantDiffs represeting the differences between local
|
236
|
+
# AWS configuration
|
237
|
+
def diff_grants(local, aws)
|
238
|
+
diff_configs(local, aws, {
|
239
|
+
unmanaged: GrantDiff.method(:unmanaged),
|
240
|
+
added: GrantDiff.method(:added)
|
241
|
+
})
|
242
|
+
end
|
243
|
+
|
244
|
+
# Internal: Determine changes in notifications.
|
245
|
+
#
|
246
|
+
# local - the notifications defined locally (hash from name to config)
|
247
|
+
# aws - the notifications defined in aws (hash from name to config)
|
248
|
+
#
|
249
|
+
# Returns an array of NotificationDiffs representing the differences between
|
250
|
+
# local and AWS configuration
|
251
|
+
def diff_notifications(local, aws)
|
252
|
+
diff_configs(local, aws, {
|
253
|
+
unmanaged: NotificationDiff.method(:unmanaged),
|
254
|
+
added: NotificationDiff.method(:added)
|
255
|
+
})
|
256
|
+
end
|
257
|
+
|
258
|
+
# Internal: Determine changes in lifecycle rules.
|
259
|
+
#
|
260
|
+
# local - the lifecycle rules defined locally (hash from name to config)
|
261
|
+
# aws - the lifecycle rules defined in aws (hash from name to config)
|
262
|
+
#
|
263
|
+
# Returns an array of LifecycleDiffs representing the differences between
|
264
|
+
# local and AWS configuration.
|
265
|
+
def diff_lifecycle(local, aws)
|
266
|
+
diff_configs(local, aws, {
|
267
|
+
unmanaged: LifecycleDiff.method(:unmanaged),
|
268
|
+
added: LifecycleDiff.method(:added)
|
269
|
+
})
|
270
|
+
end
|
271
|
+
|
272
|
+
# Internal: Determine changes in replication.
|
273
|
+
#
|
274
|
+
# local - the local replication configuration
|
275
|
+
# aws - the aws replication configuration
|
276
|
+
#
|
277
|
+
# Returns an array of ReplicationDiffs representing the differences between
|
278
|
+
# local and AWS configuration.
|
279
|
+
def diff_replication(local, aws)
|
280
|
+
diffs = []
|
281
|
+
|
282
|
+
if local and aws
|
283
|
+
diffs << local.diff(aws)
|
284
|
+
elsif local
|
285
|
+
diffs << ReplicationDiff.added(local)
|
286
|
+
elsif aws
|
287
|
+
diffs << ReplicationDiff.unmanaged(local)
|
288
|
+
end
|
289
|
+
|
290
|
+
diffs.flatten
|
291
|
+
end
|
292
|
+
|
293
|
+
# Internal: Determine changes in sub configurations.
|
294
|
+
#
|
295
|
+
# local - the local configurations (hash from name to config)
|
296
|
+
# aws - the aws configurations (hash from name to config)
|
297
|
+
# options - a hash that contains the following operations to run
|
298
|
+
# unmanaged - a function that creates the unmanaged diff
|
299
|
+
# added - a function that creates the added diff
|
300
|
+
#
|
301
|
+
# Returns an array of diffs representing the differences between local
|
302
|
+
# and AWS configuration
|
303
|
+
def diff_configs(local, aws, options)
|
304
|
+
diffs = []
|
305
|
+
|
306
|
+
diffs << aws.reject { |k, v| local.include?(k) }.map { |k, v| options[:unmanaged].call(v) }
|
307
|
+
local.each do |k, v|
|
308
|
+
if aws.include?(k)
|
309
|
+
if v != aws[k]
|
310
|
+
diffs << v.diff(aws[k])
|
311
|
+
end
|
312
|
+
else
|
313
|
+
diffs << options[:added].call(v)
|
314
|
+
end
|
315
|
+
end
|
316
|
+
|
317
|
+
diffs.flatten
|
318
|
+
end
|
319
|
+
end
|
320
|
+
end
|
321
|
+
end
|
@@ -0,0 +1,167 @@
|
|
1
|
+
require "common/models/Diff"
|
2
|
+
require "common/models/TagsDiff"
|
3
|
+
require "util/Colors"
|
4
|
+
|
5
|
+
module Cumulus
|
6
|
+
module S3
|
7
|
+
# Public: The types of changes that can be made to an S3 bucket
|
8
|
+
module BucketChange
|
9
|
+
include Common::DiffChange
|
10
|
+
|
11
|
+
CORS = Common::DiffChange.next_change_id
|
12
|
+
GRANTS = Common::DiffChange.next_change_id
|
13
|
+
LIFECYCLE = Common::DiffChange.next_change_id
|
14
|
+
LOGGING = Common::DiffChange.next_change_id
|
15
|
+
NOTIFICATIONS = Common::DiffChange.next_change_id
|
16
|
+
POLICY = Common::DiffChange.next_change_id
|
17
|
+
REPLICATION = Common::DiffChange.next_change_id
|
18
|
+
TAGS = Common::DiffChange.next_change_id
|
19
|
+
VERSIONING = Common::DiffChange.next_change_id
|
20
|
+
WEBSITE = Common::DiffChange.next_change_id
|
21
|
+
end
|
22
|
+
|
23
|
+
# Public: Represents a single difference between local configuration and AWS
|
24
|
+
# S3 bucket configuration
|
25
|
+
class BucketDiff < Common::Diff
|
26
|
+
include BucketChange
|
27
|
+
include Common::TagsDiff
|
28
|
+
|
29
|
+
attr_accessor :grants
|
30
|
+
attr_accessor :lifecycle
|
31
|
+
attr_accessor :notifications
|
32
|
+
attr_accessor :replication
|
33
|
+
|
34
|
+
# Public: Static method that will create a diff representing changes in grants
|
35
|
+
#
|
36
|
+
# grants - the grant changes
|
37
|
+
# local - the local configuration
|
38
|
+
#
|
39
|
+
# Returns the diff
|
40
|
+
def self.grant_changes(grants, local)
|
41
|
+
diff = BucketDiff.new(GRANTS, nil, local)
|
42
|
+
diff.grants = grants
|
43
|
+
diff
|
44
|
+
end
|
45
|
+
|
46
|
+
# Public: Static method that will create a diff representing changes in
|
47
|
+
# notifications.
|
48
|
+
#
|
49
|
+
# notifications - the notification changes
|
50
|
+
# local - the local configuration
|
51
|
+
#
|
52
|
+
# Returns the diff
|
53
|
+
def self.notification_changes(notifications, local)
|
54
|
+
diff = BucketDiff.new(NOTIFICATIONS, nil, local)
|
55
|
+
diff.notifications = notifications
|
56
|
+
diff
|
57
|
+
end
|
58
|
+
|
59
|
+
# Public: Static method that will create a diff representing changes in
|
60
|
+
# lifecycle rules.
|
61
|
+
#
|
62
|
+
# lifecycle - the lifecycle changes
|
63
|
+
# local - the local configuration
|
64
|
+
#
|
65
|
+
# Returns the diff
|
66
|
+
def self.lifecycle_changes(lifecycle, local)
|
67
|
+
diff = BucketDiff.new(LIFECYCLE, nil, local)
|
68
|
+
diff.lifecycle = lifecycle
|
69
|
+
diff
|
70
|
+
end
|
71
|
+
|
72
|
+
# Public: Static method that will create a diff representing changes in
|
73
|
+
# replication configuration.
|
74
|
+
#
|
75
|
+
# replication - the replication configuration
|
76
|
+
# local - the local configuration
|
77
|
+
#
|
78
|
+
# Returns the diff
|
79
|
+
def self.replication_changes(replication, local)
|
80
|
+
diff = BucketDiff.new(REPLICATION, nil, local)
|
81
|
+
diff.replication = replication
|
82
|
+
diff
|
83
|
+
end
|
84
|
+
|
85
|
+
def diff_string
|
86
|
+
case @type
|
87
|
+
when CORS
|
88
|
+
[
|
89
|
+
"CORS Rules:",
|
90
|
+
removed_cors.map { |cors| Colors.removed("\t#{cors}") },
|
91
|
+
added_cors.map { |cors| Colors.added("\t#{cors}") }
|
92
|
+
].flatten.join("\n")
|
93
|
+
when GRANTS
|
94
|
+
[
|
95
|
+
"Grants:",
|
96
|
+
grants.flat_map { |g| g.to_s.lines.map { |s| "\t#{s}" }.join },
|
97
|
+
].flatten.join("\n")
|
98
|
+
when LIFECYCLE
|
99
|
+
[
|
100
|
+
"Lifecycle Rules:",
|
101
|
+
lifecycle.flat_map { |n| n.to_s.lines.map { |s| "\t#{s}" }.join },
|
102
|
+
].flatten.join("\n")
|
103
|
+
when LOGGING
|
104
|
+
[
|
105
|
+
"Logging Settings:",
|
106
|
+
Colors.aws_changes("\tAWS\t- #{if @aws.logging.to_cumulus then @aws.logging.to_cumulus else "Not enabled" end}"),
|
107
|
+
Colors.local_changes("\tLocal\t- #{if @local.logging then @local.logging else "Not enabled" end}")
|
108
|
+
].join("\n")
|
109
|
+
when NOTIFICATIONS
|
110
|
+
[
|
111
|
+
"Notifications:",
|
112
|
+
notifications.flat_map { |n| n.to_s.lines.map { |s| "\t#{s}" }.join },
|
113
|
+
].flatten.join("\n")
|
114
|
+
when POLICY
|
115
|
+
[
|
116
|
+
"Bucket Policy:",
|
117
|
+
Colors.aws_changes("\tAWS\t- #{@aws.policy.policy_string}"),
|
118
|
+
Colors.local_changes("\tLocal\t- #{@local.policy}")
|
119
|
+
].join("\n")
|
120
|
+
when REPLICATION
|
121
|
+
[
|
122
|
+
"Replication:",
|
123
|
+
replication.flat_map { |r| r.to_s.lines.map { |s| "\t#{s}" }.join },
|
124
|
+
].flatten.join("\n")
|
125
|
+
when TAGS
|
126
|
+
tags_diff_string
|
127
|
+
when VERSIONING
|
128
|
+
"Versioning: AWS - #{Colors.aws_changes(@aws.versioning.enabled)}, Local - #{Colors.local_changes(@local.versioning)}"
|
129
|
+
when WEBSITE
|
130
|
+
[
|
131
|
+
"S3 Website Settings:",
|
132
|
+
Colors.aws_changes("\tAWS\t- #{if @aws.website.to_cumulus then @aws.website.to_cumulus else "Not enabled" end}"),
|
133
|
+
Colors.local_changes("\tLocal\t- #{if @local.website then @local.website else "Not enabled" end}"),
|
134
|
+
].join("\n")
|
135
|
+
end
|
136
|
+
end
|
137
|
+
|
138
|
+
def asset_type
|
139
|
+
"Bucket"
|
140
|
+
end
|
141
|
+
|
142
|
+
def aws_name
|
143
|
+
@aws.name
|
144
|
+
end
|
145
|
+
|
146
|
+
# Public: Get the CORS rules to remove.
|
147
|
+
#
|
148
|
+
# Returns an array of CORSRules
|
149
|
+
def removed_cors
|
150
|
+
@aws.cors.rules - (@local.cors || [])
|
151
|
+
end
|
152
|
+
|
153
|
+
# Public: Get the CORS rules to add.
|
154
|
+
#
|
155
|
+
# Returns an array of CORSRules.
|
156
|
+
def added_cors
|
157
|
+
(@local.cors || []) - @aws.cors.rules
|
158
|
+
end
|
159
|
+
|
160
|
+
private
|
161
|
+
|
162
|
+
def aws_tags_list
|
163
|
+
@aws.tagging.safe_tags
|
164
|
+
end
|
165
|
+
end
|
166
|
+
end
|
167
|
+
end
|