lucid-cumulus 0.11.3 → 0.11.4

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    YjEyYTM3MTYyNGM3MGJmN2I4MGVmNTJlYjYwYmQwOTlhMjYwMTUxYw==
+    ODQ5Zjk4Y2RmOTM0YWQyOTY1NTg1MWRkNDAxZDU1MzkwNmM5OTIzNQ==
   data.tar.gz: !binary |-
-    OTA3NWQ3N2NhYmUyZDBjNzk2MTRjYzcxMTEzNzA5ZGE1YTNlODQ5Mw==
+    MjExNzdjZjRjZWViYzhmODBjMzRhZmI1NGUwNmY0N2YxYzc3YzIyYw==
 SHA512:
   metadata.gz: !binary |-
-    ZTE1ZmViZDAyMzUxNWJkNmMxODljNzJmZWI0YWU2NGFkOWQzMmE3YzQ3ZWRi
-    ZjlhZWQ5ZTc1NTk3MTI3NTRmNjE3MGY3NzIxZDgyYjA2OTI3NDgxZDFiZmIz
-    YTRmMzcwY2FlNTAxMTA3NjhjNWQ4OTU3N2U5NWQ0NDYxOGIyOWI=
+    ZTA0ODEwYTY5ZGM1ZTE1ZDNmNDI4YjBlMTA3MmFiMzliZmE3YjkxZjg0MDZl
+    Y2FmMDdmNzQ4OTEwOGM4YzYwMDUxODdjMTZiM2ZkOTYyZjM5OWVkNzY3ZmJh
+    MGY2NWQxN2M4OTcwYTA3ZWZmOGJjNGRlOTBhOGNkNjViZmNlMDg=
   data.tar.gz: !binary |-
-    ZTBlMjNkYTllZmI5NTI1NDljZWEyNmIwYWUyNGJiYjgyZjE4YjVmOTFkN2U4
-    YTlhN2ExMGU2Yjc0Yjk2YTI5MDA5OGYzZDkxOTIwYmQ0NDA2N2M1NjYzYjhl
-    ZjQ4ZTQxNzU4YWYzMWI3ZmU1ODAxMGU4ODc1Yzg0ZDJkODBmOTk=
+    NWI2YmI5ZWVlODI3MjAxMWM4MGVhY2MxOTgzZGVkOGZhZTc0YTk3MWQ2MDA1
+    NTdjNGYxNjdmMWFiNzU5OTdmNWEzYjNmNWI1YmU1YmI4YmJlNzdhMzc2N2Y3
+    MmQyOGE2MWFlNzdiNWRlNjJmOTdjYzkyMjIwMDMyMWIyMmYyMjM=

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    lucid-cumulus (0.11.3)
+    lucid-cumulus (0.11.4)
       aws-sdk (= 2.2.30)
       deepsort (~> 0.1)
       parse-cron (~> 0.1.4)

data/README.md

@@ -1,12 +1,17 @@
 # cumulus
 
-[![Build Status](https://travis-ci.org/lucidsoftware/cumulus.svg?branch=master)](https://travis-ci.org/lucidsoftware/cumulus)
+[![Join the chat at https://gitter.im/lucidsoftware/cumulus](https://badges.gitter.im/lucidsoftware/cumulus.svg)](https://gitter.im/lucidsoftware/cumulus?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Stories in Ready](https://badge.waffle.io/lucidsoftware/cumulus.png?label=ready&title=Ready)](https://waffle.io/lucidsoftware/cumulus) [![Gem Version](https://badge.fury.io/rb/lucid-cumulus.svg)](https://badge.fury.io/rb/lucid-cumulus) [![Build Status](https://travis-ci.org/lucidsoftware/cumulus.svg?branch=master)](https://travis-ci.org/lucidsoftware/cumulus)
 
-[![Join the chat at https://gitter.im/lucidsoftware/cumulus](https://badges.gitter.im/lucidsoftware/cumulus.svg)](https://gitter.im/lucidsoftware/cumulus?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+CloudFormation alternative
 
-[![Stories in Ready](https://badge.waffle.io/lucidsoftware/cumulus.png?label=ready&title=Ready)](https://waffle.io/lucidsoftware/cumulus)
+### Installation
+
+To install cumulus, open a terminal and type:
+```bash
+gem install lucid-cumulus
+```
+Optionally, you can set up auto-completion by copying the autocomplete file in the root of the Cumulus repo to /etc/bash_completion.d/cumulus
 
-CloudFormation alternative
 
 ### Usage
 

data/lib/aws_extensions/iam/Policy.rb

@@ -0,0 +1,22 @@
+require "json"
+require "deepsort"
+
+module AwsExtensions
+  module IAM
+    module Policy
+      def as_hash
+        # Sort the statments to prevent false conflicts while diffing
+        sorted_policy = JSON.parse(URI.unescape(policy_document)).deep_sort
+        sorted_policy["Statement"].each do |statement|
+          # actions sometimes contains a single string element instead of the expected array
+          statement["Action"] = [statement["Action"]] if statement["Action"].is_a? String
+          # resources sometimes contains a single string element instead of the expected array
+          statement["Resource"] = [statement["Resource"]] if statement["Resource"].is_a? String
+        end
+        # return the sorted policy hash
+        sorted_policy
+      end
+    end
+  end
+end
+

data/lib/iam/models/PolicyConfig.rb

@@ -1,5 +1,5 @@
 require "conf/Configuration"
-
+require "deepsort"
 require "json"
 
 module Cumulus
@@ -59,7 +59,7 @@ module Cumulus
         {
           "Version" => @version,
           "Statement" => statements
-        }
+        }.deep_sort
       end
 
     end

data/lib/iam/models/ResourceWithPolicy.rb

@@ -4,11 +4,18 @@ require "iam/models/IamDiff"
 require "iam/models/PolicyConfig"
 require "iam/models/StatementConfig"
 require "util/Colors"
+require "deepsort"
+require "aws_extensions/iam/Policy"
 
 require "json"
 
 module Cumulus
   module IAM
+    # Monkey patch the bucket so that it can get the bucket's replication configuration
+    Aws::IAM::UserPolicy.send(:include, AwsExtensions::IAM::Policy)
+    Aws::IAM::RolePolicy.send(:include, AwsExtensions::IAM::Policy)
+    Aws::IAM::GroupPolicy.send(:include, AwsExtensions::IAM::Policy)
+
     # Public: Represents a configuration for a resource that has attached policies.
     # Lazily loads its static and template policies as needed. Is the base class for
     # groups, roles, and users.
@@ -168,13 +175,7 @@ module Cumulus
         diffs = []
 
         aws_policies = Hash[aws_resource.policies.map do |policy|
-          sorted_policy = JSON.parse(URI.unescape(policy.policy_document))
-          sorted_policy["Statement"].each do |statement|
-            # Sort the statments before diffing to prevent false conflicts
-            statement["Action"].sort!
-            statement["Resource"].sort!
-          end
-          [policy.name, sorted_policy]
+          [policy.name, policy.as_hash]
         end]
         p = policy
         p.name = generated_policy_name

data/lib/iam/models/StatementConfig.rb

@@ -12,8 +12,23 @@ module Cumulus
       # json - the Hash containing the JSON configuration for this StatementConfig
       def initialize(json)
         @effect = json["Effect"]
-        @action = json["Action"].sort
-        @resource = json["Resource"].sort
+        # Action and Resource elements are sometimes strings instead of arrays of strings.
+        @action = if json["Action"].is_a? Array
+          json["Action"].sort
+        elsif json["Action"].is_a? String
+          # convert single element strings into arrays
+          json["Action"] = [json["Action"]]
+        else
+          raise Exception.new("invalid policy statement resource")
+        end
+        @resource = if json["Resource"].is_a? Array
+          json["Resource"].sort
+        elsif json["Resource"].is_a? String
+          # convert single element strings into arrays
+          json["Resource"] = [json["Resource"]]
+        else
+          raise Exception.new("invalid policy statement resource")
+        end
         @condition = json["Condition"]
       end
 
@@ -22,12 +37,12 @@ module Cumulus
       #
       # Returns the Hash representing this StatementConfig.
       def as_hash
-        {
+        Hash[{
           "Effect" => @effect,
           "Action" => @action,
           "Resource" => @resource,
           "Condition" => @condition
-        }.reject { |k, v| v.nil? }
+        }.sort].reject { |k, v| v.nil? }
       end
 
     end

data/lib/security/models/RuleConfig.rb

@@ -57,9 +57,15 @@ module Cumulus
             rule_hash = json.clone
 
             if port.is_a? String
-              parts = port.split("-").map(&:strip)
-              rule_hash["from-port"] = parts[0].to_i
-              rule_hash["to-port"] = parts[1].to_i
+              if port.downcase == "all"
+                # to include 'all' ports, aws expects both the from-port and the to-port to be nil
+                rule_hash["from-port"] = nil
+                rule_hash["to-port"] = nil
+              else
+                parts = port.split("-").map(&:strip)
+                rule_hash["from-port"] = parts[0].to_i
+                rule_hash["to-port"] = parts[1].to_i
+              end
             else
               rule_hash["from-port"] = port
               rule_hash["to-port"] = port
@@ -87,9 +93,21 @@ module Cumulus
         end
 
         @security_groups = if !json["security-groups"].nil? then json["security-groups"] else [] end
-        @subnets = if !json["subnets"].nil?
-          json["subnets"].flat_map do |subnet|
-            if subnet.match(/\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}\/\d+/).nil?
+        @subnets = unless json["subnets"].nil?
+          # interpret single strings as a string within an array
+          # subnets: "0.0.0.0/0"
+          #   is the same as:
+          # subnets: [
+          #   "0.0.0.0/0"
+          # ]
+          if json["subnets"].is_a?(String)
+            [json["subnets"]]
+          else
+            json["subnets"]
+          end.flat_map do |subnet|
+            if subnet.downcase == "all"
+              "0.0.0.0/0" # all subnets according to aws sdk
+            elsif subnet.match(/\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}\/\d+/).nil?
               Loader.subnet_group(subnet)
             else
               subnet

data/lib/security/models/RuleDiff.rb

@@ -53,6 +53,7 @@ module Cumulus
         # yes, for real, AWS returns the STRING "-1" if all protocols are allowed
         protocol = if config.protocol == "-1" then "All" else config.protocol end
         allowed = (config.security_groups + config.subnets).join(", ")
+        allowed = "all addresses" if allowed == "0.0.0.0/0"
 
         temp = "Allowed: #{allowed}, Protocol: #{protocol}, "
         if protocol.downcase == "icmp"
@@ -60,7 +61,7 @@ module Cumulus
         elsif config.from != config.to
           temp << "Ports: #{config.from}-#{config.to}"
         elsif config.from.nil?
-          temp << "Ports: All"
+          temp << "Ports: all"
         else
           temp << "Port: #{config.from}"
         end

data/lucid-cumulus.gemspec

@@ -4,7 +4,7 @@ require "bundler"
 
 Gem::Specification.new do |s|
   s.name                      = "lucid-cumulus"
-  s.version                   = "0.11.3"
+  s.version                   = "0.11.4"
   s.platform                  = Gem::Platform::RUBY
   s.authors                   = ["Keilan Jackson", "Mark Siebert"]
   s.email                     = "cumulus@lucidchart.com"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: lucid-cumulus
 version: !ruby/object:Gem::Version
-  version: 0.11.3
+  version: 0.11.4
 platform: ruby
 authors:
 - Keilan Jackson
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-11 00:00:00.000000000 Z
+date: 2016-08-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -93,6 +93,7 @@ files:
 - lib/aws_extensions/ec2/VpcEndpoint.rb
 - lib/aws_extensions/elb/BackendServerDescription.rb
 - lib/aws_extensions/elb/PolicyDescription.rb
+- lib/aws_extensions/iam/Policy.rb
 - lib/aws_extensions/kinesis/StreamDescription.rb
 - lib/aws_extensions/route53/AliasTarget.rb
 - lib/aws_extensions/s3/Bucket.rb