minimal_pipeline 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/minimal_pipeline.rb +1 -0
- data/lib/minimal_pipeline/ec2.rb +132 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '0269cb3b98b76aaa94744fd7afd155f4eb539060bc44805ef93de56a09a403de'
|
|
4
|
+
data.tar.gz: 314f3eb756620b6a77e77b613e10480c697f42480d975ce8cd264e53b2cae887
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 25c1f7a9de134a874a32cc34c40c35ac8346cdd30a32c8e1c54950294eb12044d74890c9368ea63bee1d65fe88d70f934cd7100f0715253031a4c8c6090231f2
|
|
7
|
+
data.tar.gz: 941b5c26d156a84fc04063ae0225fa0554d05c3f6ec2172e7773ade4c17b066d5507e529e763467bf29cb22cacf792d3f8dc37cf19511469dfcb957cc62b6abf
|
data/lib/minimal_pipeline.rb
CHANGED
|
@@ -13,6 +13,7 @@ class MinimalPipeline
|
|
|
13
13
|
autoload(:Cloudformation, 'minimal_pipeline/cloudformation')
|
|
14
14
|
autoload(:Crossing, 'minimal_pipeline/crossing')
|
|
15
15
|
autoload(:Docker, 'minimal_pipeline/docker')
|
|
16
|
+
autoload(:Ec2, 'minimal_pipeline/ec2')
|
|
16
17
|
autoload(:Keystore, 'minimal_pipeline/keystore')
|
|
17
18
|
autoload(:Lambda, 'minimal_pipeline/lambda')
|
|
18
19
|
autoload(:Packer, 'minimal_pipeline/packer')
|
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
require 'aws-sdk'
|
|
2
|
+
|
|
3
|
+
class MinimalPipeline
|
|
4
|
+
# # For Account 1:
|
|
5
|
+
# ec2 = MinimalPipeline::Ec2.new
|
|
6
|
+
# block_device_mappings = ec2.prepare_snapshots_for_account('ami-id',
|
|
7
|
+
# 'account-id')
|
|
8
|
+
#
|
|
9
|
+
# # Promote AMI via SQS
|
|
10
|
+
# sqs = MinimalPipeline::Sqs.new
|
|
11
|
+
# sqs.send_message('queue-name', block_device_mappings.to_json)
|
|
12
|
+
#
|
|
13
|
+
# # For Account 2, after getting block_device_mappings
|
|
14
|
+
# ec2 = MinimalPipeline::Ec2.new
|
|
15
|
+
# new_mappings = ec2.copy_snapshots_in_new_account(block_device_mappings)
|
|
16
|
+
# ec2.register_ami(new_mappings, 'ami-name')
|
|
17
|
+
class Ec2
|
|
18
|
+
# Initializes a `Ec2` client
|
|
19
|
+
# Requires environment variables `AWS_REGION` or `region` to be set.
|
|
20
|
+
# Also requires `keystore_table` and `keystore_kms_id`
|
|
21
|
+
def initialize
|
|
22
|
+
raise 'You must set env variable AWS_REGION or region.' \
|
|
23
|
+
if ENV['AWS_REGION'].nil? && ENV['region'].nil?
|
|
24
|
+
raise 'You must set env variable keystore_kms_id.' \
|
|
25
|
+
if ENV['inventory_store_key'].nil? && ENV['keystore_kms_id'].nil?
|
|
26
|
+
|
|
27
|
+
@region = ENV['AWS_REGION'] || ENV['region']
|
|
28
|
+
@kms_key_id = ENV['keystore_kms_id'] || ENV['inventory_store_key']
|
|
29
|
+
@client = Aws::EC2::Client.new(region: 'us-east-1')
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
# Block processing until snapshot until new snapshot is ready
|
|
33
|
+
#
|
|
34
|
+
# @param snapshot_id [String] The ID of the new snapshot
|
|
35
|
+
def wait_for_snapshot(snapshot_id)
|
|
36
|
+
puts "waiting on new snapshot #{snapshot_id} to be ready"
|
|
37
|
+
@client.wait_until(:snapshot_completed, snapshot_ids: [snapshot_id])
|
|
38
|
+
puts "New snapshot #{snapshot_id}is ready"
|
|
39
|
+
rescue Aws::Waiters::Errors::WaiterFailed => error
|
|
40
|
+
puts "failed waiting for snapshot to be ready: #{error.message}"
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
# Create a copy of an existing snapshot
|
|
44
|
+
#
|
|
45
|
+
# @param snapshot_id [String] The ID of the snapshot to copy
|
|
46
|
+
# @param encrypted [Boolean] Whether or not the volume is encrypted
|
|
47
|
+
# @return [String] The ID of the newly created snapshot
|
|
48
|
+
def copy_snapshot(snapshot_id, encrypted = true)
|
|
49
|
+
new_snapshot_id = @client.copy_snapshot(
|
|
50
|
+
encrypted: encrypted,
|
|
51
|
+
kms_key_id: @kms_key_id,
|
|
52
|
+
source_region: @region,
|
|
53
|
+
source_snapshot_id: snapshot_id
|
|
54
|
+
).snapshot_id
|
|
55
|
+
|
|
56
|
+
puts "new snapshot ID: #{new_snapshot_id}"
|
|
57
|
+
wait_for_snapshot(new_snapshot_id)
|
|
58
|
+
|
|
59
|
+
new_snapshot_id
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
# Update permissions to grant access to an AMI on another account
|
|
63
|
+
#
|
|
64
|
+
# @param snapshot_id [String] The ID of the snapshot to adjust
|
|
65
|
+
# @param account_id [String] The AWS account to grant access to
|
|
66
|
+
def unlock_ami_for_account(snapshot_id, account_id)
|
|
67
|
+
@client.modify_snapshot_attribute(
|
|
68
|
+
attribute: 'createVolumePermission',
|
|
69
|
+
operation_type: 'add',
|
|
70
|
+
snapshot_id: snapshot_id,
|
|
71
|
+
user_ids: [account_id]
|
|
72
|
+
)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
# Prepare volume snapshots of an AMI for a new account
|
|
76
|
+
#
|
|
77
|
+
# @param ami_id [String] The ID of the AMI to prepare
|
|
78
|
+
# @param account_id [String] The ID of the AWS account to prepare
|
|
79
|
+
# @return [Array] Block device mappings discovered from the AMI
|
|
80
|
+
def prepare_snapshots_for_account(ami_id, account_id)
|
|
81
|
+
images = @client.describe_images(image_ids: [ami_id])
|
|
82
|
+
block_device_mappings = images.images[0].block_device_mappings
|
|
83
|
+
new_mappings = []
|
|
84
|
+
|
|
85
|
+
block_device_mappings.each do |mapping|
|
|
86
|
+
snapshot_id = mapping.ebs.snapshot_id
|
|
87
|
+
puts "old snapshot ID: #{snapshot_id}"
|
|
88
|
+
new_snapshot_id = copy_snapshot(snapshot_id)
|
|
89
|
+
puts 'modifying new snapshot attribute'
|
|
90
|
+
unlock_ami_for_account(new_snapshot_id, account_id)
|
|
91
|
+
puts "new snapshot has been modified for the #{account_id} account"
|
|
92
|
+
mapping.ebs.snapshot_id = new_snapshot_id
|
|
93
|
+
new_mappings << mapping.to_hash
|
|
94
|
+
puts '==========================================='
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
new_mappings
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
# Register a new AMI based on block device mappings
|
|
101
|
+
# Currently only supports x86_64 HVM
|
|
102
|
+
#
|
|
103
|
+
# @params block_device_mappings [Array] Block device mappings with snapshots
|
|
104
|
+
# @params ami_name [String] The name of the AMI to create
|
|
105
|
+
def register_ami(block_device_mappings, ami_name)
|
|
106
|
+
@client.register_image(
|
|
107
|
+
architecture: 'x86_64',
|
|
108
|
+
block_device_mappings: block_device_mappings,
|
|
109
|
+
name: ami_name,
|
|
110
|
+
root_device_name: '/dev/sda1',
|
|
111
|
+
virtualization_type: 'hvm'
|
|
112
|
+
)
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# Copy the snapshots from the original account into the new one
|
|
116
|
+
#
|
|
117
|
+
# @params block_device_mappings [Array] Block device mappings with snapshots
|
|
118
|
+
# @return [Array] Block device mappings with updated snapshot ids
|
|
119
|
+
def copy_snapshots_in_new_account(block_device_mappings)
|
|
120
|
+
new_mappings = []
|
|
121
|
+
|
|
122
|
+
block_device_mappings.each do |mapping|
|
|
123
|
+
snapshot_id = mapping.ebs.snapshot_id
|
|
124
|
+
new_snapshot_id = copy_snapshot(snapshots[snapshot_id])
|
|
125
|
+
mapping.ebs.snapshot_id = new_snapshot_id
|
|
126
|
+
new_mappings << mapping
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
new_mappings
|
|
130
|
+
end
|
|
131
|
+
end
|
|
132
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: minimal_pipeline
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mayowa Aladeojebi
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2018-
|
|
12
|
+
date: 2018-11-05 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: aws-sdk
|
|
@@ -107,6 +107,7 @@ files:
|
|
|
107
107
|
- lib/minimal_pipeline/cloudformation.rb
|
|
108
108
|
- lib/minimal_pipeline/crossing.rb
|
|
109
109
|
- lib/minimal_pipeline/docker.rb
|
|
110
|
+
- lib/minimal_pipeline/ec2.rb
|
|
110
111
|
- lib/minimal_pipeline/keystore.rb
|
|
111
112
|
- lib/minimal_pipeline/lambda.rb
|
|
112
113
|
- lib/minimal_pipeline/packer.rb
|