RubyGems - opsicle - Versions diffs - 2.12.5 → 2.13.0 - Mend

opsicle 2.12.5 → 2.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/bin/opsicle +12 -0
data/lib/opsicle/commands.rb +1 -0
data/lib/opsicle/commands/permit.rb +46 -0
data/lib/opsicle/version.rb +1 -1
data/spec/opsicle/commands/permit_spec.rb +77 -0
metadata +6 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0d4b66a5b078018b67348b894fe8274491719348c5d24d3672ddaebdbd667d2e
-  data.tar.gz: c6928a8a60d29c02924287bba794a3c0f75767916610020d905119d8abb4b65e
+  metadata.gz: a36db447ea80f6febf407297e2c5f0ff1a5b1cbfce7505267b37613f9bf88e26
+  data.tar.gz: a4f5d806d60c28c0dd68d0ee833e0cc410d9b5fe1b6c9b118d4a4f73ab1b5f65
 SHA512:
-  metadata.gz: 71647e38b87fa0077864cc3f255e2edf1ee9c9be3a0a59f59d66bd2d1c7e3169d76a7a0f2c43a17836b8de6278ef554144fd8067c10d446d30e84835ac15a493
-  data.tar.gz: 5229246562d67aa4405589eb00fedecb72e0f94c3bf8274bc8bbd45e9e1e7190a812aa7c1765f2aebff6c81c53e20a740abdd077cfc27faf75cb0b700d572c9e
+  metadata.gz: 2d4f6da95579f2b12eef319b58cb36f9af1cea7e31e9b071f9831e5b8f6e1b6625bfd5e9255780e759c38a645b5c15be646f78900311c9b1cc587a2d9c45085b
+  data.tar.gz: cda0b830e5f20b58be8b987e24bd9aad11f7f5deb6317a9a93b74ea944fad3f78be1789c8ec435445f3ae18fe29d8517360932445ade9a384fef00a7406baa0e

data/bin/opsicle CHANGED Viewed

@@ -291,4 +291,16 @@ command 'user-profile-info' do |c|
   end
 end
+desc 'Add ssh and sudo permissions for current user or specified users'
+arg_name '<environment>'
+command 'permit' do |c|
+  c.flag [:u, :user], :desc => 'User name or ssh username to update.', :type => String, :multiple => true
+  c.switch [:a, :all_stacks], :desc => "Set permissions on all stacks.", :default_value => false
+  c.action do |global_options, options, args|
+    raise ArgumentError, "Environment is required" unless (environment = args.first)
+    Opsicle::Permit.new(environment).execute(options)
+  end
+end
 exit run(ARGV)

data/lib/opsicle/commands.rb CHANGED Viewed

@@ -12,6 +12,7 @@ require "opsicle/commands/legacy_credential_converter"
 require "opsicle/commands/list"
 require "opsicle/commands/list_instances"
 require "opsicle/commands/move_eip"
+require "opsicle/commands/permit"
 require "opsicle/commands/ssh"
 require "opsicle/commands/ssh_clean_keys"
 require "opsicle/commands/ssh_key"

data/lib/opsicle/commands/permit.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module Opsicle
+  class Permit
+    def initialize(environment)
+      @client = Client.new(environment)
+    end
+    def execute(options={})
+      stack_ids = options[:all_stacks] ? all_stack_ids : [current_stack_id]
+      stack_ids.each do |stack_id|
+        iam_user_arns(options[:user]).each do |arn|
+          set_permission(arn, stack_id)
+        end
+      end
+    end
+    def all_stack_ids
+      @client.api_call(:describe_stacks)[:stacks].map{ |stack| stack[:stack_id] }
+    end
+    def current_stack_id
+      @client.config.opsworks_config[:stack_id]
+    end
+    def iam_user_arns(user_names)
+      if user_names && !user_names.empty?
+        user_names.map do |user_name|
+          profile = profiles.detect{ |profile| profile[:name] == user_name || profile[:ssh_username] == user_name}
+          raise ArgumentError, "User #{user_name} not found" unless profile
+          profile[:iam_user_arn]
+        end
+      else
+        [UserProfile.new(@client).arn]
+      end
+    end
+    def set_permission(arn, stack_id)
+      @client.api_call(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: arn , stack_id: stack_id } )
+    end
+    private :set_permission
+    def profiles
+      @profiles ||= @client.api_call(:describe_user_profiles)[:user_profiles]
+    end
+    private :profiles
+  end
+end

data/lib/opsicle/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Opsicle
-  VERSION = "2.12.5"
+  VERSION = "2.13.0"
 end

data/spec/opsicle/commands/permit_spec.rb ADDED Viewed

@@ -0,0 +1,77 @@
+require "spec_helper"
+require "opsicle"
+module Opsicle
+  describe Permit do
+    let(:client) { double(config: double(opsworks_config: { stack_id: '1234' })) }
+    subject { Permit.new('derp')}
+    let(:describe_user_profiles) {
+      { user_profiles: [
+          {name: "herp.derp", ssh_username: "herpderp", iam_user_arn: '8675309'},
+          {name: "doop.derp", ssh_username: "doopderp", iam_user_arn: '8675342'},
+          {name: "billy.mays", ssh_username: "billymays", iam_user_arn: '8675338'},
+          {name: "brent.favor", ssh_username: "brentfavor", iam_user_arn: '4'}
+        ]
+      }
+    }
+    before do
+      allow_any_instance_of(UserProfile).to receive(:arn).and_return('8675309')
+      allow(client).to receive(:api_call).with(:describe_stacks).and_return({ stacks: [{ stack_id: '1234' }, { stack_id: '5678' }] })
+      allow(client).to receive(:api_call).with(:describe_user_profiles).and_return(describe_user_profiles)
+      allow(Client).to receive(:new).with("derp").and_return(client)
+    end
+    context '#execute' do
+      it 'calls set_permission for current_user on current stack by default' do
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675309' , stack_id: '1234' })
+        subject.execute({})
+      end
+      it 'calls set_permission for current user for all stacks with all_stacks option' do
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675309' , stack_id: '1234' })
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675309' , stack_id: '5678' })
+        subject.execute({all_stacks: true})
+      end
+      it 'calls set_permission for selected users for current stack' do
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675342' , stack_id: '1234' })
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '4' , stack_id: '1234' })
+        subject.execute(user: ['doop.derp', 'brentfavor'])
+      end
+      it 'calls set_permission for selected users for all stacks' do
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675309' , stack_id: '1234' })
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675338' , stack_id: '1234' })
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675309' , stack_id: '5678' })
+        expect(client).to receive(:api_call).with(:set_permission, { allow_ssh: true, allow_sudo: true, iam_user_arn: '8675338' , stack_id: '5678' })
+        subject.execute(user: ['herp.derp', 'billy.mays'], all_stacks: true)
+      end
+    end
+    context '#iam_user_arns' do
+      it 'finds a user arn by name' do
+        expect(subject.iam_user_arns(['billy.mays', 'doop.derp'])).to eq(['8675338', '8675342'])
+      end
+      it 'finds a user arn by ssh_username' do
+        expect(subject.iam_user_arns(['brentfavor', 'herp.derp'])).to eq(['4', '8675309'])
+      end
+      it 'finds by a mix of name and ssh_username' do
+        expect(subject.iam_user_arns(['brentfavor', 'doop.derp'])).to eq(['4', '8675342'])
+      end
+      it 'should thow exception if user is not found' do
+        expect{subject.iam_user_arns(['bobby.jones'])}.to raise_error(ArgumentError, /bobby.jones/)
+      end
+    end
+    context '#all_stack_ids' do
+      it 'maps stack ids from describe_stacks' do
+        expect(subject.all_stack_ids).to eq(['1234','5678'])
+      end
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: opsicle
 version: !ruby/object:Gem::Version
-  version: 2.12.5
+  version: 2.13.0
 platform: ruby
 authors:
 - Andy Fleener
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-01-18 00:00:00.000000000 Z
+date: 2019-03-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -204,6 +204,7 @@ files:
 - lib/opsicle/commands/list.rb
 - lib/opsicle/commands/list_instances.rb
 - lib/opsicle/commands/move_eip.rb
+- lib/opsicle/commands/permit.rb
 - lib/opsicle/commands/ssh.rb
 - lib/opsicle/commands/ssh_clean_keys.rb
 - lib/opsicle/commands/ssh_key.rb
@@ -253,6 +254,7 @@ files:
 - spec/opsicle/commands/list_instances_spec.rb
 - spec/opsicle/commands/list_spec.rb
 - spec/opsicle/commands/move_eip_spec.rb
+- spec/opsicle/commands/permit_spec.rb
 - spec/opsicle/commands/ssh_key_spec.rb
 - spec/opsicle/commands/ssh_spec.rb
 - spec/opsicle/commands/stop_instance_spec.rb
@@ -297,7 +299,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.8
+rubygems_version: 2.7.9
 signing_key:
 specification_version: 4
 summary: An opsworks specific abstraction on top of the aws sdk
@@ -331,6 +333,7 @@ test_files:
 - spec/opsicle/commands/list_instances_spec.rb
 - spec/opsicle/commands/execute_recipes_spec.rb
 - spec/opsicle/commands/ssh_spec.rb
+- spec/opsicle/commands/permit_spec.rb
 - spec/opsicle/commands/user_profile_info_spec.rb
 - spec/opsicle/instances_spec.rb
 - spec/opsicle/errors_spec.rb