piculet 0.2.3 → 0.2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +16 -0
- data/bin/piculet +7 -4
- data/lib/piculet/dsl/converter.rb +10 -0
- data/lib/piculet/dsl/security-group.rb +14 -0
- data/lib/piculet/exporter.rb +7 -0
- data/lib/piculet/version.rb +1 -1
- data/lib/piculet/wrapper/security-group.rb +50 -3
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e0055ebbe6b64ab5042daa9f1abcf85d70038256
|
4
|
+
data.tar.gz: d1ff3e39edd0b014616b25667baf7a34c334bff4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 58a1269880c8d577b03e35420f0c79d2e75e0845c9ed2a704cc76fbfba4e49bc539ae3916ad6e0c73d8f468b75094b9634318b016d179973fa3d8cef7d99add6
|
7
|
+
data.tar.gz: 4ed0a6eaf31f29c411d13283095acbfabcda04222cfff339a4fb1a7aa5a673941124f45919d48ec8fcc3f6ba67e9fdb9cb54068254111dd03271bb4a13ad178d
|
data/README.md
CHANGED
@@ -40,6 +40,7 @@ piculet -a # apply `Groupfile` to EC2 SecurityGroup
|
|
40
40
|
```
|
41
41
|
Usage: piculet [options]
|
42
42
|
-p, --profile PROFILE_NAME
|
43
|
+
--credentials-path PATH
|
43
44
|
-k, --access-key ACCESS_KEY
|
44
45
|
-s, --secret-key SECRET_KEY
|
45
46
|
-r, --region REGION
|
@@ -64,6 +65,11 @@ ec2 do
|
|
64
65
|
security_group "default" do
|
65
66
|
description "default group for EC2 Classic"
|
66
67
|
|
68
|
+
tags(
|
69
|
+
"key1" => "value1",
|
70
|
+
"key2" => "value2"
|
71
|
+
)
|
72
|
+
|
67
73
|
ingress do
|
68
74
|
permission :tcp, 0..65535 do
|
69
75
|
groups(
|
@@ -98,6 +104,11 @@ ec2 "vpc-XXXXXXXX" do
|
|
98
104
|
security_group "default" do
|
99
105
|
description "default VPC security group"
|
100
106
|
|
107
|
+
tags(
|
108
|
+
"key1" => "value1",
|
109
|
+
"key2" => "value2"
|
110
|
+
)
|
111
|
+
|
101
112
|
ingress do
|
102
113
|
permission :tcp, 22..22 do
|
103
114
|
ip_ranges(
|
@@ -140,6 +151,11 @@ ec2 "vpc-XXXXXXXX" do
|
|
140
151
|
security_group "any_other_group" do
|
141
152
|
description "any_other_group"
|
142
153
|
|
154
|
+
tags(
|
155
|
+
"key1" => "value1",
|
156
|
+
"key2" => "value2"
|
157
|
+
)
|
158
|
+
|
143
159
|
egress do
|
144
160
|
permission :any do
|
145
161
|
ip_ranges(
|
data/bin/piculet
CHANGED
@@ -23,8 +23,10 @@ ARGV.options do |opt|
|
|
23
23
|
secret_key = nil
|
24
24
|
region = nil
|
25
25
|
profile_name = nil
|
26
|
+
credentials_path = nil
|
26
27
|
|
27
28
|
opt.on('-p', '--profile PROFILE_NAME') {|v| profile_name = v }
|
29
|
+
opt.on('' , '--credentials-path PATH') {|v| credentials_path = v }
|
28
30
|
opt.on('-k', '--access-key ACCESS_KEY') {|v| access_key = v }
|
29
31
|
opt.on('-s', '--secret-key SECRET_KEY') {|v| secret_key = v }
|
30
32
|
opt.on('-r', '--region REGION') {|v| region = v }
|
@@ -46,10 +48,11 @@ ARGV.options do |opt|
|
|
46
48
|
:access_key_id => access_key,
|
47
49
|
:secret_access_key => secret_key,
|
48
50
|
}
|
49
|
-
elsif profile_name
|
50
|
-
|
51
|
-
|
52
|
-
|
51
|
+
elsif profile_name or credentials_path
|
52
|
+
credentials_opts = {}
|
53
|
+
credentials_opts[:profile_name] = profile_name if profile_name
|
54
|
+
credentials_opts[:path] = credentials_path if credentials_path
|
55
|
+
provider = AWS::Core::CredentialProviders::SharedCredentialFileProvider.new(credentials_opts)
|
53
56
|
aws_opts[:credential_provider] = provider
|
54
57
|
elsif (access_key and !secret_key) or (!access_key and secret_key) or mode.nil?
|
55
58
|
puts opt.help
|
@@ -35,6 +35,15 @@ end
|
|
35
35
|
def output_security_group(security_group_id, security_group)
|
36
36
|
name = security_group[:name].inspect
|
37
37
|
description = security_group[:description].inspect
|
38
|
+
tags = ''
|
39
|
+
|
40
|
+
unless security_group[:tags].empty?
|
41
|
+
tags = "\n\n tags(\n " +
|
42
|
+
security_group[:tags].map {|k, v|
|
43
|
+
k.inspect + ' => ' + v.inspect
|
44
|
+
}.join(",\n ") +
|
45
|
+
"\n )"
|
46
|
+
end
|
38
47
|
|
39
48
|
ingress = security_group.fetch(:ingress, [])
|
40
49
|
egress = security_group.fetch(:egress, [])
|
@@ -49,6 +58,7 @@ end
|
|
49
58
|
<<-EOS
|
50
59
|
security_group #{name} do
|
51
60
|
description #{description}#{
|
61
|
+
tags}#{
|
52
62
|
ingress_egress}
|
53
63
|
end
|
54
64
|
EOS
|
@@ -8,6 +8,7 @@ module Piculet
|
|
8
8
|
|
9
9
|
@result = OpenStruct.new({
|
10
10
|
:name => name,
|
11
|
+
:tags => {},
|
11
12
|
:ingress => [],
|
12
13
|
:egress => [],
|
13
14
|
})
|
@@ -28,6 +29,19 @@ module Piculet
|
|
28
29
|
@result.description = value
|
29
30
|
end
|
30
31
|
|
32
|
+
def tags(values)
|
33
|
+
if @tags_is_defined
|
34
|
+
raise "SecurityGroup `#{@name}`: `tags` is already defined"
|
35
|
+
end
|
36
|
+
|
37
|
+
unless values.kind_of?(Hash)
|
38
|
+
raise "SecurityGroup `#{@name}`: argument of `tags` is wrong (expected Hash)"
|
39
|
+
end
|
40
|
+
|
41
|
+
@result.tags = values
|
42
|
+
@tags_is_defined = true
|
43
|
+
end
|
44
|
+
|
31
45
|
def ingress(&block)
|
32
46
|
if @ingress_is_defined
|
33
47
|
raise "SecurityGroup `#{@name}`: `ingress` is already defined"
|
data/lib/piculet/exporter.rb
CHANGED
@@ -39,6 +39,7 @@ module Piculet
|
|
39
39
|
{
|
40
40
|
:name => security_group.name,
|
41
41
|
:description => security_group.description,
|
42
|
+
:tags => tags_to_hash(security_group.tags),
|
42
43
|
:owner_id => security_group.owner_id,
|
43
44
|
:ingress => export_ip_permissions(security_group.ingress_ip_permissions),
|
44
45
|
:egress => export_ip_permissions(security_group.egress_ip_permissions),
|
@@ -68,5 +69,11 @@ module Piculet
|
|
68
69
|
[ip_perm[:protocol], port_range.first, port_range.last]
|
69
70
|
end
|
70
71
|
end
|
72
|
+
|
73
|
+
def tags_to_hash(tags)
|
74
|
+
h = {}
|
75
|
+
tags.map {|k, v| h[k] = v }
|
76
|
+
h
|
77
|
+
end
|
71
78
|
end # Exporter
|
72
79
|
end # Piculet
|
data/lib/piculet/version.rb
CHANGED
@@ -15,15 +15,18 @@ module Piculet
|
|
15
15
|
end
|
16
16
|
|
17
17
|
def eql?(dsl)
|
18
|
-
|
18
|
+
description_eql?(dsl) and tags_eql?(dsl)
|
19
19
|
end
|
20
20
|
|
21
21
|
def update(dsl)
|
22
|
-
|
22
|
+
unless description_eql?(dsl)
|
23
23
|
log(:warn, '`description` cannot be updated', :yellow, "#{vpc_id || :classic} > #{name}")
|
24
24
|
end
|
25
25
|
|
26
|
-
|
26
|
+
unless tags_eql?(dsl)
|
27
|
+
log(:info, 'Update SecurityGroup', :green, "#{vpc_id || :classic} > #{name}")
|
28
|
+
update_tags(dsl)
|
29
|
+
end
|
27
30
|
end
|
28
31
|
|
29
32
|
def delete
|
@@ -39,6 +42,12 @@ module Piculet
|
|
39
42
|
end
|
40
43
|
end
|
41
44
|
|
45
|
+
def tags
|
46
|
+
h = {}
|
47
|
+
@security_group.tags.map {|k, v| h[k] = v }
|
48
|
+
h
|
49
|
+
end
|
50
|
+
|
42
51
|
def ingress_ip_permissions
|
43
52
|
PermissionCollection.new(@security_group, :ingress, @options)
|
44
53
|
end
|
@@ -46,6 +55,44 @@ module Piculet
|
|
46
55
|
def egress_ip_permissions
|
47
56
|
PermissionCollection.new(@security_group, :egress, @options)
|
48
57
|
end
|
58
|
+
|
59
|
+
private
|
60
|
+
def description_eql?(dsl)
|
61
|
+
@security_group.description == dsl.description
|
62
|
+
end
|
63
|
+
|
64
|
+
def tags_eql?(dsl)
|
65
|
+
self_tags = normalize_tags(self.tags)
|
66
|
+
dsl_tags = normalize_tags(dsl.tags)
|
67
|
+
self_tags == dsl_tags
|
68
|
+
end
|
69
|
+
|
70
|
+
def update_tags(dsl)
|
71
|
+
self_tags = normalize_tags(self.tags)
|
72
|
+
dsl_tags = normalize_tags(dsl.tags)
|
73
|
+
|
74
|
+
log(:info, " set tags=#{dsl_tags.inspect}" , :green)
|
75
|
+
|
76
|
+
unless @options.dry_run
|
77
|
+
if dsl_tags.empty?
|
78
|
+
@security_group.tags.clear
|
79
|
+
else
|
80
|
+
delete_keys = self_tags.keys - dsl_tags.keys
|
81
|
+
# XXX: `delete` method does not remove the tag. It's seems a bug in the API
|
82
|
+
#@security_group.tags.delete(delete_keys) unless delete_keys.empty?
|
83
|
+
@security_group.tags.clear unless delete_keys.empty?
|
84
|
+
@security_group.tags.set(dsl_tags)
|
85
|
+
end
|
86
|
+
|
87
|
+
@options.updated = true
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
def normalize_tags(src)
|
92
|
+
normalized = {}
|
93
|
+
src.map {|k, v| normalized[k.to_s] = v.to_s }
|
94
|
+
normalized
|
95
|
+
end
|
49
96
|
end # SecurityGroup
|
50
97
|
end # SecurityGroupCollection
|
51
98
|
end # EC2Wrapper
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: piculet
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- winebarrel
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-09-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk
|