rake-terraform 0.2.2 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 3aeb68f3dd5c3a2d25f205dd772f3b05d2dce608
-  data.tar.gz: 534dacf569407d0d37471c157f9e6182212ef4da
+SHA256:
+  metadata.gz: 9b77ebb2dfff7f44ddd481c47e1af8df9c2bd36923ed6381e92f4d4e323924e2
+  data.tar.gz: b921ee652eda8d825a7ceaf2713e26420b313c77301a11067cccd3b591f9c942
 SHA512:
-  metadata.gz: 3a8e49b4fb01c831236926cdc4c839993074e287b790c6910f0a287950f00cc98bebaa60ff509326718021054afdf81ef6c5c14fa760678b7e23325663446512
-  data.tar.gz: fbdf99bc785da35fdaa56f49624b8e900ac9510dabda5a94270a5cc8d85b233fb954a8afb4db1a98dd1874ae5542c957692a047b06095dde38975b7ccf5aa357
+  metadata.gz: 19e2250063b7a03bdf09171515a3ea32f631870488fee8ac5c1f5cc1ecd0d14edc7e526fc740ffff4940d43c0e6015ea7b30ef48ae4508f42a22f085d35a9811
+  data.tar.gz: 33e9185deb94ab07efec9eaa738c01c4389ebf82616eb0264b03c999786366bd2b7155fc963b59911828d6fae8002d3971cb7af27740f16e6bfe7fbd0a236942

data/README.md

@@ -31,6 +31,8 @@ Or install it yourself as:
 
 ## Usage
 
+**Note**: Versions < 0.3.0 handled credentials as part of this gem/default rake tasks. This is no longer the case with 0.3.0 which defaults to Terraform to handle provider credentials.  
+
 This gem currently provides two different types of tasks:
 
 ### `terraform_plan`
@@ -40,7 +42,6 @@ You can set the following configuration for the task:
 
 * `t.input_dir` - the directory from which to read terraform config (default: `./terraform`)
 * `t.output_file` - the path and name of the plan file to generate (default: `./output/terraform/plan.tf`)
-* `t.credentials` - the path of the [AWS credentials file](http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-config-files) to read from (default: `~/.aws/credentials`)
 * `t.aws_project` - the name of the project to use from your credentials file (default: `default`)
 
 ### `terraform_apply`
@@ -76,7 +77,7 @@ Given, the following terraform hierarchy:
          output.tf
 ```
 
-It wil automatically generate the following rake tasks:
+It will automatically generate the following rake tasks:
 
 ```bash
 rake terraform:all              # Plan and migrate all environments
@@ -84,6 +85,9 @@ rake terraform:all              # Plan and migrate all environments
 rake terraform:apply_us-east-1  # Execute plan for us-east-1
 rake terraform:apply_us-west-1  # Execute plan for us-west-1
 
+rake terraform:init_us-east-1  # Execute init for us-east-1
+rake terraform:init_us-west-1  # Execute init for us-west-1
+
 rake terraform:plan_us-east-1   # Plan migration of us-east-1
 rake terraform:plan_us-west-1   # Plan migration of us-west-1
 
@@ -95,16 +99,15 @@ The following environment variables can be set to tweak `default_task`'s behavio
 * `ENV['TERRAFORM_AWS_PROJECT']` - Sets `t.aws_project` on the `terraform_plan` tasks (default: `default`)
 * `ENV['TERRAFORM_ENVIRONMENT_GLOB']` - Dir glob used to discover terraform environments (default: `terraform/**/*.tf`)
 * `ENV['TERRAFORM_OUTPUT_BASE']` - Directory to which plan files are saved/read. The environment name is appended to this automatically (default: `output/terraform`)
-* `ENV['TERRAFORM_CREDENTIAL_FILE']` - The path to your AWS credentials file (default: `~/.aws/credentials`)
-* `ENV['TERRAFORM_UNIQUE_STATE']` - Whether to use a unique state for this run. Requires `TERRAFORM_STATE_FILE` OR `TERRAFORM_STATE_DIR_VAR`. Can be any truthy or falsey looking string from [this list][wannabe_bool_string] (e.g `TRUE` or `FALSE`) 
-* `ENV['TERRAFORM_STATE_FILE']` - The full path to a state file to use for this run. Only used when `TERRAFORM_UNIQUE_STATE` is true, and cannot be used in conjunction with `TERRAFORM_STATE_DIR_VAR`. 
+* `ENV['TERRAFORM_UNIQUE_STATE']` - Whether to use a unique state for this run. Requires `TERRAFORM_STATE_FILE` OR `TERRAFORM_STATE_DIR_VAR`. Can be any truthy or falsey looking string from [this list][wannabe_bool_string] (e.g `TRUE` or `FALSE`)
+* `ENV['TERRAFORM_STATE_FILE']` - The full path to a state file to use for this run. Only used when `TERRAFORM_UNIQUE_STATE` is true, and cannot be used in conjunction with `TERRAFORM_STATE_DIR_VAR`.
 * `ENV['TERRAFORM_STATE_DIR_VAR']` - The name of an environment variable that holds a variable that will be used to reference a directory in which to store state files in for this run. This directory will be a subdirectory within the terraform environment. Only used when `TERRAFORM_STATE_DIR` is true, and cannot be used in conjunction with `TERRAFORM_STATE_FILE`
 
 [wannabe_bool_string]: https://github.com/prodis/wannabe_bool#string
 
 #### Unique States
 
-Bu default, `rake-terraform` stores state within a given environment directory.
+By default, `rake-terraform` stores state within a given environment directory.
 
 Sometimes, you will have several infrastructure environments ("infrastructure
 environment" in this block here taken to mean e.g "staging" or "production"
@@ -129,7 +132,7 @@ commits between them. Again, depends on clean commit hygiene and easy to mess
 up manual steps.
 
 By using a unique state file for each of your infrastructure environments,
-whilst utilising a single terraform environment, you can avoid repeating
+whilst utilizing a single terraform environment, you can avoid repeating
 yourself and manage roll out changes to each of your infrastructure
 environments better.
 
@@ -169,7 +172,7 @@ This would result in a directory layout resembling the following:
           staging
             terraform.tfstate
             terraform.tfstate.backup
-          production 
+          production
             terraform.tfstate
             terraform.tfstate.backup
       app_tier
@@ -180,7 +183,7 @@ This would result in a directory layout resembling the following:
           staging
             terraform.tfstate
             terraform.tfstate.backup
-          production 
+          production
             terraform.tfstate
             terraform.tfstate.backup
 

data/lib/rake-terraform/basetask.rb

@@ -17,14 +17,5 @@ module RakeTerraform
     rescue => _
       false
     end
-
-    def get_aws_credentials(creds_file, project = 'default')
-      error = "Could not locate AWS credentials in #{creds_file}!"
-      raise error unless File.exist? File.expand_path(creds_file)
-
-      credentials = IniParse.parse(File.read(File.expand_path(creds_file)))
-      { accesskey: credentials[project]['aws_access_key_id'],
-        secretkey: credentials[project]['aws_secret_access_key'] }
-    end
   end
 end

data/lib/rake-terraform/default_tasks.rb

@@ -8,8 +8,6 @@ namespace :terraform do
   #       classes
   env_glob = ENV['TERRAFORM_ENVIRONMENT_GLOB'] || 'terraform/**/*.tf'
   output_base = ENV['TERRAFORM_OUTPUT_BASE'] || 'output/terraform'
-  credential_file = ENV['TERRAFORM_CREDENTIAL_FILE']
-  credential_file ||= "#{Dir.home}/.aws/credentials"
   aws_project = ENV['TERRAFORM_AWS_PROJECT'] || 'default'
 
   # Set to string 'false' instead of bool so users can more-easily override
@@ -40,7 +38,6 @@ namespace :terraform do
       t.input_dir = env
       t.aws_project = aws_project
       t.output_file = plan_path
-      t.credentials = credential_file
     end
 
     desc "Execute plan for #{short_name}" if hide_tasks == 'false'

data/lib/rake-terraform/plan_task/config.rb

@@ -6,7 +6,7 @@ module RakeTerraform
     class Config
       prepend RakeTerraform::EnvProcess
 
-      attr_writer :aws_project, :credentials, :output_file
+      attr_writer :aws_project, :output_file
 
       def initialize
         # initialize RakeTerraform::EnvProcess
@@ -17,10 +17,6 @@ module RakeTerraform
         @aws_project ||= 'default'
       end
 
-      def credentials
-        @credentials ||= File.expand_path(default_credentials)
-      end
-
       def output_file
         @output_file ||= File.expand_path(default_output)
       end
@@ -41,7 +37,6 @@ module RakeTerraform
       def opts
         Map.new(input_dir:   input_dir,
                 output_file: output_file,
-                credentials: credentials,
                 aws_project: aws_project,
                 unique_state: unique_state,
                 state_file: state_file)
@@ -52,10 +47,6 @@ module RakeTerraform
       def default_output
         File.join('output', 'terraform', 'plan.tf')
       end
-
-      def default_credentials
-        File.join('~', '.aws', 'credentials')
-      end
     end
   end
 end

data/lib/rake-terraform/plan_task/task.rb

@@ -5,12 +5,9 @@ module RakeTerraform
     # Custom rake task to run `terraform plan`
     class Task < BaseTask
       include RakeTerraform::TerraformCmd
-      attr_accessor :creds_file
 
       def initialize(opts)
-        @creds_file = opts.get(:credentials)
         @opts = opts
-        creds
       end
 
       def execute
@@ -18,18 +15,13 @@ module RakeTerraform
         Dir.chdir(@opts.get(:input_dir)) do
           puts "=> Generating plan for #{@opts.get(:input_dir)}..."
           if @opts[:unique_state]
-            tf_plan(@creds[:accesskey], @creds[:secretkey],
-                    @opts[:output_file], @opts[:state_file])
+            tf_plan(@opts[:output_file], @opts[:state_file])
           else
-            tf_plan(@creds[:accesskey], @creds[:secretkey], @opts[:output_file])
+            tf_plan(@opts[:output_file])
           end
         end
       end
 
-      def creds
-        @creds ||= get_aws_credentials(@creds_file, @opts.get(:aws_project))
-      end
-
       private
 
       # run pre execution checks

data/lib/rake-terraform/terraformcmd.rb

@@ -23,21 +23,10 @@ module RakeTerraform
 
     # perform a 'terraform plan'
     #
-    # access_key and secret_key are optional as terraform and it's underlying
-    # library have supported the standard AWS_PROFILE env var for a while
-    #
-    def tf_plan(access_key = nil, secret_key = nil,
-                output_file = nil, state_file = nil, module_depth = 2)
+    def tf_plan(output_file = nil, state_file = nil, module_depth = 2)
       cmd = 'terraform plan'
       cmd << " -module-depth #{module_depth}"
       state_file && cmd << " -state #{state_file}"
-      if access_key && secret_key
-        # TODO: additional escaped quotes required?
-        cmd << " -var access_key=\"#{access_key}\""
-        cmd << " -var secret_key=\"#{secret_key}\""
-      elsif access_key || secret_key
-        raise ArgumentError, 'Only one of access_key or secret_key given'
-      end
       output_file && cmd << " -out #{output_file}"
       system(cmd)
     end

data/lib/rake-terraform/version.rb

@@ -1,4 +1,4 @@
 # Version of the gem
 module RakeTerraform
-  VERSION = '0.2.2'.freeze
+  VERSION = '0.3.0'.freeze
 end

data/spec/fixtures/set_all_variables_nil.env

@@ -5,4 +5,3 @@ TERRAFORM_STATE_DIR_VAR=""
 TERRAFORM_AWS_PROJECT=""
 TERRAFORM_ENVIRONMENT_GLOB=""
 TERRAFORM_OUTPUT_BASE=""
-TERRAFORM_CREDENTIAL_FILE=""

data/spec/unit/plantask_spec.rb

@@ -18,12 +18,10 @@ module RakeTerraform
       let(:default_output_file_str) do
         "#{PROJECT_ROOT}/output/terraform/plan.tf"
       end
-      let(:default_credentials_str) { File.expand_path('~/.aws/credentials') }
       let(:default_opts_hash) do
         {
           input_dir: default_input_dir_str,
           output_file: default_output_file_str,
-          credentials: default_credentials_str,
           aws_project: default_aws_project_str,
           unique_state: false,
           state_file: nil

data/spec/unit/terraformcmd_spec.rb

@@ -61,46 +61,25 @@ module RakeTerraform
             test_class_inst.tf_plan
           end
         end
-        context 'with just an access_key' do
-          it 'should raise an ArgumentError' do
-            expect { test_class_inst.tf_plan(access_key) }
-              .to raise_error(ArgumentError,
-                              'Only one of access_key or secret_key given')
-          end
-        end
-        context 'with just a secret_key' do
-          it 'should raise an ArgumentError' do
-            expect { test_class_inst.tf_plan(nil, secret_key) }
-              .to raise_error(ArgumentError,
-                              'Only one of access_key or secret_key given')
-          end
-        end
-        context 'with both an access_key and a secret_key' do
-          it 'should call terraform plan with those vars configured' do
-            expect(test_class_inst).to receive(:system)
-              .with(cred_plan_cmd)
-            test_class_inst.tf_plan(access_key, secret_key)
-          end
-        end
         context 'with an output file' do
           it 'should call terraform plan with an output file' do
             expect(test_class_inst).to receive(:system)
               .with(output_plan_cmd)
-            test_class_inst.tf_plan(nil, nil, default_output_file)
+            test_class_inst.tf_plan(default_output_file)
           end
         end
         context 'with an state file' do
           it 'should call terraform plan with a state file' do
             expect(test_class_inst).to receive(:system)
               .with(state_file_cmd)
-            test_class_inst.tf_plan(nil, nil, nil, state_file)
+            test_class_inst.tf_plan(nil, state_file)
           end
         end
         context 'where module_depth is given as an argument' do
           it 'should call terraform plan with updated module-depth argument' do
             expect(test_class_inst).to receive(:system)
               .with(module_arg_cmd)
-            test_class_inst.tf_plan(nil, nil, nil, nil, module_arg)
+            test_class_inst.tf_plan(nil, nil, module_arg)
           end
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rake-terraform
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.3.0
 platform: ruby
 authors:
 - Norm MacLennan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-08-24 00:00:00.000000000 Z
+date: 2018-02-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -208,7 +208,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 2.7.5
 signing_key: 
 specification_version: 4
 summary: Rake tasks for use with Terraform.