reyes 0.0.5 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/bin/reyes +5 -0
- data/lib/reyes/aws_manager.rb +8 -4
- data/lib/reyes/group_manager.rb +3 -0
- data/lib/reyes/run_manager.rb +7 -0
- data/lib/reyes/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
---
|
|
2
2
|
!binary "U0hBMQ==":
|
|
3
3
|
metadata.gz: !binary |-
|
|
4
|
-
|
|
4
|
+
YjM4MDllMmJmMGJiZjZjZGZiMDIwYTAzMDc4YjViYzJmODA2YWVmZQ==
|
|
5
5
|
data.tar.gz: !binary |-
|
|
6
|
-
|
|
6
|
+
MDZjZTU2MjIxZTZhY2FmMTc1ODU4YjkyNzEyYWNmOTIwYzU5Yjk0NA==
|
|
7
7
|
SHA512:
|
|
8
8
|
metadata.gz: !binary |-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
NTNlNDgyMjg3Mzg0NzdiYjRmY2QxYTRlNGZkMDhmNzA3NDQyZTg2MWMzN2Ez
|
|
10
|
+
YmJkNmQ4NmZlNGY5NWJjOGQ5MjYxNzkzMGJhZTk1MjQzOTUzYjQyN2YwYjM2
|
|
11
|
+
ZWVkMmRlNmY0MWY3NTc4OWRjZjBiNzI0NTQ1OGJiY2RjNDdmMWY=
|
|
12
12
|
data.tar.gz: !binary |-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
13
|
+
NTZlNTU4MGRmZDExNWUwNWEwZDQ2NmE3MDNjMWJjOGU2N2U5MzdkZDhiNjBj
|
|
14
|
+
YjBlNzlhNDJiZjUzMDAwZWJiNzIxMmY2NjFjZTkxYjcyNWQ3NmYxNjE5MjQ4
|
|
15
|
+
YTMwODEyMjY5YjYyMWRiMmE2NTk3MWZjMGY2Y2E4N2RmYjljMGE=
|
data/bin/reyes
CHANGED
|
@@ -64,6 +64,11 @@ Options:
|
|
|
64
64
|
options[:instance_id] = id
|
|
65
65
|
end
|
|
66
66
|
|
|
67
|
+
# TODO: known bug: --dry-run does not prevent run generation increment
|
|
68
|
+
opts.on('-n', '--dry-run', 'Print diff without making changes') do
|
|
69
|
+
options[:run_options][:dry_run] = true
|
|
70
|
+
end
|
|
71
|
+
|
|
67
72
|
opts.on('-i', '--interactive', 'Interactively confirm changes') do
|
|
68
73
|
options[:run_options][:interactive] = true
|
|
69
74
|
end
|
data/lib/reyes/aws_manager.rb
CHANGED
|
@@ -93,11 +93,15 @@ module Reyes
|
|
|
93
93
|
sg.vpc.instances.find_all {|i| i.security_groups.include?(sg)}
|
|
94
94
|
end
|
|
95
95
|
|
|
96
|
-
# TODO: remove (probably not needed)
|
|
97
96
|
def warm_sg_cache
|
|
98
|
-
|
|
99
|
-
log.
|
|
100
|
-
|
|
97
|
+
unless AWS.memoizing?
|
|
98
|
+
log.warn("Calling warm_sg_cache doesn't make sense unless memoizing")
|
|
99
|
+
end
|
|
100
|
+
log.info("Warming security group caches")
|
|
101
|
+
vpcs.each do |vpc|
|
|
102
|
+
log.debug("Warming security group cache for #{vpc.id}")
|
|
103
|
+
sg = vpc.security_groups.to_a.first
|
|
104
|
+
instances_in_security_group(sg)
|
|
101
105
|
end
|
|
102
106
|
end
|
|
103
107
|
|
data/lib/reyes/group_manager.rb
CHANGED
|
@@ -25,6 +25,7 @@ module Reyes
|
|
|
25
25
|
|
|
26
26
|
def initialize(aws, region, instance_id, config_file=nil, generation=nil)
|
|
27
27
|
log.info("Initializing #{self.class.name} for #{region} #{instance_id}")
|
|
28
|
+
log.info("This is reyes #{Reyes::VERSION}")
|
|
28
29
|
|
|
29
30
|
@aws = aws
|
|
30
31
|
@generation = generation || RunGeneration.new
|
|
@@ -59,6 +60,8 @@ module Reyes
|
|
|
59
60
|
run_generation_increment!
|
|
60
61
|
log.info("Generating rules for generation #{run_generation}")
|
|
61
62
|
|
|
63
|
+
@aws.warm_sg_cache
|
|
64
|
+
|
|
62
65
|
data = generate_rules_empty
|
|
63
66
|
|
|
64
67
|
needed_groups = {}
|
data/lib/reyes/run_manager.rb
CHANGED
|
@@ -8,6 +8,7 @@ module Reyes
|
|
|
8
8
|
|
|
9
9
|
# @param [Hash] options
|
|
10
10
|
#
|
|
11
|
+
# @option options :dry_run [Boolean] (false) Don't actually apply changes
|
|
11
12
|
# @option options :empty [Boolean] (false) Generate an empty (default DROP)
|
|
12
13
|
# rule sets without actually looking up security groups
|
|
13
14
|
# @option options :interactive [Boolean] (false) Whether to prompt for
|
|
@@ -17,6 +18,7 @@ module Reyes
|
|
|
17
18
|
#
|
|
18
19
|
def run!(options={})
|
|
19
20
|
options = {
|
|
21
|
+
dry_run: false,
|
|
20
22
|
empty: false,
|
|
21
23
|
interactive: false,
|
|
22
24
|
log_accept: false,
|
|
@@ -39,6 +41,11 @@ module Reyes
|
|
|
39
41
|
show_iptables_diff(new_rules)
|
|
40
42
|
show_ipsets_diff(new_ipsets)
|
|
41
43
|
|
|
44
|
+
if options.fetch(:dry_run)
|
|
45
|
+
log.info('Dry run! Not applying changes')
|
|
46
|
+
return
|
|
47
|
+
end
|
|
48
|
+
|
|
42
49
|
if options.fetch(:interactive)
|
|
43
50
|
puts 'Press enter to continue...'
|
|
44
51
|
STDIN.gets
|
data/lib/reyes/version.rb
CHANGED