reyes 1.3.0 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8e9225619362879c180db3a50563afd569ff3c71
4
- data.tar.gz: 241984d8db909dc5e34b2444b1906abd88d48f06
3
+ metadata.gz: f48d3207db77de72b83707df856cefc4315a933b
4
+ data.tar.gz: 7b98e123a7877ac65a63123aaa34f64247636c3e
5
5
  SHA512:
6
- metadata.gz: 7119c776a76ba54cd231c048b4ea06f18ba572538522d292bd1fd3d90f86019cc8bf38cd28c5fa7c196843faa257843ea251e0f204b4df223d98440f3778572d
7
- data.tar.gz: aa90b05a80ce985576c6ea0ee81df8891bd17dd34a281129a4d543218ea4f839752701e6e7d143586163e13f1ae1fb06fa9488ec4d90bead254d944879f277ac
6
+ metadata.gz: a1c1f59bc3ecfb8fe1233324a7a6148709bbbf19b613cc4dd6e1537d3eee41b804125e9be65b2df0fb4a268de640b79d612f2e650598b19ca7e4837d193c5354
7
+ data.tar.gz: 7d165dde3adad49467ecbe0c14406be3ae8988a7214a5f4557fccf0987642412bd297579e65147edf4d2bdc76b755ce2811d1b2978f09643eb567fce8cc80098
data/CHANGES.md CHANGED
@@ -1,3 +1,7 @@
1
+ # 1.4.0
2
+
3
+ - Add the leader.ignore_ratelimits config option
4
+
1
5
  # 1.3.0
2
6
 
3
7
  - Initial public release of Reyes
data/bin/reyes CHANGED
@@ -19,14 +19,18 @@ def exit_if_stopped!(options)
19
19
  end
20
20
 
21
21
  def command_dump(output_file, options)
22
- aws = Reyes::AwsManager.new(options[:config])
22
+ config = Reyes::Config.new(options[:config])
23
+
24
+ aws = Reyes::AwsManager.new(config)
23
25
  aws.dump_fake_data(output_file)
24
26
  end
25
27
 
26
28
  def command_fetch(region, instance_id, options)
27
- aws = Reyes::AwsManager.new(options[:config])
28
- s3 = Reyes::S3Loader.new(aws, options[:config])
29
- wrapper = Reyes::PgpWrapper.new(options[:config])
29
+ config = Reyes::Config.new(options[:config])
30
+
31
+ aws = Reyes::AwsManager.new(config)
32
+ s3 = Reyes::S3Loader.new(aws, config)
33
+ wrapper = Reyes::PgpWrapper.new(config)
30
34
 
31
35
  armoured_rules = s3.fetch_rules
32
36
  cleartext_rules = wrapper.verify!(armoured_rules)
@@ -34,7 +38,7 @@ def command_fetch(region, instance_id, options)
34
38
  fake = Reyes::FakeAws.new(JSON.load(cleartext_rules),
35
39
  options.fetch(:fake_aws_options))
36
40
  g = Reyes::GroupManager.new(fake, region, instance_id)
37
- r = Reyes::RunManager.new(g, options[:config])
41
+ r = Reyes::RunManager.new(g, config)
38
42
 
39
43
  data = r.generate_data!(options.fetch(:gen_options))
40
44
  r.apply_data!(data, options.fetch(:apply_options))
@@ -45,6 +49,7 @@ def command_fetch(region, instance_id, options)
45
49
  end
46
50
 
47
51
  def command_install(json_file, region, instance_id, options)
52
+ config = Reyes::Config.new(options[:config])
48
53
  if options[:splay]
49
54
  Reyes::Utils.sleep_random(options[:splay])
50
55
  end
@@ -59,7 +64,7 @@ def command_install(json_file, region, instance_id, options)
59
64
  # Should bail out, exiting nonzero if there were changes to commit
60
65
  end
61
66
 
62
- r = Reyes::RunManager.new(g, options[:config])
67
+ r = Reyes::RunManager.new(g, config)
63
68
 
64
69
  data = r.generate_data!(options.fetch(:gen_options))
65
70
  r.apply_data!(data, options.fetch(:apply_options))
@@ -70,15 +75,17 @@ def command_install(json_file, region, instance_id, options)
70
75
  end
71
76
 
72
77
  def command_upload(options)
73
- aws = Reyes::AwsManager.new(options[:config])
74
- wrapper = Reyes::PgpWrapper.new(options[:config])
78
+ config = Reyes::Config.new(options[:config])
79
+
80
+ aws = Reyes::AwsManager.new(config)
81
+ wrapper = Reyes::PgpWrapper.new(config)
75
82
 
76
83
  data_obj = aws.generate_fake_data
77
84
  data = JSON.pretty_generate(data_obj)
78
85
 
79
86
  armoured_data = wrapper.clearsign(data)
80
87
 
81
- s3 = Reyes::S3Loader.new(aws, options[:config])
88
+ s3 = Reyes::S3Loader.new(aws, config)
82
89
 
83
90
  if options[:archive]
84
91
  timestamp = data_obj.fetch('metadata').fetch('generated_stamp')
@@ -87,6 +94,12 @@ def command_upload(options)
87
94
  end
88
95
 
89
96
  s3.upload_rules(armoured_data)
97
+ rescue AWS::EC2::Errors::RequestLimitExceeded => e
98
+ if config.aws_config.fetch('leader').fetch('ignore_ratelimits')
99
+ aws.log.warn("Ignoring ratelimit error", error: e)
100
+ else
101
+ raise
102
+ end
90
103
  end
91
104
 
92
105
  def parse_args
data/config.yaml.example CHANGED
@@ -27,6 +27,9 @@ aws:
27
27
  AWS::EC2:
28
28
  :max_retries: 4
29
29
 
30
+ leader:
31
+ ignore_ratelimits: false
32
+
30
33
  reyes:
31
34
  signing_key: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
32
35
  keyring_directory: /etc/reyes/keyring/
@@ -42,8 +42,8 @@ module Reyes
42
42
  end
43
43
  end
44
44
 
45
- def initialize(config_path=nil)
46
- @config ||= Reyes::Config.new(config_path)
45
+ def initialize(config)
46
+ @config = config
47
47
  end
48
48
 
49
49
  def ec2(region)
@@ -10,8 +10,8 @@ module Reyes
10
10
  # Create a PgpVerifier
11
11
  #
12
12
  # @param key_id [String] 40 digit key fingerprint
13
- def initialize(config_path=nil)
14
- @config ||= Reyes::Config.new(config_path)
13
+ def initialize(config)
14
+ @config = config
15
15
  @key_id = @config.reyes_config.fetch("signing_key").upcase
16
16
  @keyring_directory = @config.reyes_config.fetch("keyring_directory")
17
17
  end
@@ -5,10 +5,10 @@ module Reyes
5
5
  IPSET_NAME_PATTERN = /(\d+)(?<nogen>:(\w+):(sg-[a-f0-9]{8}):(\w+))/
6
6
 
7
7
  # @param group_manager [Reyes::GroupManager]
8
- # @param config_path [String] Path to reyes config file
9
- def initialize(group_manager, config_path=nil)
8
+ # @param config [Reyes::Config] Reyes configuration
9
+ def initialize(group_manager, config)
10
10
  @group_manager = group_manager
11
- @config = Reyes::Config.new(config_path)
11
+ @config = config
12
12
  end
13
13
 
14
14
  # @param [Hash] options
@@ -7,7 +7,7 @@ module Reyes
7
7
 
8
8
  def initialize(aws, config, print_signatures=true)
9
9
  @aws = aws
10
- @config = Reyes::Config.new(config)
10
+ @config = config
11
11
  @print_sig = print_signatures
12
12
 
13
13
  log.info("Initialized S3Loader: #{bucket.inspect}/#{path.inspect}")
data/lib/reyes/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Reyes
2
2
  # The Reyes version number
3
- VERSION = '1.3.0' unless defined?(self::VERSION)
3
+ VERSION = '1.4.0' unless defined?(self::VERSION)
4
4
 
5
5
  # Number defining the JSON serialization format
6
6
  JSON_FORMAT_VERSION = 2 unless defined?(self::JSON_FORMAT_VERSION)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: reyes
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andy Brody
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-10-05 00:00:00.000000000 Z
12
+ date: 2015-10-28 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: aws-sdk
@@ -157,8 +157,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
157
157
  version: '0'
158
158
  requirements: []
159
159
  rubyforge_project:
160
- rubygems_version: 2.2.3
160
+ rubygems_version: 2.2.2
161
161
  signing_key:
162
162
  specification_version: 4
163
163
  summary: Reyes manages IPTables rules based on EC2 security groups.
164
164
  test_files: []
165
+ has_rdoc: