reyes 1.3.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +4 -0
  3. data/bin/reyes +22 -9
  4. data/config.yaml.example +3 -0
  5. data/lib/reyes/aws_manager.rb +2 -2
  6. data/lib/reyes/pgp_wrapper.rb +2 -2
  7. data/lib/reyes/run_manager.rb +3 -3
  8. data/lib/reyes/s3_loader.rb +1 -1
  9. data/lib/reyes/version.rb +1 -1
  10. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8e9225619362879c180db3a50563afd569ff3c71
4
- data.tar.gz: 241984d8db909dc5e34b2444b1906abd88d48f06
3
+ metadata.gz: f48d3207db77de72b83707df856cefc4315a933b
4
+ data.tar.gz: 7b98e123a7877ac65a63123aaa34f64247636c3e
5
5
  SHA512:
6
- metadata.gz: 7119c776a76ba54cd231c048b4ea06f18ba572538522d292bd1fd3d90f86019cc8bf38cd28c5fa7c196843faa257843ea251e0f204b4df223d98440f3778572d
7
- data.tar.gz: aa90b05a80ce985576c6ea0ee81df8891bd17dd34a281129a4d543218ea4f839752701e6e7d143586163e13f1ae1fb06fa9488ec4d90bead254d944879f277ac
6
+ metadata.gz: a1c1f59bc3ecfb8fe1233324a7a6148709bbbf19b613cc4dd6e1537d3eee41b804125e9be65b2df0fb4a268de640b79d612f2e650598b19ca7e4837d193c5354
7
+ data.tar.gz: 7d165dde3adad49467ecbe0c14406be3ae8988a7214a5f4557fccf0987642412bd297579e65147edf4d2bdc76b755ce2811d1b2978f09643eb567fce8cc80098
data/CHANGES.md CHANGED
@@ -1,3 +1,7 @@
1
+ # 1.4.0
2
+
3
+ - Add the leader.ignore_ratelimits config option
4
+
1
5
  # 1.3.0
2
6
 
3
7
  - Initial public release of Reyes
data/bin/reyes CHANGED
@@ -19,14 +19,18 @@ def exit_if_stopped!(options)
19
19
  end
20
20
 
21
21
  def command_dump(output_file, options)
22
- aws = Reyes::AwsManager.new(options[:config])
22
+ config = Reyes::Config.new(options[:config])
23
+
24
+ aws = Reyes::AwsManager.new(config)
23
25
  aws.dump_fake_data(output_file)
24
26
  end
25
27
 
26
28
  def command_fetch(region, instance_id, options)
27
- aws = Reyes::AwsManager.new(options[:config])
28
- s3 = Reyes::S3Loader.new(aws, options[:config])
29
- wrapper = Reyes::PgpWrapper.new(options[:config])
29
+ config = Reyes::Config.new(options[:config])
30
+
31
+ aws = Reyes::AwsManager.new(config)
32
+ s3 = Reyes::S3Loader.new(aws, config)
33
+ wrapper = Reyes::PgpWrapper.new(config)
30
34
 
31
35
  armoured_rules = s3.fetch_rules
32
36
  cleartext_rules = wrapper.verify!(armoured_rules)
@@ -34,7 +38,7 @@ def command_fetch(region, instance_id, options)
34
38
  fake = Reyes::FakeAws.new(JSON.load(cleartext_rules),
35
39
  options.fetch(:fake_aws_options))
36
40
  g = Reyes::GroupManager.new(fake, region, instance_id)
37
- r = Reyes::RunManager.new(g, options[:config])
41
+ r = Reyes::RunManager.new(g, config)
38
42
 
39
43
  data = r.generate_data!(options.fetch(:gen_options))
40
44
  r.apply_data!(data, options.fetch(:apply_options))
@@ -45,6 +49,7 @@ def command_fetch(region, instance_id, options)
45
49
  end
46
50
 
47
51
  def command_install(json_file, region, instance_id, options)
52
+ config = Reyes::Config.new(options[:config])
48
53
  if options[:splay]
49
54
  Reyes::Utils.sleep_random(options[:splay])
50
55
  end
@@ -59,7 +64,7 @@ def command_install(json_file, region, instance_id, options)
59
64
  # Should bail out, exiting nonzero if there were changes to commit
60
65
  end
61
66
 
62
- r = Reyes::RunManager.new(g, options[:config])
67
+ r = Reyes::RunManager.new(g, config)
63
68
 
64
69
  data = r.generate_data!(options.fetch(:gen_options))
65
70
  r.apply_data!(data, options.fetch(:apply_options))
@@ -70,15 +75,17 @@ def command_install(json_file, region, instance_id, options)
70
75
  end
71
76
 
72
77
  def command_upload(options)
73
- aws = Reyes::AwsManager.new(options[:config])
74
- wrapper = Reyes::PgpWrapper.new(options[:config])
78
+ config = Reyes::Config.new(options[:config])
79
+
80
+ aws = Reyes::AwsManager.new(config)
81
+ wrapper = Reyes::PgpWrapper.new(config)
75
82
 
76
83
  data_obj = aws.generate_fake_data
77
84
  data = JSON.pretty_generate(data_obj)
78
85
 
79
86
  armoured_data = wrapper.clearsign(data)
80
87
 
81
- s3 = Reyes::S3Loader.new(aws, options[:config])
88
+ s3 = Reyes::S3Loader.new(aws, config)
82
89
 
83
90
  if options[:archive]
84
91
  timestamp = data_obj.fetch('metadata').fetch('generated_stamp')
@@ -87,6 +94,12 @@ def command_upload(options)
87
94
  end
88
95
 
89
96
  s3.upload_rules(armoured_data)
97
+ rescue AWS::EC2::Errors::RequestLimitExceeded => e
98
+ if config.aws_config.fetch('leader').fetch('ignore_ratelimits')
99
+ aws.log.warn("Ignoring ratelimit error", error: e)
100
+ else
101
+ raise
102
+ end
90
103
  end
91
104
 
92
105
  def parse_args
data/config.yaml.example CHANGED
@@ -27,6 +27,9 @@ aws:
27
27
  AWS::EC2:
28
28
  :max_retries: 4
29
29
 
30
+ leader:
31
+ ignore_ratelimits: false
32
+
30
33
  reyes:
31
34
  signing_key: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
32
35
  keyring_directory: /etc/reyes/keyring/
data/lib/reyes/aws_manager.rb CHANGED
@@ -42,8 +42,8 @@ module Reyes
42
42
  end
43
43
  end
44
44
 
45
- def initialize(config_path=nil)
46
- @config ||= Reyes::Config.new(config_path)
45
+ def initialize(config)
46
+ @config = config
47
47
  end
48
48
 
49
49
  def ec2(region)
data/lib/reyes/pgp_wrapper.rb CHANGED
@@ -10,8 +10,8 @@ module Reyes
10
10
  # Create a PgpVerifier
11
11
  #
12
12
  # @param key_id [String] 40 digit key fingerprint
13
- def initialize(config_path=nil)
14
- @config ||= Reyes::Config.new(config_path)
13
+ def initialize(config)
14
+ @config = config
15
15
  @key_id = @config.reyes_config.fetch("signing_key").upcase
16
16
  @keyring_directory = @config.reyes_config.fetch("keyring_directory")
17
17
  end
data/lib/reyes/run_manager.rb CHANGED
@@ -5,10 +5,10 @@ module Reyes
5
5
  IPSET_NAME_PATTERN = /(\d+)(?<nogen>:(\w+):(sg-[a-f0-9]{8}):(\w+))/
6
6
 
7
7
  # @param group_manager [Reyes::GroupManager]
8
- # @param config_path [String] Path to reyes config file
9
- def initialize(group_manager, config_path=nil)
8
+ # @param config [Reyes::Config] Reyes configuration
9
+ def initialize(group_manager, config)
10
10
  @group_manager = group_manager
11
- @config = Reyes::Config.new(config_path)
11
+ @config = config
12
12
  end
13
13
 
14
14
  # @param [Hash] options
data/lib/reyes/s3_loader.rb CHANGED
@@ -7,7 +7,7 @@ module Reyes
7
7
 
8
8
  def initialize(aws, config, print_signatures=true)
9
9
  @aws = aws
10
- @config = Reyes::Config.new(config)
10
+ @config = config
11
11
  @print_sig = print_signatures
12
12
 
13
13
  log.info("Initialized S3Loader: #{bucket.inspect}/#{path.inspect}")
data/lib/reyes/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Reyes
2
2
  # The Reyes version number
3
- VERSION = '1.3.0' unless defined?(self::VERSION)
3
+ VERSION = '1.4.0' unless defined?(self::VERSION)
4
4
 
5
5
  # Number defining the JSON serialization format
6
6
  JSON_FORMAT_VERSION = 2 unless defined?(self::JSON_FORMAT_VERSION)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: reyes
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andy Brody
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-10-05 00:00:00.000000000 Z
12
+ date: 2015-10-28 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: aws-sdk
@@ -157,8 +157,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
157
157
  version: '0'
158
158
  requirements: []
159
159
  rubyforge_project:
160
- rubygems_version: 2.2.3
160
+ rubygems_version: 2.2.2
161
161
  signing_key:
162
162
  specification_version: 4
163
163
  summary: Reyes manages IPTables rules based on EC2 security groups.
164
164
  test_files: []
165
+ has_rdoc: