reyes 1.3.0 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +4 -0
- data/bin/reyes +22 -9
- data/config.yaml.example +3 -0
- data/lib/reyes/aws_manager.rb +2 -2
- data/lib/reyes/pgp_wrapper.rb +2 -2
- data/lib/reyes/run_manager.rb +3 -3
- data/lib/reyes/s3_loader.rb +1 -1
- data/lib/reyes/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f48d3207db77de72b83707df856cefc4315a933b
|
4
|
+
data.tar.gz: 7b98e123a7877ac65a63123aaa34f64247636c3e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a1c1f59bc3ecfb8fe1233324a7a6148709bbbf19b613cc4dd6e1537d3eee41b804125e9be65b2df0fb4a268de640b79d612f2e650598b19ca7e4837d193c5354
|
7
|
+
data.tar.gz: 7d165dde3adad49467ecbe0c14406be3ae8988a7214a5f4557fccf0987642412bd297579e65147edf4d2bdc76b755ce2811d1b2978f09643eb567fce8cc80098
|
data/CHANGES.md
CHANGED
data/bin/reyes
CHANGED
@@ -19,14 +19,18 @@ def exit_if_stopped!(options)
|
|
19
19
|
end
|
20
20
|
|
21
21
|
def command_dump(output_file, options)
|
22
|
-
|
22
|
+
config = Reyes::Config.new(options[:config])
|
23
|
+
|
24
|
+
aws = Reyes::AwsManager.new(config)
|
23
25
|
aws.dump_fake_data(output_file)
|
24
26
|
end
|
25
27
|
|
26
28
|
def command_fetch(region, instance_id, options)
|
27
|
-
|
28
|
-
|
29
|
-
|
29
|
+
config = Reyes::Config.new(options[:config])
|
30
|
+
|
31
|
+
aws = Reyes::AwsManager.new(config)
|
32
|
+
s3 = Reyes::S3Loader.new(aws, config)
|
33
|
+
wrapper = Reyes::PgpWrapper.new(config)
|
30
34
|
|
31
35
|
armoured_rules = s3.fetch_rules
|
32
36
|
cleartext_rules = wrapper.verify!(armoured_rules)
|
@@ -34,7 +38,7 @@ def command_fetch(region, instance_id, options)
|
|
34
38
|
fake = Reyes::FakeAws.new(JSON.load(cleartext_rules),
|
35
39
|
options.fetch(:fake_aws_options))
|
36
40
|
g = Reyes::GroupManager.new(fake, region, instance_id)
|
37
|
-
r = Reyes::RunManager.new(g,
|
41
|
+
r = Reyes::RunManager.new(g, config)
|
38
42
|
|
39
43
|
data = r.generate_data!(options.fetch(:gen_options))
|
40
44
|
r.apply_data!(data, options.fetch(:apply_options))
|
@@ -45,6 +49,7 @@ def command_fetch(region, instance_id, options)
|
|
45
49
|
end
|
46
50
|
|
47
51
|
def command_install(json_file, region, instance_id, options)
|
52
|
+
config = Reyes::Config.new(options[:config])
|
48
53
|
if options[:splay]
|
49
54
|
Reyes::Utils.sleep_random(options[:splay])
|
50
55
|
end
|
@@ -59,7 +64,7 @@ def command_install(json_file, region, instance_id, options)
|
|
59
64
|
# Should bail out, exiting nonzero if there were changes to commit
|
60
65
|
end
|
61
66
|
|
62
|
-
r = Reyes::RunManager.new(g,
|
67
|
+
r = Reyes::RunManager.new(g, config)
|
63
68
|
|
64
69
|
data = r.generate_data!(options.fetch(:gen_options))
|
65
70
|
r.apply_data!(data, options.fetch(:apply_options))
|
@@ -70,15 +75,17 @@ def command_install(json_file, region, instance_id, options)
|
|
70
75
|
end
|
71
76
|
|
72
77
|
def command_upload(options)
|
73
|
-
|
74
|
-
|
78
|
+
config = Reyes::Config.new(options[:config])
|
79
|
+
|
80
|
+
aws = Reyes::AwsManager.new(config)
|
81
|
+
wrapper = Reyes::PgpWrapper.new(config)
|
75
82
|
|
76
83
|
data_obj = aws.generate_fake_data
|
77
84
|
data = JSON.pretty_generate(data_obj)
|
78
85
|
|
79
86
|
armoured_data = wrapper.clearsign(data)
|
80
87
|
|
81
|
-
s3 = Reyes::S3Loader.new(aws,
|
88
|
+
s3 = Reyes::S3Loader.new(aws, config)
|
82
89
|
|
83
90
|
if options[:archive]
|
84
91
|
timestamp = data_obj.fetch('metadata').fetch('generated_stamp')
|
@@ -87,6 +94,12 @@ def command_upload(options)
|
|
87
94
|
end
|
88
95
|
|
89
96
|
s3.upload_rules(armoured_data)
|
97
|
+
rescue AWS::EC2::Errors::RequestLimitExceeded => e
|
98
|
+
if config.aws_config.fetch('leader').fetch('ignore_ratelimits')
|
99
|
+
aws.log.warn("Ignoring ratelimit error", error: e)
|
100
|
+
else
|
101
|
+
raise
|
102
|
+
end
|
90
103
|
end
|
91
104
|
|
92
105
|
def parse_args
|
data/config.yaml.example
CHANGED
data/lib/reyes/aws_manager.rb
CHANGED
data/lib/reyes/pgp_wrapper.rb
CHANGED
@@ -10,8 +10,8 @@ module Reyes
|
|
10
10
|
# Create a PgpVerifier
|
11
11
|
#
|
12
12
|
# @param key_id [String] 40 digit key fingerprint
|
13
|
-
def initialize(
|
14
|
-
@config
|
13
|
+
def initialize(config)
|
14
|
+
@config = config
|
15
15
|
@key_id = @config.reyes_config.fetch("signing_key").upcase
|
16
16
|
@keyring_directory = @config.reyes_config.fetch("keyring_directory")
|
17
17
|
end
|
data/lib/reyes/run_manager.rb
CHANGED
@@ -5,10 +5,10 @@ module Reyes
|
|
5
5
|
IPSET_NAME_PATTERN = /(\d+)(?<nogen>:(\w+):(sg-[a-f0-9]{8}):(\w+))/
|
6
6
|
|
7
7
|
# @param group_manager [Reyes::GroupManager]
|
8
|
-
# @param
|
9
|
-
def initialize(group_manager,
|
8
|
+
# @param config [Reyes::Config] Reyes configuration
|
9
|
+
def initialize(group_manager, config)
|
10
10
|
@group_manager = group_manager
|
11
|
-
@config =
|
11
|
+
@config = config
|
12
12
|
end
|
13
13
|
|
14
14
|
# @param [Hash] options
|
data/lib/reyes/s3_loader.rb
CHANGED
data/lib/reyes/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: reyes
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andy Brody
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2015-10-
|
12
|
+
date: 2015-10-28 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: aws-sdk
|
@@ -157,8 +157,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
157
157
|
version: '0'
|
158
158
|
requirements: []
|
159
159
|
rubyforge_project:
|
160
|
-
rubygems_version: 2.2.
|
160
|
+
rubygems_version: 2.2.2
|
161
161
|
signing_key:
|
162
162
|
specification_version: 4
|
163
163
|
summary: Reyes manages IPTables rules based on EC2 security groups.
|
164
164
|
test_files: []
|
165
|
+
has_rdoc:
|