rubycfn 0.4.10 → 0.5.4

data/lib/cli_methods.rb

@@ -1,5 +1,5 @@
-def render(file, vars, path)
-  template = File.read("#{path}/templates/#{file}.erb")
+def render(file, vars)
+  template = File.read(file)
   ERB.new(template).result(OpenStruct.new(vars).instance_eval { binding })
 end
 

data/lib/rubycfn/version.rb

@@ -1,4 +1,4 @@
 # Rubycfn version
 module Rubycfn
-  VERSION = "0.4.10".freeze
+  VERSION = "0.5.4".freeze
 end

data/rubycfn.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_runtime_dependency "neatjson", "~> 0.8.4"
-  spec.add_runtime_dependency "json", "~> 2.1.0"
+  spec.add_runtime_dependency "json", "~> 2.3.0"
   spec.add_runtime_dependency "activesupport", "~> 5.1.5"
   spec.add_runtime_dependency "tty-prompt", "~> 0.16.0"
   spec.add_runtime_dependency "dotenv", "~> 2.4.0"

data/templates/.env

@@ -0,0 +1,2 @@
+AWS_REGION="<%= region %>"
+ENVIRONMENT="development"

data/templates/.env.acceptance

@@ -0,0 +1 @@
+# Acceptance-specific ENV vars

data/templates/.env.dependencies.rspec

@@ -0,0 +1,6 @@
+ARTIFACTBUCKET=rspec-artifactbucket-m0ck
+HOSTEDZONENAME=rspec.example.com
+HOSTEDZONEID=13117756P2M0CK
+LOGGINGBUCKET=rspec-dependencystack-loggingbucket-mock
+CLOUDFORMATIONBUCKET=rspec-dependencystack-cloudformationbucket-mock
+LAMBDABUCKET=rspec-dependencystack-lambdabucket-mock

data/templates/.env.development

@@ -0,0 +1 @@
+# Development-specific ENV vars

data/templates/.env.production

@@ -0,0 +1 @@
+# Production-specific ENV vars

data/templates/.env.rspec

@@ -0,0 +1 @@
+# ENV vars for rspec environment

data/templates/.env.test

@@ -0,0 +1 @@
+# Test-specific ENV vars

data/templates/{.gitignore.erb → .gitignore}

@@ -82,3 +82,10 @@ temp/
 attic/
 /venv
 /Gemfile.lock
+.env.dependencies
+.env.dependencies.development
+.env.dependencies.test
+.env.dependencies.acceptance
+.env.dependencies.production
+CloudFormationResourceSpecification.json
+config.json

data/templates/{.rubocop.yml.erb → .rubocop.yml}

@@ -11,6 +11,7 @@ AllCops:
   Exclude:
     - "test/**/*.rb"
     - "spec/**/*.rb"
+    - "attic/**/*"
 
 Metrics/AbcSize:
   Max: 500
@@ -34,7 +35,7 @@ Style/Documentation:
   Enabled: false
 
 Metrics/LineLength:
-  Max: 500
+  Max: 700
   Exclude:
     - "test/**/*"
     - "spec/**/*"
@@ -87,5 +88,20 @@ Style/IfUnlessModifier:
 Style/DateTime:
   Enabled: false
 
+Style/RedundantSelf:
+  Enabled: false
+
 Layout/SpaceInsideHashLiteralBraces:
   EnforcedStyle: space
+
+Metrics/MethodLength:
+  Enabled: false
+
+Metrics/PerceivedComplexity:
+  Max: 20
+
+Style/EvalWithLocation:
+  Enabled: false
+
+Style/PerlBackrefs:
+  Enabled: false

data/templates/{Gemfile.erb → Gemfile}

@@ -2,7 +2,6 @@ source "https://rubygems.org" do
   gem "aws-sdk", "~> 3.0.1"
   gem "aws-sdk-s3", "~> 1.36.0"
   gem "colorize", "~> 0.8.1"
-  gem "diffy", "~> 3.3.0"
   gem "git-revision", "~> 0.0.2"
   gem "launchy", "~> 2.4.3"
   gem "rspec", "~> 3.8"

data/templates/README.md

@@ -0,0 +1,58 @@
+# Infrastructure for <%= project_name %>
+
+```
+__________ ____ __________________.___._________ _____________________
+\______   \    |   \______   \__  |   |\_   ___ \\_   _____/\______   \
+ |       _/    |   /|    |  _//   |   |/    \  \/ |    __)   |    |  _/
+ |    |   \    |  / |    |   \\____   |\     \____|     \    |    |   \
+ |____|_  /______/  |______  // ______| \______  /\___  /    |______  /
+        \/                 \/ \/               \/     \/            \/ [<%= version %>]
+```
+
+## Prerequisites
+
+- Edit .env.private and configure your AWS credentials, or export your AWS credentials.
+- Type `rake init` to create the DependencyStack in your AWS account
+
+## Rake commands
+
+`rake` - Retrieve required outputs from DependencyStack, Compile the code into CloudFormation templates and run unit tests
+`rake init` - Deploy the DependencyStack in the AWS account
+`rake compile` - Compile the code into CloudFormation templates
+`rake spec` - Run unit tests
+`rake upload` - Upload the CloudFormation templates to s3
+`rake update` - Save required outputs from DependencyStack to .env.dependencies.<ENVIRONMENT>
+`rake apply` - Deploy the CloudFormation templates
+
+## Stack configuration
+
+The `config.yaml` file in the root directory of this project contains most of the configuration.  It contains the networking configuration for each environment, subnet configuration, DNS and ECS (Docker) containers that are deployed.
+
+## Adding your own resources
+
+The lib/stacks/ directory contains all nested stacks for this project. Every nested stack has a
+directory under lib/stacks/. You can add resources to any of these stacks, or create a new stack altogether. See [https://github.com/dennisvink/rubycfn/blob/master/README.md](https://github.com/dennisvink/rubycfn/blob/master/README.md) for documentation.
+
+## About
+
+The code generated by Rubycfn is copyrighted by Dennis Vink (https://drvink.com/),
+except for modifications made to the <%= project_name %> project after the initial
+`git init` command. 
+
+For the generated code permission is hereby granted, free of charge, to any
+person obtaining a copy of the generated software and associated documentation
+files (the "Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish, distribute,
+sublicense, and/or sell copies of the Software, and to permit persons to whom
+the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/templates/{Rakefile.erb → Rakefile}

@@ -12,17 +12,22 @@ RSpec::Core::RakeTask.new do |t|
 end
 
 desc "Apply CloudFormation template"
-task :apply do
+task :apply_stack do
   require_relative "lib/main"
   require_relative "lib/core/deploy"
 end
 
 desc "Upload stacks to s3"
-task :upload do
+task :upload_stack do
   require_relative "lib/main"
   require_relative "lib/core/upload"
 end
 
+desc "Initialize AWS Account"
+task :init do
+  require_relative "lib/core/init"
+end
+
 desc "Clean build directory"
 task :clean do
   Dir.foreach("build/") do |f|
@@ -31,14 +36,13 @@ task :clean do
   end
 end
 
-desc "Diff CloudFormation template"
-task :diff do
-  require_relative "lib/main"
-  require_relative "lib/core/diff"
+desc "Store dependencies of DependencyStack in .env.dependencies.<ENVIRONMENT>"
+task :dependencies do
+  require_relative "lib/core/dependencies.rb"
 end
 
 desc "Compile CloudFormation"
-task :compile do
+task :compile_stack do
   require_relative "lib/main"
   require_relative "lib/core/compile"
 end
@@ -47,4 +51,7 @@ RuboCop::RakeTask.new(:rubocop) do |t|
   t.options = ["--display-cop-names"]
 end
 
-task default: %i(spec compile)
+task default: %i(dependencies compile_stack spec)
+task compile: %i(dependencies compile_stack)
+task upload: %i(dependencies upload_stack)
+task apply: %i(dependencies apply_stack)

data/templates/config.yaml

@@ -0,0 +1,68 @@
+environments:
+  rspec:
+    vpc_cidr: 192.168.0.0/16
+    stack_name: rspec-devops
+    domain_name: "rspec.io"
+    no_subdomain: true
+  development:
+    vpc_cidr: 10.10.0.0/16
+    stack_name: development-devops
+  test:
+    vpc_cidr: 10.20.0.0/16
+    stack_name: test-devops
+  acceptance:
+    vpc_cidr: 10.30.0.0/16
+    stack_name: acceptance-devops
+  production:
+    vpc_cidr: 10.40.0.0/16
+    stack_name: production-devops
+subnets:
+  - ec2_public:
+      owner: infra
+      public: true
+      offset: 1
+      deploy_nat: true
+      output_cidr: false
+  - ec2_private:
+      owner: infra
+      public: false
+      offset: 2
+      deploy_nat: false
+      output_cidr: false
+  - backend_rds_public:
+      owner: infra
+      public: true
+      offset: 3
+      deploy_nat: false
+      output_cidr: false
+  - backend_rds_private:
+      owner: infra
+      public: false
+      offset: 4
+      deploy_nat: false
+      output_cidr: false
+applications:
+  hello-world:
+    image: nginxdemos/hello
+    container_port: 80
+    priority: 2
+    min: 2
+    max: 8
+    mem: 128
+    env:
+      SOME_ENV_VAR: Exposed
+      SOME_OTHER_VAR: desopxE
+      # SOME_REFFED_VAR: :foobar.ef
+      # SOME_OTHER_STACK_VAR: :vpc_stack.ref("Outputs.VpcId")
+      # SOME_ENV_VAR: ${MY_ENV_VAR}
+  hello-world2:
+    image: tutum/hello-world
+    container_port: 80
+    priority: 3
+    min: 2
+    max: 8
+    mem: 128
+    env:
+      SOME_ENV_VAR: Exposed
+      SOME_OTHER_VAR: desopxE
+domain_name: "example.com"

data/templates/lib/aws_helper/aws_sdk.rb

@@ -0,0 +1,30 @@
+def create_bucket_if_not_exists(aws_region, artifact_bucket)
+  s3 = Aws::S3::Resource.new(region: aws_region)
+  begin
+    s3.create_bucket(bucket: artifact_bucket)
+  rescue => exception
+    raise exception unless exception.class == Aws::S3::Errors::BucketAlreadyOwnedByYou
+  end
+  s3
+end
+
+def set_aws_credentials(region, access_key_id, secret_access_key)
+  if access_key_id.nil? == false && secret_access_key.nil? == false
+    aws_session_token = ENV["AWS_SESSION_TOKEN"]
+    if aws_session_token.nil?
+      Aws.config.update(
+        region: region,
+        credentials: Aws::Credentials.new(access_key_id, secret_access_key)
+      )
+    else
+      Aws.config.update(
+        region: region,
+        credentials: Aws::Credentials.new(access_key_id, secret_access_key, aws_session_token)
+      )
+    end
+  else
+    Aws.config.update(
+      region: region
+    )
+  end
+end

data/templates/{compiler.rb.erb → lib/aws_helper/compiler.rb}

@@ -1,12 +1,14 @@
 require "git-revision"
 
-def update_references(contents, environment, artifact_bucket)
+def update_references(contents, environment, _artifact_bucket)
+  Dotenv.load(".env.private")
+  Dotenv.load(".env.dependencies.#{ENV["ENVIRONMENT"]}")
   contents["Resources"].map do |resource|
     resource_name = resource.shift
     resource_values = resource.shift
     if resource_values["Type"] == "AWS::CloudFormation::Stack"
       template_hash = @stack_hashes[resource_name.to_sym]
-      s3_url = "https://s3.amazonaws.com/#{artifact_bucket}/#{environment}-" \
+      s3_url = "https://s3.amazonaws.com/#{ENV["CLOUDFORMATIONBUCKET"]}/#{environment}-" \
                "#{resource_name.downcase}-#{template_hash}.json"
       resource_values["Properties"]["TemplateURL"] = s3_url
     end
@@ -30,17 +32,21 @@ end
 def compile_stacks(skip_creation = false)
   stacks = {}
   FileUtils.mkdir_p "build" unless skip_creation
-  Module.constants.select do |mod|
-    if mod =~ /Stack$/
-      send("include", Object.const_get("SharedConcerns"))
-      stacks[mod.to_sym] = send("include", Object.const_get(mod)).render_template("AWS")
+  # Iterate twice to support dynamically generated modules
+  2.times do
+    Module.constants.select do |mod|
+      if mod =~ /Stack$/
+        next unless stacks[mod.to_sym].nil?
+        send("include", Object.const_get("SharedConcerns"))
+        stacks[mod.to_sym] = send("include", Object.const_get(mod)).render_template("AWS")
+      end
     end
   end
 
   stacks.each do |stack_name, stack|
     stack = inject_dummy_resource(stack)
     next if JSON.parse(stack)["Resources"].nil?
-    stack_to_md5(stack_name, stack)
+    stack_to_hash(stack_name)
     unless skip_creation
       puts "- Saved #{stack_name} to build/#{ENV["ENVIRONMENT"]}-#{stack_name.downcase}.json"
       File.open("build/#{ENV["ENVIRONMENT"]}-#{stack_name.downcase}.json", "w") { |f| f.write(JSON.pretty_generate(JSON.parse(stack))) }
@@ -50,9 +56,9 @@ def compile_stacks(skip_creation = false)
   stacks.each do |stack_name, stack|
     stack = inject_dummy_resource(stack)
     next if JSON.parse(stack)["Resources"].nil?
-    stack = update_references(JSON.parse(stack), ENV["ENVIRONMENT"], ENV["ARTIFACT_BUCKET"])
+    stack = update_references(JSON.parse(stack), ENV["ENVIRONMENT"], ENV["CLOUDFORMATIONBUCKET"])
     stacks[stack_name] = stack
-    stack_to_md5(stack_name, stack)
+    stack_to_hash(stack_name)
     unless skip_creation
       File.open("build/#{ENV["ENVIRONMENT"]}-#{stack_name.downcase}.json", "w") { |f| f.write(JSON.pretty_generate(JSON.parse(stack))) }
     end

data/templates/lib/aws_helper/dependencies.rb

@@ -0,0 +1,35 @@
+def infra_config
+  config = YAML.safe_load(File.read("config.yaml"), [Symbol])
+  config["applications"] ||= {}
+  config["environments"] ||= {}
+  config["subnets"] ||= {}
+  config
+end
+
+def load_env_vars
+  Dotenv.load(".env.private")
+  Dotenv.load(".env.dependencies.#{ENV["ENVIRONMENT"]}")
+  Dotenv.load(".env")
+  Dotenv.load(".env.#{ENV["ENVIRONMENT"]}")
+
+  check_dependencies
+  {
+    artifact_bucket: ENV["ARTIFACTBUCKET"],
+    aws_region: ENV["AWS_REGION"],
+    aws_access_key_id: ENV["AWS_ACCESS_KEY_ID"],
+    aws_secret_access_key: ENV["AWS_SECRET_ACCESS_KEY"],
+    cloudformation_bucket: ENV["CLOUDFORMATIONBUCKET"],
+    environment: ENV["ENVIRONMENT"],
+    stack_name: infra_config["environments"][ENV["ENVIRONMENT"]]["stack_name"]
+  }
+end
+
+def check_dependencies
+  ENV["AWS_REGION"] ||= ENV["AWS_DEFAULT_REGION"]
+  raise "AWS_REGION not set." unless ENV["AWS_REGION"]
+  raise "CLOUDFORMATIONBUCKET not set. Run `rake init` and `rake update` first!" unless ENV["CLOUDFORMATIONBUCKET"]
+  raise "ARTIFACTBUCKET not set. Run `rake init` and `rake update` first!" unless ENV["ARTIFACTBUCKET"]
+  raise "ENVIRONMENT not set." unless ENV["ENVIRONMENT"]
+  raise "`stack_name` not configured in config.yaml" unless infra_config["environments"][ENV["ENVIRONMENT"]]["stack_name"]
+  raise "AWS CREDENTIALS NOT SET" unless ENV["AWS_ACCESS_KEY_ID"] && ENV["AWS_SECRET_ACCESS_KEY"]
+end

data/templates/{deploy.rb.erb → lib/aws_helper/deploy.rb}

@@ -3,7 +3,7 @@ WAITING_STATES = %w(
   UPDATE_COMPLETE_CLEANUP_IN_PROGRESS UPDATE_IN_PROGRESS
   UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS UPDATE_ROLLBACK_IN_PROGRESS
 ).freeze
-SUCCESS_STATES = %w(CREATE_COMPLETE UPDATE_COMPLETE).freeze
+SUCCESS_STATES = %w(IMPORT_COMPLETE CREATE_COMPLETE UPDATE_COMPLETE).freeze
 FAILURE_STATES = %w(
   CREATE_FAILED DELETE_FAILED UPDATE_ROLLBACK_FAILED
   ROLLBACK_FAILED ROLLBACK_COMPLETE ROLLBACK_FAILED
@@ -11,7 +11,7 @@ FAILURE_STATES = %w(
 ).freeze
 END_STATES = SUCCESS_STATES + FAILURE_STATES
 DEPLOYABLE_STATES = %w(
-  CREATE_COMPLETE UPDATE_COMPLETE ROLLBACK_COMPLETE
+  IMPORT_COMPLETE CREATE_COMPLETE UPDATE_COMPLETE ROLLBACK_COMPLETE
   UPDATE_ROLLBACK_COMPLETE
 ).freeze
 
@@ -38,16 +38,17 @@ end
 def get_parent_stack_s3_location(bucket, environment)
   stacks = compile_stacks(true)
   parent_stack = nil
+  file_hash = nil
 
   stacks.each do |stack_name, stack|
     next if JSON.parse(stack)["Resources"].nil?
     JSON.parse(stack)["Resources"].each do |_resource, payload|
       if payload["Type"] == "AWS::CloudFormation::Stack"
         parent_stack = stack_name
+        file_hash = git_revision
         break
       end
     end
   end
-
-  "https://s3.amazonaws.com/#{bucket}/#{environment}-#{parent_stack.downcase}-#{@stack_hashes[parent_stack.to_sym]}.json"
+  "https://s3.amazonaws.com/#{bucket}/#{environment}-#{parent_stack.downcase}-#{file_hash}.json"
 end