sitefull-cloud 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +20 -3
- data/lib/sitefull-cloud/auth/amazon.rb +14 -18
- data/lib/sitefull-cloud/auth/azure.rb +14 -14
- data/lib/sitefull-cloud/auth/base.rb +36 -2
- data/lib/sitefull-cloud/auth/google.rb +12 -16
- data/lib/sitefull-cloud/auth.rb +11 -11
- data/lib/sitefull-cloud/provider/amazon.rb +9 -5
- data/lib/sitefull-cloud/provider/azure.rb +4 -0
- data/lib/sitefull-cloud/provider/google.rb +3 -3
- data/lib/sitefull-cloud/provider.rb +6 -2
- data/lib/sitefull-cloud/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: be24ed92a5fe9baf164ba46e248e09d59574259b
|
4
|
+
data.tar.gz: f0b7a997bc7ee41a8790f41cc40a73d9bd41ddc3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 553ff09a15f609be220e4d87c5baeb738154cff16238eb32a9642d9580cfd9a567847b76b50d1336443beec83f38743560a1116424beed1c9ac86d99b4777750
|
7
|
+
data.tar.gz: 7977afba97ec37cf6968ba4c7a1a4d91b743fb07bd97e080dd859197113a27c92b965758a75835ec2189a3da6515ef313101aab9ec786b1ff7284ede259bbe16
|
data/README.md
CHANGED
@@ -51,7 +51,7 @@ options = {
|
|
51
51
|
role_arn: "IAM Role ARN",
|
52
52
|
redirect_uri: "One of the Allowed Return URLs for the Amazon Application"
|
53
53
|
}
|
54
|
-
provider = Sitefull::Cloud::
|
54
|
+
provider = Sitefull::Cloud::Auth.new('amazon', options) ;
|
55
55
|
```
|
56
56
|
* Generate the authorization URL and open it in a web browser
|
57
57
|
```
|
@@ -83,7 +83,7 @@ options = {
|
|
83
83
|
client_secret: "Azure Application Client Secret",
|
84
84
|
redirect_uri: "One of the Reply URLs for the Azure Application"
|
85
85
|
}
|
86
|
-
provider = Sitefull::Cloud::
|
86
|
+
provider = Sitefull::Cloud::Auth.new('azure', options) ;
|
87
87
|
```
|
88
88
|
* Generate the authorization URL and open it in a web browser
|
89
89
|
```
|
@@ -118,7 +118,7 @@ options = {
|
|
118
118
|
client_secret: "Google OAuth Client Secret",
|
119
119
|
redirect_uri: "One of the Authorized redirect URIs"
|
120
120
|
}
|
121
|
-
provider = Sitefull::Cloud::
|
121
|
+
provider = Sitefull::Cloud::Auth.new('google', options) ;
|
122
122
|
```
|
123
123
|
* Generate the authorization URL and open it in a web browser
|
124
124
|
```
|
@@ -140,12 +140,29 @@ client.authorization = credentials
|
|
140
140
|
client.list_images('A project the authenticated user can access')
|
141
141
|
```
|
142
142
|
|
143
|
+
### Providers
|
144
|
+
|
145
|
+
If you already have obtained a token for one of the providers you can use `Sitefull::Cloud::Provider` to perform basic operations.
|
146
|
+
```
|
147
|
+
provider = Sitefull::Cloud::Provider.new(:amazon, token: token, region: 'us-east-1')
|
148
|
+
provider.regions # Returns a list of regions
|
149
|
+
provider.machine_types(region) # Returns a list of regions
|
150
|
+
....
|
151
|
+
```
|
152
|
+
|
143
153
|
## Development
|
144
154
|
|
145
155
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
146
156
|
|
147
157
|
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
148
158
|
|
159
|
+
## Testing
|
160
|
+
|
161
|
+
To mock the provider APIs just add the following to your `rails_helper.rb` or `spec_helper.rb` file:
|
162
|
+
```
|
163
|
+
Sitefull::Cloud.mock!
|
164
|
+
```
|
165
|
+
|
149
166
|
## Contributing
|
150
167
|
|
151
168
|
Bug reports and pull requests are welcome on GitHub at https://github.com/stanchino/sitefull-cloud. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
|
@@ -12,14 +12,15 @@ module Sitefull
|
|
12
12
|
PROVIDER_ID = 'www.amazon.com'.freeze
|
13
13
|
|
14
14
|
MISSING_ROLE_ARN = 'Missing Role ARN'.freeze
|
15
|
-
|
16
|
-
|
17
|
-
@options = skip_validation ? options : validate(options)
|
18
|
-
end
|
15
|
+
MISSING_REGION = 'Missing Region'.freeze
|
16
|
+
MISSING_SESSION_NAME = 'Missing session name'.freeze
|
19
17
|
|
20
18
|
def credentials(token)
|
21
19
|
fail MISSING_ROLE_ARN if @options[:role_arn].to_s.empty?
|
22
|
-
|
20
|
+
fail MISSING_REGION if @options[:region].to_s.empty?
|
21
|
+
fail MISSING_SESSION_NAME if @options[:session_name].to_s.empty?
|
22
|
+
|
23
|
+
sts = Aws::STS::Client.new(region: @options[:region])
|
23
24
|
response = sts.assume_role_with_web_identity(role_arn: @options[:role_arn],
|
24
25
|
role_session_name: @options[:session_name],
|
25
26
|
provider_id: 'www.amazon.com',
|
@@ -27,25 +28,20 @@ module Sitefull
|
|
27
28
|
Aws::Credentials.new(*response.credentials.to_h.values_at(:access_key_id, :secret_access_key, :session_token))
|
28
29
|
end
|
29
30
|
|
30
|
-
def
|
31
|
-
|
32
|
-
options[:authorization_uri] ||= AUTHORIZATION_URI
|
33
|
-
options[:scope] ||= Array(SCOPE)
|
34
|
-
options[:token_credential_uri] ||= TOKEN_CREDENTIALS_URI
|
35
|
-
options[:session_name] ||= 'web-user-session'
|
36
|
-
options
|
31
|
+
def callback_uri
|
32
|
+
CALLBACK_URI
|
37
33
|
end
|
38
34
|
|
39
|
-
def
|
40
|
-
|
35
|
+
def authorization_uri(_)
|
36
|
+
AUTHORIZATION_URI
|
41
37
|
end
|
42
38
|
|
43
|
-
def
|
44
|
-
|
39
|
+
def scope
|
40
|
+
SCOPE
|
45
41
|
end
|
46
42
|
|
47
|
-
def
|
48
|
-
|
43
|
+
def token_credentials_uri(_)
|
44
|
+
TOKEN_CREDENTIALS_URI
|
49
45
|
end
|
50
46
|
end
|
51
47
|
end
|
@@ -15,25 +15,13 @@ module Sitefull
|
|
15
15
|
|
16
16
|
MISSING_TENANT_ID = 'Missing Tenant ID'.freeze
|
17
17
|
|
18
|
-
def initialize(options = {}, skip_validation = false)
|
19
|
-
@options = skip_validation ? options : validate(options)
|
20
|
-
end
|
21
|
-
|
22
18
|
def validate(options = {})
|
23
19
|
fail MISSING_TENANT_ID if options[:tenant_id].nil? || options[:tenant_id].to_s.empty?
|
24
|
-
|
25
|
-
options[:authorization_uri] ||= sprintf(AUTHORIZATION_URI, options[:tenant_id])
|
26
|
-
options[:scope] ||= Array(SCOPE)
|
27
|
-
options[:token_credential_uri] ||= sprintf(TOKEN_CREDENTIALS_URI, options[:tenant_id])
|
28
|
-
options
|
29
|
-
end
|
30
|
-
|
31
|
-
def token_options
|
32
|
-
@options.select { |k| [:authorization_uri, :client_id, :client_secret, :scope, :token_credential_uri, :redirect_uri].include? k.to_sym }
|
20
|
+
super(options)
|
33
21
|
end
|
34
22
|
|
35
23
|
def authorization_url_options
|
36
|
-
|
24
|
+
super.merge({ resource: 'https://management.core.windows.net/'})
|
37
25
|
end
|
38
26
|
|
39
27
|
def credentials(token)
|
@@ -44,6 +32,18 @@ module Sitefull
|
|
44
32
|
def callback_uri
|
45
33
|
CALLBACK_URI
|
46
34
|
end
|
35
|
+
|
36
|
+
def authorization_uri(options)
|
37
|
+
sprintf(AUTHORIZATION_URI, options[:tenant_id])
|
38
|
+
end
|
39
|
+
|
40
|
+
def scope
|
41
|
+
SCOPE
|
42
|
+
end
|
43
|
+
|
44
|
+
def token_credentials_uri(options)
|
45
|
+
sprintf(TOKEN_CREDENTIALS_URI, options[:tenant_id])
|
46
|
+
end
|
47
47
|
end
|
48
48
|
end
|
49
49
|
end
|
@@ -2,27 +2,61 @@ module Sitefull
|
|
2
2
|
module Auth
|
3
3
|
class Base
|
4
4
|
|
5
|
+
MISSING_AUTHORIZATION_URI = 'Missing Authorization URL'.freeze
|
5
6
|
MISSING_BASE_URI = 'Missing base URL and redirect URL'.freeze
|
6
7
|
MISSING_BASE_URI_SCHEME = 'Base URL must be an absolute URL'.freeze
|
7
8
|
MISSING_CALLBACK_URI = 'No callback URI specified'.freeze
|
8
9
|
MISSING_CLIENT_ID = 'Missing Client ID'.freeze
|
9
10
|
MISSING_CLIENT_SECRET = 'Missing Client Secret'.freeze
|
10
11
|
MISSING_REDIRECT_URI_SCHEME = 'Redirect URL must be an absolute URL'.freeze
|
12
|
+
MISSING_SCOPE = 'Missing scope'.freeze
|
13
|
+
MISSING_TOKEN_CREDENTIALS_URI = 'Missing Token Credentials URL'.freeze
|
14
|
+
|
15
|
+
def initialize(options = {})
|
16
|
+
@options = validate(options)
|
17
|
+
end
|
11
18
|
|
12
19
|
def validate(options = {})
|
13
20
|
fail MISSING_CLIENT_ID if options[:client_id].to_s.empty?
|
14
21
|
fail MISSING_CLIENT_SECRET if options[:client_secret].to_s.empty?
|
15
22
|
fail MISSING_REDIRECT_URI_SCHEME if !options[:redirect_uri].to_s.empty? && URI(options[:redirect_uri].to_s).scheme.to_s.empty?
|
16
|
-
|
17
|
-
|
23
|
+
process(options)
|
24
|
+
end
|
25
|
+
|
26
|
+
def token_options
|
27
|
+
@options.select { |k| [:authorization_uri, :client_id, :client_secret, :scope, :token_credential_uri, :redirect_uri].include? k.to_sym }.merge(@options[:token] || {})
|
28
|
+
end
|
29
|
+
|
30
|
+
def authorization_url_options
|
31
|
+
@options.select { |k| [:state, :login_hint, :redirect_uri].include? k.to_sym }
|
18
32
|
end
|
19
33
|
|
20
34
|
def callback_uri
|
21
35
|
fail MISSING_CALLBACK_URI
|
22
36
|
end
|
23
37
|
|
38
|
+
def authorization_uri(_)
|
39
|
+
fail MISSING_AUTHORIZATION_URI
|
40
|
+
end
|
41
|
+
|
42
|
+
def scope
|
43
|
+
fail MISSING_SCOPE
|
44
|
+
end
|
45
|
+
|
46
|
+
def token_credentials_uri(_)
|
47
|
+
fail MISSING_TOKEN_CREDENTIALS_URI
|
48
|
+
end
|
24
49
|
private
|
25
50
|
|
51
|
+
def process(options = {})
|
52
|
+
options[:redirect_uri] ||= default_redirect_uri(options) if options[:token].to_s.empty?
|
53
|
+
options[:token] = JSON.parse options[:token] unless options[:token].to_s.empty?
|
54
|
+
options[:authorization_uri] ||= authorization_uri(options)
|
55
|
+
options[:scope] ||= Array(scope)
|
56
|
+
options[:token_credential_uri] ||= token_credentials_uri(options)
|
57
|
+
options
|
58
|
+
end
|
59
|
+
|
26
60
|
def default_redirect_uri(options)
|
27
61
|
fail MISSING_BASE_URI if options[:base_uri].to_s.empty?
|
28
62
|
fail MISSING_BASE_URI_SCHEME if URI(options[:base_uri].to_s).scheme.to_s.empty?
|
@@ -9,32 +9,28 @@ module Sitefull
|
|
9
9
|
SCOPE = %w(https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/compute).freeze
|
10
10
|
TOKEN_CREDENTIALS_URI = 'https://www.googleapis.com/oauth2/v3/token'.freeze
|
11
11
|
|
12
|
-
def
|
13
|
-
|
12
|
+
def authorization_url_options
|
13
|
+
super.merge({ access_type: 'offline', approval_prompt: 'force', include_granted_scopes: true })
|
14
14
|
end
|
15
15
|
|
16
|
-
def
|
17
|
-
|
18
|
-
options[:authorization_uri] ||= AUTHORIZATION_URI
|
19
|
-
options[:scope] ||= Array(SCOPE)
|
20
|
-
options[:token_credential_uri] ||= TOKEN_CREDENTIALS_URI
|
21
|
-
options
|
16
|
+
def credentials(token)
|
17
|
+
token
|
22
18
|
end
|
23
19
|
|
24
|
-
def
|
25
|
-
|
20
|
+
def callback_uri
|
21
|
+
CALLBACK_URI
|
26
22
|
end
|
27
23
|
|
28
|
-
def
|
29
|
-
|
24
|
+
def authorization_uri(_)
|
25
|
+
AUTHORIZATION_URI
|
30
26
|
end
|
31
27
|
|
32
|
-
def
|
33
|
-
|
28
|
+
def scope
|
29
|
+
SCOPE
|
34
30
|
end
|
35
31
|
|
36
|
-
def
|
37
|
-
|
32
|
+
def token_credentials_uri(_)
|
33
|
+
TOKEN_CREDENTIALS_URI
|
38
34
|
end
|
39
35
|
end
|
40
36
|
end
|
data/lib/sitefull-cloud/auth.rb
CHANGED
@@ -1,15 +1,14 @@
|
|
1
|
+
require 'signet/oauth_2/client'
|
1
2
|
require 'forwardable'
|
2
3
|
|
3
4
|
module Sitefull
|
4
5
|
module Cloud
|
5
6
|
class Auth
|
6
7
|
extend Forwardable
|
7
|
-
def_delegators :@
|
8
|
+
def_delegators :@auth, :token_options, :authorization_url_options
|
8
9
|
|
9
|
-
def initialize(
|
10
|
-
|
11
|
-
token(JSON.parse options[:token]) if token_set
|
12
|
-
@provider = provider_class(provider_type).new(options, token_set)
|
10
|
+
def initialize(auth_type, options = {})
|
11
|
+
@auth = auth_class(auth_type).new(options)
|
13
12
|
end
|
14
13
|
|
15
14
|
def authorization_url
|
@@ -21,20 +20,21 @@ module Sitefull
|
|
21
20
|
token.fetch_access_token!
|
22
21
|
end
|
23
22
|
|
24
|
-
def token
|
25
|
-
@token ||= Signet::OAuth2::Client.new(
|
23
|
+
def token
|
24
|
+
@token ||= Signet::OAuth2::Client.new(token_options)
|
26
25
|
end
|
27
26
|
|
28
27
|
def credentials
|
28
|
+
return @credentials unless @credentials.nil?
|
29
29
|
token.refresh!
|
30
|
-
@credentials
|
30
|
+
@credentials = @auth.credentials(token)
|
31
31
|
end
|
32
32
|
|
33
33
|
private
|
34
34
|
|
35
|
-
def
|
36
|
-
require "sitefull-cloud/auth/#{
|
37
|
-
Kernel.const_get "Sitefull::Auth::#{
|
35
|
+
def auth_class(auth_type)
|
36
|
+
require "sitefull-cloud/auth/#{auth_type}"
|
37
|
+
Kernel.const_get "Sitefull::Auth::#{auth_type.capitalize}"
|
38
38
|
end
|
39
39
|
end
|
40
40
|
end
|
@@ -1,3 +1,4 @@
|
|
1
|
+
require 'aws-sdk'
|
1
2
|
require 'sitefull-cloud/provider/amazon/networking'
|
2
3
|
|
3
4
|
module Sitefull
|
@@ -5,13 +6,18 @@ module Sitefull
|
|
5
6
|
module Amazon
|
6
7
|
include Networking
|
7
8
|
|
8
|
-
REQUIRED_OPTIONS =
|
9
|
+
REQUIRED_OPTIONS = %w(role_arn region session_name).freeze
|
9
10
|
MACHINE_TYPES = %w(t2.nano t2.micro t2.small t2.medium t2.large m4.large m4.xlarge m4.2xlarge m4.4xlarge m4.10xlarge m3.medium m3.large m3.xlarge m3.2xlarge).freeze
|
10
11
|
|
11
12
|
DEFAULT_REGION = 'us-east-1'.freeze
|
12
13
|
|
14
|
+
def process(options = {})
|
15
|
+
options[:region] ||= DEFAULT_REGION
|
16
|
+
options
|
17
|
+
end
|
18
|
+
|
13
19
|
def connection
|
14
|
-
@connection ||=
|
20
|
+
@connection ||= Aws::EC2::Client.new(region: options[:region], credentials: credentials)
|
15
21
|
end
|
16
22
|
|
17
23
|
def regions
|
@@ -50,9 +56,7 @@ module Sitefull
|
|
50
56
|
end
|
51
57
|
|
52
58
|
def valid?
|
53
|
-
connection.
|
54
|
-
rescue ::Aws::EC2::Errors::DryRunOperation
|
55
|
-
true
|
59
|
+
!connection.nil?
|
56
60
|
rescue StandardError
|
57
61
|
false
|
58
62
|
end
|
@@ -18,17 +18,17 @@ module Sitefull
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def regions
|
21
|
-
@regions ||= connection.list_zones(project_name).items
|
21
|
+
@regions ||= connection.list_zones(project_name).items.map { |r| OpenStruct.new(id: r.name, name: r.name) }
|
22
22
|
end
|
23
23
|
|
24
24
|
def machine_types(zone)
|
25
|
-
@machine_types ||= connection.list_machine_types(project_name, zone).items
|
25
|
+
@machine_types ||= connection.list_machine_types(project_name, zone).items.map { |m| OpenStruct.new(id: m.self_link, name: m.name) }
|
26
26
|
rescue ::Google::Apis::ClientError
|
27
27
|
[]
|
28
28
|
end
|
29
29
|
|
30
30
|
def images(os)
|
31
|
-
@images ||= project_images(project_name) + project_images("#{os}-cloud")
|
31
|
+
@images ||= (project_images(project_name) + project_images("#{os}-cloud")).map { |i| OpenStruct.new(id: i.self_link, name: i.name) }
|
32
32
|
end
|
33
33
|
|
34
34
|
def create_network
|
@@ -7,9 +7,9 @@ module Sitefull
|
|
7
7
|
attr_reader :type, :options
|
8
8
|
|
9
9
|
def initialize(type, options = {})
|
10
|
-
@options = options unless options.nil?
|
11
10
|
@type = type || 'base'
|
12
11
|
extend(provider_module)
|
12
|
+
@options = respond_to?(:process) ? process(options) : options
|
13
13
|
end
|
14
14
|
|
15
15
|
class << self
|
@@ -27,10 +27,14 @@ module Sitefull
|
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
30
|
+
def auth
|
31
|
+
@auth ||= Sitefull::Cloud::Auth.new(type, options)
|
32
|
+
end
|
33
|
+
|
30
34
|
protected
|
31
35
|
|
32
36
|
def credentials
|
33
|
-
@credentials ||=
|
37
|
+
@credentials ||= auth.credentials
|
34
38
|
end
|
35
39
|
|
36
40
|
private
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sitefull-cloud
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stanimir Dimitrov
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-03-
|
11
|
+
date: 2016-03-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: multi_json
|