skull_island 2.0.0 → 2.2.0

data/lib/skull_island/resource.rb

@@ -57,9 +57,10 @@ module SkullIsland
         define_method(method_name) do |value|
           raise Exceptions::ImmutableModification if immutable?
 
-          if opts[:validate]
-            raise Exceptions::InvalidArguments, name unless send("validate_#{name}".to_sym, value)
+          if opts[:validate] && !send("validate_#{name}".to_sym, value)
+            raise Exceptions::InvalidArguments, name
           end
+
           @entity[name.to_s] = if opts[:preprocess]
                                  send("preprocess_#{name}".to_sym, value)
                                else
@@ -179,8 +180,10 @@ module SkullIsland
       )
     end
 
-    def self.cleanup_except(project, keep_these)
-      where(:project, project).reject { |res| keep_these.include?(res.id) }.map do |res|
+    def self.cleanup_except(project, keep_these, from_these = nil)
+      old_resources = from_these || where(:project, project)
+
+      old_resources.reject { |res| keep_these.include?(res.id) }.map do |res|
         puts "[WARN] ! Removing #{name} (#{res.id})"
         res.destroy
       end

data/lib/skull_island/resource_collection.rb

@@ -161,9 +161,10 @@ module SkullIsland
     #   use #merge
     # @return [ResourceCollection]
     def +(other)
-      if other.is_a?(self.class)
+      case other
+      when self.class
         self.class.new(@list + other.to_a, type: @type, api_client: @api_client)
-      elsif other.is_a?(@type)
+      when @type
         self.class.new(@list + [other], type: @type, api_client: @api_client)
       else
         raise Exceptions::InvalidArguments
@@ -171,7 +172,7 @@ module SkullIsland
     end
 
     def <<(other)
-      raise Exceptions::InvalidArguments, 'Resource Type Mismatch' unless other.class == @type
+      raise Exceptions::InvalidArguments, 'Resource Type Mismatch' unless other.instance_of?(@type)
 
       @list << other
     end

data/lib/skull_island/resources/ca_certificate.rb

@@ -12,7 +12,10 @@ module SkullIsland
       property :cert, required: true, validate: true
       property :created_at, read_only: true, postprocess: true
       property :tags, validate: true, preprocess: true, postprocess: true
+      # property :name
 
+      # rubocop:disable Metrics/CyclomaticComplexity
+      # rubocop:disable Metrics/PerceivedComplexity
       def self.batch_import(data, verbose: false, test: false, project: nil, time: nil)
         raise(Exceptions::InvalidArguments) unless data.is_a?(Array)
 
@@ -22,6 +25,7 @@ module SkullIsland
           resource = new
           resource.delayed_set(:cert, resource_data)
           resource.tags = resource_data['tags'] if resource_data['tags']
+          resource.name = resource_data['name'] if resource_data['name']
           resource.project = project if project
           resource.import_time = (time || Time.now.utc.to_i) if project
           resource.import_update_or_skip(index: index, verbose: verbose, test: test)
@@ -29,11 +33,16 @@ module SkullIsland
         end
 
         cleanup_except(project, known_ids) if project
+
+        known_ids
       end
+      # rubocop:enable Metrics/CyclomaticComplexity
+      # rubocop:enable Metrics/PerceivedComplexity
 
       def export(options = {})
         hash = { 'cert' => cert }
         hash['tags'] = tags unless tags.empty?
+        hash['name'] = name if name
         [*options[:exclude]].each do |exclude|
           hash.delete(exclude.to_s)
         end
@@ -46,10 +55,19 @@ module SkullIsland
       def modified_existing?
         return false unless new?
 
-        # Find CA certs of the same cert
-        same_cert = self.class.where(:cert, cert)
+        # Find CA certs of the same "name"
+        if name
+          same_name = self.class.where(:name, name)
+
+          existing = same_name.size == 1 ? same_name.first : nil
+        end
 
-        existing = same_cert.size == 1 ? same_cert.first : nil
+        unless existing
+          # Find CA certs of the same cert
+          same_cert = self.class.where(:cert, cert)
+
+          existing = same_cert.size == 1 ? same_cert.first : nil
+        end
 
         if existing
           @entity['id'] = existing.id
@@ -59,6 +77,16 @@ module SkullIsland
         end
       end
 
+      # Simulates retrieving a #name property via a tag
+      def name
+        metatags['name']
+      end
+
+      # Simulates setting a #name property via a tag
+      def name=(value)
+        add_meta('name', value.to_s)
+      end
+
       private
 
       # Used to validate {#cert} on set

data/lib/skull_island/resources/certificate.rb

@@ -12,11 +12,12 @@ module SkullIsland
       property :cert, required: true, validate: true
       property :key, required: true, validate: true
       property :snis, validate: true
+      # property :name
       property :created_at, read_only: true, postprocess: true
       property :tags, validate: true, preprocess: true, postprocess: true
 
-      # rubocop:disable Metrics/CyclomaticComplexity
       # rubocop:disable Metrics/PerceivedComplexity
+      # rubocop:disable Metrics/CyclomaticComplexity
       def self.batch_import(data, verbose: false, test: false, project: nil, time: nil)
         raise(Exceptions::InvalidArguments) unless data.is_a?(Array)
 
@@ -28,6 +29,7 @@ module SkullIsland
           resource.delayed_set(:key, resource_data)
           resource.snis = resource_data['snis'] if resource_data['snis']
           resource.tags = resource_data['tags'] if resource_data['tags']
+          resource.name = resource_data['name'] if resource_data['name']
           resource.project = project if project
           resource.import_time = (time || Time.now.utc.to_i) if project
           resource.import_update_or_skip(index: index, verbose: verbose, test: test)
@@ -35,14 +37,18 @@ module SkullIsland
         end
 
         cleanup_except(project, known_ids) if project
+
+        known_ids
       end
-      # rubocop:enable Metrics/CyclomaticComplexity
       # rubocop:enable Metrics/PerceivedComplexity
+      # rubocop:enable Metrics/CyclomaticComplexity
 
+      # rubocop:disable Metrics/AbcSize
       def export(options = {})
         hash = { 'cert' => cert, 'key' => key }
         hash['snis'] = snis if snis && !snis.empty?
         hash['tags'] = tags unless tags.empty?
+        hash['name'] = name if name
         [*options[:exclude]].each do |exclude|
           hash.delete(exclude.to_s)
         end
@@ -51,14 +57,24 @@ module SkullIsland
         end
         hash.reject { |_, value| value.nil? }
       end
+      # rubocop:enable Metrics/AbcSize
 
       def modified_existing?
         return false unless new?
 
-        # Find certs of the same cert and key
-        same_key = self.class.where(:key, key)
+        # Find certs of the same "name"
+        if name
+          same_name = self.class.where(:name, name)
+
+          existing = same_name.size == 1 ? same_name.first : nil
+        end
 
-        existing = same_key.size == 1 ? same_key.first : nil
+        unless existing
+          # Find certs of the same cert and key
+          same_key = self.class.where(:key, key)
+
+          existing = same_key.size == 1 ? same_key.first : nil
+        end
 
         if existing
           @entity['id'] = existing.id
@@ -68,6 +84,16 @@ module SkullIsland
         end
       end
 
+      # Simulates retrieving a #name property via a tag
+      def name
+        metatags['name']
+      end
+
+      # Simulates setting a #name property via a tag
+      def name=(value)
+        add_meta('name', value.to_s)
+      end
+
       private
 
       # Used to validate {#cert} on set

data/lib/skull_island/resources/consumer.rb

@@ -60,7 +60,7 @@ module SkullIsland
 
           known_acls = AccessControlList.batch_import(
             (
-              resource_data.dig('acls') || []
+              resource_data['acls'] || []
             ).map { |t| t.merge('consumer' => { 'id' => resource.id }) },
             verbose: verbose,
             test: test
@@ -95,6 +95,8 @@ module SkullIsland
         # rubocop:enable Metrics/BlockLength
 
         cleanup_except(project, known_ids) if project
+
+        known_ids
       end
       # rubocop:enable Metrics/MethodLength
 
@@ -103,9 +105,10 @@ module SkullIsland
       end
 
       def add_acl!(details)
-        r = if details.is_a?(AccessControlList)
+        r = case details
+            when AccessControlList
               details
-            elsif details.is_a?(String)
+            when String
               resource = AccessControlList.new(api_client: api_client)
               resource.group = details
               resource
@@ -162,6 +165,7 @@ module SkullIsland
         Plugin.where(:consumer, self, api_client: api_client)
       end
 
+      # rubocop:disable Metrics/AbcSize
       def export(options = {})
         hash = { 'username' => username, 'custom_id' => custom_id }
         creds = credentials_for_export
@@ -176,6 +180,7 @@ module SkullIsland
         end
         hash.reject { |_, value| value.nil? }
       end
+      # rubocop:enable Metrics/AbcSize
 
       def modified_existing?
         return false unless new?

data/lib/skull_island/resources/jwt_credential.rb

@@ -48,6 +48,7 @@ module SkullIsland
         consumer ? "#{consumer.relative_uri}/jwt" : nil
       end
 
+      # rubocop:disable Metrics/AbcSize
       def export(options = {})
         hash = { 'algorithm' => algorithm }
         hash['key'] = key if key
@@ -62,6 +63,7 @@ module SkullIsland
         end
         hash.reject { |_, value| value.nil? }
       end
+      # rubocop:enable Metrics/AbcSize
 
       # Keys can't be updated, only created or deleted
       def modified_existing?
@@ -102,9 +104,10 @@ module SkullIsland
       end
 
       # Used to validate {#algorithm} on set
+      # @see https://github.com/Kong/kong/blob/master/kong/plugins/jwt/daos.lua#L29
       def validate_algorithm(value)
         # allow a String
-        %w[HS256 HS384 HS512 RS256 ES256].include? value
+        %w[HS256 HS384 HS512 RS256 RS512 ES256].include? value
       end
 
       # Used to validate {#key} on set

data/lib/skull_island/resources/plugin.rb

@@ -21,6 +21,7 @@ module SkullIsland
 
       # rubocop:disable Metrics/CyclomaticComplexity
       # rubocop:disable Metrics/PerceivedComplexity
+      # rubocop:disable Metrics/AbcSize
       def self.batch_import(data, verbose: false, test: false, project: nil, time: nil)
         raise(Exceptions::InvalidArguments) unless data.is_a?(Array)
 
@@ -43,9 +44,12 @@ module SkullIsland
         end
 
         cleanup_except(project, known_ids) if project
+
+        known_ids
       end
       # rubocop:enable Metrics/CyclomaticComplexity
       # rubocop:enable Metrics/PerceivedComplexity
+      # rubocop:enable Metrics/AbcSize
 
       def self.enabled_names(api_client: APIClient.instance)
         api_client.get("#{relative_uri}/enabled")['enabled_plugins']
@@ -117,18 +121,19 @@ module SkullIsland
       end
 
       def postprocess_config(value)
-        value.deep_sort.compact
+        value.deep_sort.prune.compact
       end
 
       def postprocess_consumer(value)
-        if value.is_a?(Hash)
+        case value
+        when Hash
           Consumer.new(
             entity: value,
             lazy: true,
             tainted: false,
             api_client: api_client
           )
-        elsif value.is_a?(String)
+        when String
           Consumer.new(
             entity: { 'id' => value },
             lazy: true,
@@ -141,9 +146,10 @@ module SkullIsland
       end
 
       def preprocess_consumer(input)
-        if input.is_a?(Hash)
+        case input
+        when Hash
           input
-        elsif input.is_a?(Consumer)
+        when Consumer
           { 'id' => input.id }
         else
           input
@@ -151,14 +157,15 @@ module SkullIsland
       end
 
       def postprocess_route(value)
-        if value.is_a?(Hash)
+        case value
+        when Hash
           Route.new(
             entity: value,
             lazy: true,
             tainted: false,
             api_client: api_client
           )
-        elsif value.is_a?(String)
+        when String
           Route.new(
             entity: { 'id' => value },
             lazy: true,
@@ -171,9 +178,10 @@ module SkullIsland
       end
 
       def preprocess_route(input)
-        if input.is_a?(Hash)
+        case input
+        when Hash
           input
-        elsif input.is_a?(Route)
+        when Route
           { 'id' => input.id }
         else
           input
@@ -181,14 +189,15 @@ module SkullIsland
       end
 
       def postprocess_service(value)
-        if value.is_a?(Hash)
+        case value
+        when Hash
           Service.new(
             entity: value,
             lazy: true,
             tainted: false,
             api_client: api_client
           )
-        elsif value.is_a?(String)
+        when String
           Service.new(
             entity: { 'id' => value },
             lazy: true,
@@ -201,9 +210,10 @@ module SkullIsland
       end
 
       def preprocess_service(input)
-        if input.is_a?(Hash)
+        case input
+        when Hash
           input
-        elsif input.is_a?(Service)
+        when Service
           { 'id' => input.id }
         else
           input

data/lib/skull_island/resources/route.rb

@@ -20,6 +20,7 @@ module SkullIsland
       property :strip_path,     type: :boolean
       property :preserve_host,  type: :boolean
       property :snis,           validate: true
+      property :path_handling,  validate: true
       property :sources
       property :destinations
       property :service, validate: true, preprocess: true, postprocess: true
@@ -30,7 +31,8 @@ module SkullIsland
       # rubocop:disable Metrics/CyclomaticComplexity
       # rubocop:disable Metrics/PerceivedComplexity
       # rubocop:disable Metrics/AbcSize
-      def self.batch_import(data, verbose: false, test: false, project: nil, time: nil)
+      # rubocop:disable Layout/LineLength
+      def self.batch_import(data, verbose: false, test: false, project: nil, time: nil, cleanup: true)
         raise(Exceptions::InvalidArguments) unless data.is_a?(Array)
 
         known_ids = []
@@ -58,17 +60,22 @@ module SkullIsland
           known_ids << resource.id
         end
 
-        cleanup_except(project, known_ids) if project
+        cleanup_except(project, known_ids) if project && cleanup
+
+        known_ids
       end
       # rubocop:enable Metrics/CyclomaticComplexity
       # rubocop:enable Metrics/PerceivedComplexity
       # rubocop:enable Metrics/AbcSize
+      # rubocop:enable Layout/LineLength
 
       # Provides a collection of related {Plugin} instances
       def plugins
         Plugin.where(:route, self, api_client: api_client)
       end
 
+      # rubocop:disable Metrics/CyclomaticComplexity
+      # rubocop:disable Metrics/PerceivedComplexity
       # rubocop:disable Metrics/AbcSize
       def export(options = {})
         hash = {
@@ -94,6 +101,8 @@ module SkullIsland
         end
         hash.reject { |_, value| value.nil? }
       end
+      # rubocop:enable Metrics/CyclomaticComplexity
+      # rubocop:enable Metrics/PerceivedComplexity
       # rubocop:enable Metrics/AbcSize
 
       def modified_existing?
@@ -135,6 +144,12 @@ module SkullIsland
         end
       end
 
+      # Used to validate {#path_handling} on set
+      def validate_path_handling(value)
+        valid_values = %w[v0 v1]
+        valid_values.include?(value)
+      end
+
       # Used to validate {#protocols} on set
       def validate_protocols(value)
         valid_protos = %w[http https tls tcp grpc grpcs]