sport_ngin_aws_auditor 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +20 -0
- data/.octopolo.yml +4 -0
- data/.rspec +2 -0
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.soyuz.yml +13 -0
- data/.travis.yml +13 -0
- data/CHANGELOG.markdown +30 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +103 -0
- data/Rakefile +2 -0
- data/bin/sport-ngin-aws-auditor +27 -0
- data/lib/sport_ngin_aws_auditor/aws.rb +44 -0
- data/lib/sport_ngin_aws_auditor/cache_instance.rb +69 -0
- data/lib/sport_ngin_aws_auditor/commands/audit.rb +17 -0
- data/lib/sport_ngin_aws_auditor/commands/export.rb +11 -0
- data/lib/sport_ngin_aws_auditor/commands/inspect.rb +12 -0
- data/lib/sport_ngin_aws_auditor/config.rb +51 -0
- data/lib/sport_ngin_aws_auditor/convenience_wrappers.rb +59 -0
- data/lib/sport_ngin_aws_auditor/ec2_instance.rb +119 -0
- data/lib/sport_ngin_aws_auditor/google.rb +62 -0
- data/lib/sport_ngin_aws_auditor/google_sheet.rb +80 -0
- data/lib/sport_ngin_aws_auditor/instance_helper.rb +71 -0
- data/lib/sport_ngin_aws_auditor/notify_slack.rb +31 -0
- data/lib/sport_ngin_aws_auditor/output.rb +13 -0
- data/lib/sport_ngin_aws_auditor/rds_instance.rb +78 -0
- data/lib/sport_ngin_aws_auditor/scripts/audit.rb +124 -0
- data/lib/sport_ngin_aws_auditor/scripts/export.rb +146 -0
- data/lib/sport_ngin_aws_auditor/scripts/inspect.rb +44 -0
- data/lib/sport_ngin_aws_auditor/stack.rb +63 -0
- data/lib/sport_ngin_aws_auditor/version.rb +3 -0
- data/lib/sport_ngin_aws_auditor.rb +14 -0
- data/spec/spec_helper.rb +45 -0
- data/spec/sport_ngin_aws_auditor/aws_spec.rb +48 -0
- data/spec/sport_ngin_aws_auditor/cache_instance_spec.rb +125 -0
- data/spec/sport_ngin_aws_auditor/config_spec.rb +44 -0
- data/spec/sport_ngin_aws_auditor/ec2_instance_spec.rb +181 -0
- data/spec/sport_ngin_aws_auditor/notify_slack_spec.rb +33 -0
- data/spec/sport_ngin_aws_auditor/rds_instance_spec.rb +140 -0
- data/sport_ngin_aws_auditor.gemspec +33 -0
- metadata +251 -0
@@ -0,0 +1,63 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
|
3
|
+
module SportNginAwsAuditor
|
4
|
+
class Stack
|
5
|
+
extend OpsWorksWrapper
|
6
|
+
extend EC2Wrapper
|
7
|
+
|
8
|
+
class << self
|
9
|
+
attr_accessor :instances, :stacks
|
10
|
+
end
|
11
|
+
|
12
|
+
attr_accessor :id, :name, :instances
|
13
|
+
def initialize(aws_stack)
|
14
|
+
@id = aws_stack[:stack_id]
|
15
|
+
@name = aws_stack[:name]
|
16
|
+
@instances = get_instances.compact
|
17
|
+
end
|
18
|
+
|
19
|
+
def get_instances
|
20
|
+
return @instances if @instances
|
21
|
+
@instances = self.class.opsworks.describe_instances({stack_id: id})[:instances].map do |instance|
|
22
|
+
next unless instance[:status].to_s == 'online'
|
23
|
+
self.class.all_instances[instance[:ec2_instance_id]].stack_id = id
|
24
|
+
self.class.all_instances[instance[:ec2_instance_id]]
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
def print_instances
|
29
|
+
EC2Instance.instance_count_hash(self.instances).each do |key,value|
|
30
|
+
say "<%= color('#{key}: #{value}', :white) %>"
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def pretty_print
|
35
|
+
puts "----------------------------------"
|
36
|
+
puts "#{@name}"
|
37
|
+
puts "----------------------------------"
|
38
|
+
print_instances
|
39
|
+
puts "\n"
|
40
|
+
end
|
41
|
+
|
42
|
+
def self.all
|
43
|
+
return @stacks if @stacks
|
44
|
+
@stacks = opsworks.describe_stacks.data[:stacks].map do |stack|
|
45
|
+
new(stack)
|
46
|
+
end.sort! { |a,b| a.name.downcase <=> b.name.downcase }
|
47
|
+
end
|
48
|
+
|
49
|
+
def self.all_instances
|
50
|
+
@all_instances ||= EC2Instance.instance_hash
|
51
|
+
end
|
52
|
+
|
53
|
+
def self.instances_without_stack
|
54
|
+
all #simply getting all stacks to make sure instance stack_ids is set
|
55
|
+
all_instances.map do |id, instance|
|
56
|
+
next if instance.stack_id
|
57
|
+
instance
|
58
|
+
end.compact
|
59
|
+
end
|
60
|
+
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
@@ -0,0 +1,14 @@
|
|
1
|
+
require_relative 'sport_ngin_aws_auditor/version'
|
2
|
+
require_relative 'sport_ngin_aws_auditor/convenience_wrappers'
|
3
|
+
require_relative 'sport_ngin_aws_auditor/ec2_instance'
|
4
|
+
require_relative 'sport_ngin_aws_auditor/rds_instance'
|
5
|
+
require_relative 'sport_ngin_aws_auditor/cache_instance'
|
6
|
+
require_relative 'sport_ngin_aws_auditor/stack'
|
7
|
+
require_relative 'sport_ngin_aws_auditor/google_sheet'
|
8
|
+
require_relative 'sport_ngin_aws_auditor/output'
|
9
|
+
require_relative 'sport_ngin_aws_auditor/config'
|
10
|
+
require_relative 'sport_ngin_aws_auditor/notify_slack'
|
11
|
+
|
12
|
+
module SportNginAwsAuditor
|
13
|
+
|
14
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
require 'aws-sdk'
|
2
|
+
require 'slack-notifier'
|
3
|
+
|
4
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
5
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
6
|
+
# The generated `.rspec` file contains `--require spec_helper` which will cause
|
7
|
+
# this file to always be loaded, without a need to explicitly require it in any
|
8
|
+
# files.
|
9
|
+
#
|
10
|
+
# Given that it is always loaded, you are encouraged to keep this file as
|
11
|
+
# light-weight as possible. Requiring heavyweight dependencies from this file
|
12
|
+
# will add to the boot time of your test suite on EVERY test run, even for an
|
13
|
+
# individual file that may not need all of that loaded. Instead, consider making
|
14
|
+
# a separate helper file that requires the additional dependencies and performs
|
15
|
+
# the additional setup, and require it from the spec files that actually need
|
16
|
+
# it.
|
17
|
+
#
|
18
|
+
# The `.rspec` file also contains a few flags that are not defaults but that
|
19
|
+
# users commonly want.
|
20
|
+
#
|
21
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
22
|
+
RSpec.configure do |config|
|
23
|
+
# rspec-expectations config goes here. You can use an alternate
|
24
|
+
# assertion/expectation library such as wrong or the stdlib/minitest
|
25
|
+
# assertions if you prefer.
|
26
|
+
config.expect_with :rspec do |expectations|
|
27
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
28
|
+
# and `failure_message` of custom matchers include text for helper methods
|
29
|
+
# defined using `chain`, e.g.:
|
30
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
31
|
+
# # => "be bigger than 2 and smaller than 4"
|
32
|
+
# ...rather than:
|
33
|
+
# # => "be bigger than 2"
|
34
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
35
|
+
end
|
36
|
+
|
37
|
+
# rspec-mocks config goes here. You can use an alternate test double
|
38
|
+
# library (such as bogus or mocha) by changing the `mock_with` option here.
|
39
|
+
config.mock_with :rspec do |mocks|
|
40
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
41
|
+
# a real object. This is generally recommended, and will default to
|
42
|
+
# `true` in RSpec 4.
|
43
|
+
mocks.verify_partial_doubles = true
|
44
|
+
end
|
45
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
require "sport_ngin_aws_auditor"
|
2
|
+
|
3
|
+
module SportNginAwsAuditor
|
4
|
+
describe AWSSDK do
|
5
|
+
context 'without mfa' do
|
6
|
+
before :each do
|
7
|
+
mfa_devices = double('mfa_devices', mfa_devices: [])
|
8
|
+
iam_client = double('iam_client', list_mfa_devices: mfa_devices)
|
9
|
+
allow(Aws::IAM::Client).to receive(:new).and_return(iam_client)
|
10
|
+
end
|
11
|
+
|
12
|
+
it "should receive new Aws::SharedCredentials" do
|
13
|
+
expect(Aws::SharedCredentials).to receive(:new).with(profile_name: 'staging')
|
14
|
+
AWSSDK::authenticate('staging')
|
15
|
+
end
|
16
|
+
|
17
|
+
it "should update configs" do
|
18
|
+
coffee_types = {:coffee => "cappuccino", :beans => "arabica"}
|
19
|
+
allow(Aws::SharedCredentials).to receive(:new).and_return(coffee_types)
|
20
|
+
expect(Aws.config).to receive(:update).with({region: 'us-east-1', credentials: coffee_types})
|
21
|
+
AWSSDK::authenticate('staging')
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
context 'with mfa' do
|
26
|
+
it "should use MFA if it should" do
|
27
|
+
shared_credentials = double('shared_credentials', access_key_id: 'access_key_id',
|
28
|
+
secret_access_key: 'secret_access_key')
|
29
|
+
shared_creds = double('shared_creds', credentials: shared_credentials)
|
30
|
+
cred_double = double('cred_hash', access_key_id: 'access_key_id',
|
31
|
+
secret_access_key: 'secret_access_key',
|
32
|
+
session_token: 'session_token')
|
33
|
+
new_creds = double('new_creds', credentials: cred_double)
|
34
|
+
sts = double('sts', get_session_token: new_creds)
|
35
|
+
allow(Output).to receive(:ask).and_return(123456)
|
36
|
+
allow(Aws::STS::Client).to receive(:new).and_return(sts)
|
37
|
+
device = double('mfa_device', serial_number: "arn:aws:iam::1234567890:mfa/test.user")
|
38
|
+
mfa_devices = double('mfa_devices', mfa_devices: [device])
|
39
|
+
iam_client = double('iam_client', list_mfa_devices: mfa_devices)
|
40
|
+
allow(Aws::IAM::Client).to receive(:new).and_return(iam_client)
|
41
|
+
|
42
|
+
expect(Aws::Credentials).to receive(:new).and_return(cred_double).at_least(:once)
|
43
|
+
expect(Aws::SharedCredentials).to receive(:new).and_return(shared_creds)
|
44
|
+
AWSSDK::authenticate('staging')
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -0,0 +1,125 @@
|
|
1
|
+
require "sport_ngin_aws_auditor"
|
2
|
+
|
3
|
+
module SportNginAwsAuditor
|
4
|
+
describe CacheInstance do
|
5
|
+
|
6
|
+
before :each do
|
7
|
+
identity = double('identity', account: 123456789)
|
8
|
+
client = double('client', get_caller_identity: identity)
|
9
|
+
allow(Aws::STS::Client).to receive(:new).and_return(client)
|
10
|
+
end
|
11
|
+
|
12
|
+
after :each do
|
13
|
+
CacheInstance.instance_variable_set("@instances", nil)
|
14
|
+
CacheInstance.instance_variable_set("@reserved_instances", nil)
|
15
|
+
end
|
16
|
+
|
17
|
+
context "for normal cache_instances" do
|
18
|
+
before :each do
|
19
|
+
cache_instance1 = double('cache_instance', cache_cluster_id: "job-queue-cluster",
|
20
|
+
cache_node_type: "cache.t2.small",
|
21
|
+
engine: "redis",
|
22
|
+
cache_cluster_status: "available",
|
23
|
+
num_cache_nodes: 1,
|
24
|
+
preferred_availability_zone: "us-east-1d",
|
25
|
+
class: "Aws::ElastiCache::Types::CacheCluster")
|
26
|
+
cache_instance2 = double('cache_instance', cache_cluster_id: "job-queue-cluster",
|
27
|
+
cache_node_type: "cache.t2.medium",
|
28
|
+
engine: "mysql",
|
29
|
+
cache_cluster_status: "available",
|
30
|
+
num_cache_nodes: 1,
|
31
|
+
preferred_availability_zone: "us-east-1d",
|
32
|
+
class: "Aws::ElastiCache::Types::CacheCluster")
|
33
|
+
cache_clusters = double('cache_cluster', cache_clusters: [cache_instance1, cache_instance2])
|
34
|
+
tag1 = double('tag', key: "cookie", value: "chocolate chip")
|
35
|
+
tag2 = double('tag', key: "ice cream", value: "oreo")
|
36
|
+
tags = double('tags', tag_list: [tag1, tag2])
|
37
|
+
cache_client = double('cache_client', describe_cache_clusters: cache_clusters, list_tags_for_resource: tags)
|
38
|
+
allow(CacheInstance).to receive(:cache).and_return(cache_client)
|
39
|
+
end
|
40
|
+
|
41
|
+
it "should make a cache_instance for each instance" do
|
42
|
+
instances = CacheInstance::get_instances("tag_name")
|
43
|
+
expect(instances.first).to be_an_instance_of(CacheInstance)
|
44
|
+
expect(instances.last).to be_an_instance_of(CacheInstance)
|
45
|
+
end
|
46
|
+
|
47
|
+
it "should return an array of cache_instances" do
|
48
|
+
instances = CacheInstance::get_instances("tag_name")
|
49
|
+
expect(instances).not_to be_empty
|
50
|
+
expect(instances.length).to eq(2)
|
51
|
+
end
|
52
|
+
|
53
|
+
it "should have proper variables set" do
|
54
|
+
instances = CacheInstance::get_instances("tag_name")
|
55
|
+
instance = instances.first
|
56
|
+
expect(instance.id).to eq("job-queue-cluster")
|
57
|
+
expect(instance.name).to eq("job-queue-cluster")
|
58
|
+
expect(instance.instance_type).to eq("cache.t2.small")
|
59
|
+
expect(instance.engine).to eq("redis")
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
context "for reserved_cache_instances" do
|
64
|
+
before :each do
|
65
|
+
reserved_cache_instance1 = double('reserved_cache_instance', reserved_cache_node_id: "job-queue-cluster",
|
66
|
+
cache_node_type: "cache.t2.small",
|
67
|
+
product_description: "redis",
|
68
|
+
state: "active",
|
69
|
+
cache_node_count: 1,
|
70
|
+
class: "Aws::ElastiCache::Types::ReservedCacheNode")
|
71
|
+
reserved_cache_instance2 = double('reserved_cache_instance', reserved_cache_node_id: "job-queue-cluster",
|
72
|
+
cache_node_type: "cache.t2.medium",
|
73
|
+
product_description: "mysql",
|
74
|
+
state: "active",
|
75
|
+
cache_node_count: 1,
|
76
|
+
class: "Aws::ElastiCache::Types::ReservedCacheNode")
|
77
|
+
reserved_cache_nodes = double('cache_cluster', reserved_cache_nodes: [reserved_cache_instance1, reserved_cache_instance2])
|
78
|
+
cache_client = double('cache_client', describe_reserved_cache_nodes: reserved_cache_nodes)
|
79
|
+
allow(CacheInstance).to receive(:cache).and_return(cache_client)
|
80
|
+
end
|
81
|
+
|
82
|
+
it "should make a reserved_cache_instance for each instance" do
|
83
|
+
reserved_instances = CacheInstance::get_reserved_instances
|
84
|
+
expect(reserved_instances.first).to be_an_instance_of(CacheInstance)
|
85
|
+
expect(reserved_instances.last).to be_an_instance_of(CacheInstance)
|
86
|
+
end
|
87
|
+
|
88
|
+
it "should return an array of reserved_cache_instances" do
|
89
|
+
reserved_instances = CacheInstance::get_reserved_instances
|
90
|
+
expect(reserved_instances).not_to be_empty
|
91
|
+
expect(reserved_instances.length).to eq(2)
|
92
|
+
end
|
93
|
+
|
94
|
+
it "should have proper variables set" do
|
95
|
+
reserved_instances = CacheInstance::get_reserved_instances
|
96
|
+
reserved_instance = reserved_instances.first
|
97
|
+
expect(reserved_instance.id).to eq("job-queue-cluster")
|
98
|
+
expect(reserved_instance.name).to eq("job-queue-cluster")
|
99
|
+
expect(reserved_instance.instance_type).to eq("cache.t2.small")
|
100
|
+
expect(reserved_instance.engine).to eq("redis")
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
context "for returning pretty string formats" do
|
105
|
+
it "should return a string version of the name of the cache_instance" do
|
106
|
+
cache_instance = double('cache_instance', cache_cluster_id: "job-queue-cluster",
|
107
|
+
cache_node_type: "cache.t2.small",
|
108
|
+
engine: "redis",
|
109
|
+
cache_cluster_status: "available",
|
110
|
+
num_cache_nodes: 1,
|
111
|
+
preferred_availability_zone: "us-east-1d",
|
112
|
+
class: "Aws::ElastiCache::Types::CacheCluster")
|
113
|
+
cache_clusters = double('cache_cluster', cache_clusters: [cache_instance])
|
114
|
+
tag1 = double('tag', key: "cookie", value: "chocolate chip")
|
115
|
+
tag2 = double('tag', key: "ice cream", value: "oreo")
|
116
|
+
tags = double('tags', tag_list: [tag1, tag2])
|
117
|
+
cache_client = double('cache_client', describe_cache_clusters: cache_clusters, list_tags_for_resource: tags)
|
118
|
+
allow(CacheInstance).to receive(:cache).and_return(cache_client)
|
119
|
+
instances = CacheInstance::get_instances("tag_name")
|
120
|
+
instance = instances.first
|
121
|
+
expect(instance.to_s).to eq("redis cache.t2.small")
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'sport_ngin_aws_auditor'
|
3
|
+
|
4
|
+
module SportNginAwsAuditor
|
5
|
+
describe Config do
|
6
|
+
|
7
|
+
context "config key methods" do
|
8
|
+
it "should return nil when not set" do
|
9
|
+
expect(SportNginAwsAuditor::Config.doesnt_exist).to eql(nil)
|
10
|
+
expect(SportNginAwsAuditor::Config.doesnt_exist?).to eql(false)
|
11
|
+
end
|
12
|
+
it "should return the config value when set" do
|
13
|
+
SportNginAwsAuditor::Config.new_value = "testing"
|
14
|
+
expect(SportNginAwsAuditor::Config.new_value).to eql("testing")
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
context "after loading a config file" do
|
19
|
+
before do
|
20
|
+
config_file = {"domain" => "example_domain",
|
21
|
+
"slack" => {"slack_option" => true,
|
22
|
+
"username" => "Rspec Tester",
|
23
|
+
"icon_url" => "http://fake.url",
|
24
|
+
"channel" => "#test-channel",
|
25
|
+
"webhook" => "https://slack.web.hook"}}
|
26
|
+
allow(YAML).to receive(:load_file).and_return(config_file)
|
27
|
+
allow(File).to receive(:exist?).and_return(true)
|
28
|
+
SportNginAwsAuditor::Config.load("dummy/path")
|
29
|
+
end
|
30
|
+
|
31
|
+
it "calling a method corresponding to a key in the file should return the value" do
|
32
|
+
expect(SportNginAwsAuditor::Config.domain).to eql("example_domain")
|
33
|
+
expect(SportNginAwsAuditor::Config.slack).to be_kind_of(Hash)
|
34
|
+
expect(SportNginAwsAuditor::Config.slack[:slack_option]).to eql(true)
|
35
|
+
end
|
36
|
+
|
37
|
+
it "overwriting values should work" do
|
38
|
+
expect(SportNginAwsAuditor::Config.slack).to be_kind_of(Hash)
|
39
|
+
SportNginAwsAuditor::Config.slack = "this is a string now"
|
40
|
+
expect(SportNginAwsAuditor::Config.slack).to eql("this is a string now")
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,181 @@
|
|
1
|
+
require "sport_ngin_aws_auditor"
|
2
|
+
|
3
|
+
module SportNginAwsAuditor
|
4
|
+
describe EC2Instance do
|
5
|
+
|
6
|
+
after :each do
|
7
|
+
EC2Instance.instance_variable_set("@instances", nil)
|
8
|
+
EC2Instance.instance_variable_set("@reserved_instances", nil)
|
9
|
+
end
|
10
|
+
|
11
|
+
context "for normal ec2_instances" do
|
12
|
+
before :each do
|
13
|
+
state = double('state', name: 'running')
|
14
|
+
placement = double('placement', availability_zone: "us-east-1d")
|
15
|
+
tag1 = double('tag', key: "cookie", value: "chocolate chip")
|
16
|
+
tag2 = double('tag', key: "ice cream", value: "oreo")
|
17
|
+
instance_tags = [tag1, tag2]
|
18
|
+
ec2_instance1 = double('ec2_instance', instance_id: "i-thisisfake",
|
19
|
+
instance_type: "t2.large",
|
20
|
+
vpc_id: "vpc-alsofake",
|
21
|
+
platform: nil,
|
22
|
+
state: state,
|
23
|
+
placement: placement,
|
24
|
+
tags: instance_tags,
|
25
|
+
class: "Aws::EC2::Types::Instance")
|
26
|
+
ec2_instance2 = double('ec2_instance', instance_id: "i-thisisfake",
|
27
|
+
instance_type: "t2.large",
|
28
|
+
vpc_id: "vpc-alsofake",
|
29
|
+
platform: nil,
|
30
|
+
state: state,
|
31
|
+
placement: placement,
|
32
|
+
tags: instance_tags,
|
33
|
+
class: "Aws::EC2::Types::Instance")
|
34
|
+
ec2_reservations = double('ec2_reservations', instances: [ec2_instance1, ec2_instance2])
|
35
|
+
ec2_instances = double('ec2_instances', reservations: [ec2_reservations])
|
36
|
+
name_tag = { key: "Name", value: "our-app-instance-100" }
|
37
|
+
stack_tag = { key: "opsworks:stack", value: "our_app_service_2" }
|
38
|
+
client_tags = double('tags', tags: [name_tag, stack_tag])
|
39
|
+
ec2_client = double('rds_client', describe_instances: ec2_instances, describe_tags: client_tags)
|
40
|
+
allow(EC2Instance).to receive(:ec2).and_return(ec2_client)
|
41
|
+
end
|
42
|
+
|
43
|
+
it "should make an ec2_instance for each instance" do
|
44
|
+
instances = EC2Instance::get_instances("tag_name")
|
45
|
+
expect(instances.first).to be_an_instance_of(EC2Instance)
|
46
|
+
expect(instances.last).to be_an_instance_of(EC2Instance)
|
47
|
+
end
|
48
|
+
|
49
|
+
it "should return an array of ec2_instances" do
|
50
|
+
instances = EC2Instance::get_instances("tag_name")
|
51
|
+
expect(instances).not_to be_empty
|
52
|
+
expect(instances.length).to eq(2)
|
53
|
+
end
|
54
|
+
|
55
|
+
it "should have proper variables set" do
|
56
|
+
instances = EC2Instance::get_instances("tag_name")
|
57
|
+
instance = instances.first
|
58
|
+
expect(instance.stack_name).to eq("our_app_service_2")
|
59
|
+
expect(instance.name).to eq("our-app-instance-100")
|
60
|
+
expect(instance.id).to eq("i-thisisfake")
|
61
|
+
expect(instance.availability_zone).to eq("us-east-1d")
|
62
|
+
expect(instance.instance_type).to eq("t2.large")
|
63
|
+
expect(instance.platform).to eq("VPC")
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
context "for reserved_ec2_instances" do
|
68
|
+
before :each do
|
69
|
+
reserved_ec2_instance1 = double('reserved_ec2_instance', reserved_instances_id: "12345-dfas-1234-asdf-thisisfake!!",
|
70
|
+
instance_type: "t2.medium",
|
71
|
+
product_description: "Linux/UNIX (Amazon VPC)",
|
72
|
+
state: "active",
|
73
|
+
availability_zone: "us-east-1b",
|
74
|
+
instance_count: 4,
|
75
|
+
class: "Aws::EC2::Types::ReservedInstances")
|
76
|
+
reserved_ec2_instance2 = double('reserved_ec2_instance', reserved_instances_id: "12345-dfas-1234-asdf-thisisalsofake",
|
77
|
+
instance_type: "t2.small",
|
78
|
+
product_description: "Linux/UNIX (Amazon VPC)",
|
79
|
+
state: "active",
|
80
|
+
availability_zone: "us-east-1b",
|
81
|
+
instance_count: 2,
|
82
|
+
class: "Aws::EC2::Types::ReservedInstances")
|
83
|
+
reserved_ec2_instances = double('reserved_ec2_instances', reserved_instances: [reserved_ec2_instance1, reserved_ec2_instance2])
|
84
|
+
ec2_client = double('rds_client', describe_reserved_instances: reserved_ec2_instances)
|
85
|
+
allow(EC2Instance).to receive(:ec2).and_return(ec2_client)
|
86
|
+
end
|
87
|
+
|
88
|
+
it "should make a reserved_ec2_instance for each instance" do
|
89
|
+
reserved_instances = EC2Instance::get_reserved_instances
|
90
|
+
expect(reserved_instances.first).to be_an_instance_of(EC2Instance)
|
91
|
+
expect(reserved_instances.last).to be_an_instance_of(EC2Instance)
|
92
|
+
end
|
93
|
+
|
94
|
+
it "should return an array of reserved_ec2_instances" do
|
95
|
+
reserved_instances = EC2Instance::get_reserved_instances
|
96
|
+
expect(reserved_instances).not_to be_empty
|
97
|
+
expect(reserved_instances.length).to eq(2)
|
98
|
+
end
|
99
|
+
|
100
|
+
it "should have proper variables set" do
|
101
|
+
reserved_instances = EC2Instance::get_reserved_instances
|
102
|
+
reserved_instance = reserved_instances.first
|
103
|
+
expect(reserved_instance.id).to eq("12345-dfas-1234-asdf-thisisfake!!")
|
104
|
+
expect(reserved_instance.platform).to eq("VPC")
|
105
|
+
expect(reserved_instance.availability_zone).to eq("us-east-1b")
|
106
|
+
expect(reserved_instance.instance_type).to eq("t2.medium")
|
107
|
+
expect(reserved_instance.count).to eq(4)
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
111
|
+
context "for returning pretty string formats" do
|
112
|
+
it "should return a string version of the name of the reserved_rds_instance" do
|
113
|
+
state = double('state', name: 'running')
|
114
|
+
placement = double('placement', availability_zone: "us-east-1d")
|
115
|
+
tag1 = double('tag', key: "cookie", value: "chocolate chip")
|
116
|
+
tag2 = double('tag', key: "ice cream", value: "oreo")
|
117
|
+
instance_tags = [tag1, tag2]
|
118
|
+
ec2_instance = double('ec2_instance', instance_id: "i-thisisfake",
|
119
|
+
instance_type: "t2.large",
|
120
|
+
vpc_id: "vpc-alsofake",
|
121
|
+
platform: nil,
|
122
|
+
state: state,
|
123
|
+
placement: placement,
|
124
|
+
tags: instance_tags,
|
125
|
+
class: "Aws::EC2::Types::Instance")
|
126
|
+
ec2_reservations = double('ec2_reservations', instances: [ec2_instance])
|
127
|
+
ec2_instances = double('ec2_instances', reservations: [ec2_reservations])
|
128
|
+
name_tag = { key: "Name", value: "our-app-instance-100" }
|
129
|
+
stack_tag = { key: "opsworks:stack", value: "our_app_service_2" }
|
130
|
+
tags = double('tags', tags: [name_tag, stack_tag])
|
131
|
+
ec2_client = double('rds_client', describe_instances: ec2_instances, describe_tags: tags)
|
132
|
+
allow(EC2Instance).to receive(:ec2).and_return(ec2_client)
|
133
|
+
instances = EC2Instance::get_instances("tag_name")
|
134
|
+
instance = instances.first
|
135
|
+
expect(instance.to_s).to eq("VPC us-east-1d t2.large")
|
136
|
+
end
|
137
|
+
end
|
138
|
+
|
139
|
+
context "when bucketizing" do
|
140
|
+
before :each do
|
141
|
+
state = double('state', name: 'running')
|
142
|
+
placement = double('placement', availability_zone: "us-east-1d")
|
143
|
+
ec2_instance1 = double('ec2_instance', instance_id: "i-thisisfake",
|
144
|
+
instance_type: "t2.large",
|
145
|
+
vpc_id: "vpc-alsofake",
|
146
|
+
platform: nil,
|
147
|
+
state: state,
|
148
|
+
placement: placement,
|
149
|
+
class: "Aws::EC2::Types::Instance")
|
150
|
+
ec2_instance2 = double('ec2_instance', instance_id: "i-alsofake",
|
151
|
+
instance_type: "t2.small",
|
152
|
+
vpc_id: "vpc-alsofake",
|
153
|
+
platform: nil,
|
154
|
+
state: state,
|
155
|
+
placement: placement,
|
156
|
+
class: "Aws::EC2::Types::Instance")
|
157
|
+
ec2_reservations = double('ec2_reservations', instances: [ec2_instance1, ec2_instance2])
|
158
|
+
ec2_instances = double('ec2_instances', reservations: [ec2_reservations])
|
159
|
+
name_tag = { key: "Name", value: "our-app-instance-100" }
|
160
|
+
stack_tag = { key: "opsworks:stack", value: "our_app_service_2" }
|
161
|
+
tags = double('tags', tags: [name_tag, stack_tag])
|
162
|
+
ec2_client = double('rds_client', describe_instances: ec2_instances, describe_tags: tags)
|
163
|
+
allow(EC2Instance).to receive(:ec2).and_return(ec2_client)
|
164
|
+
end
|
165
|
+
|
166
|
+
it "should return a hash where the first element's key is the opsworks:stack name of the instances" do
|
167
|
+
instances = EC2Instance::get_instances
|
168
|
+
buckets = EC2Instance::bucketize
|
169
|
+
expect(buckets.first.first).to eq("our_app_service_2")
|
170
|
+
end
|
171
|
+
|
172
|
+
it "should return a hash where each element is a list of ec2_instances" do
|
173
|
+
instances = EC2Instance::get_instances
|
174
|
+
buckets = EC2Instance::bucketize
|
175
|
+
expect(buckets).not_to be_empty
|
176
|
+
expect(buckets.length).to eq(1)
|
177
|
+
expect(buckets.first.length).to eq(2)
|
178
|
+
end
|
179
|
+
end
|
180
|
+
end
|
181
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require "sport_ngin_aws_auditor"
|
2
|
+
|
3
|
+
module SportNginAwsAuditor
|
4
|
+
describe NotifySlack do
|
5
|
+
before :each do
|
6
|
+
config_file = {"slack" => {"channel" => "#random-test-channel",
|
7
|
+
"username" => "Random User",
|
8
|
+
"webhook" => "https://hooks.slack.com/services/totallyrandom/fakewebhookurl",
|
9
|
+
"icon_url" => "http://random-picture.jpg"}
|
10
|
+
}
|
11
|
+
expect(YAML).to receive(:load_file).and_return(config_file)
|
12
|
+
expect(File).to receive(:exist?).and_return(true)
|
13
|
+
SportNginAwsAuditor::Config.load("dummy/path")
|
14
|
+
end
|
15
|
+
|
16
|
+
it 'should ping Slack Notifier' do
|
17
|
+
notifier = double('notifier', ping: true)
|
18
|
+
allow(Slack::Notifier).to receive(:new).and_return(notifier)
|
19
|
+
expect(notifier).to receive(:ping).and_return(true)
|
20
|
+
message = NotifySlack.new("Test message")
|
21
|
+
message.perform
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'should define certain values' do
|
25
|
+
message = NotifySlack.new("Test message")
|
26
|
+
expect(message.text).to eq("Test message")
|
27
|
+
expect(message.channel).to eq("#random-test-channel")
|
28
|
+
expect(message.username).to eq("Random User")
|
29
|
+
expect(message.webhook).to eq("https://hooks.slack.com/services/totallyrandom/fakewebhookurl")
|
30
|
+
expect(message.icon_url).to eq("http://random-picture.jpg")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|