stack_master 1.18.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bad7aee1f85637f215e6c429e7ad3a878a85c632494b9de6e08abbeb8202c178
-  data.tar.gz: 6424f5daedb3a84f07867071509cd70af94925afc88d282b4894e605877ed330
+  metadata.gz: 3346fc35ab512ac3e5f4591a9e556efa4dc373ddcba85c68e08640616d23ad21
+  data.tar.gz: d637f865828d695bda3e588ddc8540cfc2fc4af92823ae2067e3d5a1df3cb5fe
 SHA512:
-  metadata.gz: f1c8036e17d0b15258ec8117277beea1451f93878472691433f09095350730341d588ff97ff34f157ffbc60d7ceba63fdeb6cd1489ac49b955da153bedf981ad
-  data.tar.gz: de5a56d9ffe434a132df6e9c6982ced15d97143cf9547a6ccbdbc9064d88f1bd94b8fda93c0e88f4d8ba4680d8dc2e3b6a0bc55a8abc500cf28368278fb08433
+  metadata.gz: 961cb4ea04bf2e3b5a9764f8632886668ef067d7256fe13e087880d068433e585091166cc33bf019007b95c31108b2c7da12f9fd6df479ec2d9f6ed1c6622231
+  data.tar.gz: f4a0dc93816140f06a4986db62269f7354dbb3a986b76bffca671978f51fc5d1b38d349bb1163377918f27e5a276af0975e1e8780a8a51d21993bd186d185f5a

data/README.md

@@ -25,9 +25,8 @@ are displayed for review.
 - Stack events will be displayed until an end state is reached.
 
 Stack parameters can be dynamically resolved at runtime using one of the
-built in parameter resolvers. Parameters can be sourced from GPG encrypted YAML
-files, other stacks outputs, by querying various AWS APIs to get resource ARNs,
-etc.
+built in parameter resolvers. Parameters can be sourced from other stacks
+outputs, or by querying various AWS APIs to get resource ARNs, etc.
 
 ## Installation
 
@@ -64,13 +63,11 @@ stack_defaults:
   role_arn: service_role_arn
 region_defaults:
   us-east-1:
-    secret_file: production.yml.gpg
     tags:
       environment: production
     notification_arns:
       - test_arn
   ap-southeast-2:
-    secret_file: staging.yml.gpg
     tags:
       environment: staging
 stacks:
@@ -138,7 +135,7 @@ stacks:
 
 - `templates` - CloudFormation, SparkleFormation or CfnDsl templates.
 - `parameters` - Parameters as YAML files.
-- `secrets` - GPG encrypted secret files.
+- `secrets` - encrypted secret files.
 - `policies` - Stack policy JSON files.
 
 ## Templates
@@ -264,35 +261,10 @@ into parameters of dependent stacks.
 
 ### Secret
 
-Note: This resolver is not supported on Windows, you can instead use the [Parameter Store](#parameter-store).
+Note: The GPG parameter resolver has been extracted into a dedicated gem. Please install and
+follow the instructions for the [stack_master-gpg_parameter_resolver] gem.
 
-The secret parameters resolver expects a `secret_file` to be defined in the
-stack definition which is a GPG encrypted YAML file. Once decrypted and parsed,
-the value provided to the secret resolver is used to lookup the associated key
-in the secret file. A common use case for this is to store database passwords.
-
-stack_master.yml:
-
-```yaml
-stacks:
-  us-east-1:
-    my_app:
-      template: my_app.json
-      secret_file: production.yml.gpg
-```
-
-secrets/production.yml.gpg, when decrypted:
-
-```yaml
-db_password: my-password
-```
-
-parameters/my_app.yml:
-
-```yaml
-db_password:
-  secret: db_password
-```
+[stack_master-gpg_parameter_resolver]: https://github.com/envato/stack_master-gpg_parameter_resolver
 
 ### Parameter Store
 

data/lib/stack_master.rb

@@ -70,7 +70,6 @@ module StackMaster
     autoload :AmiFinder, 'stack_master/parameter_resolvers/ami_finder'
     autoload :StackOutput, 'stack_master/parameter_resolvers/stack_output'
     autoload :Ejson, 'stack_master/parameter_resolvers/ejson'
-    autoload :Secret, 'stack_master/parameter_resolvers/secret'
     autoload :SnsTopicName, 'stack_master/parameter_resolvers/sns_topic_name'
     autoload :SecurityGroup, 'stack_master/parameter_resolvers/security_group'
     autoload :LatestAmiByTags, 'stack_master/parameter_resolvers/latest_ami_by_tags'

data/lib/stack_master/commands/apply.rb

@@ -148,7 +148,7 @@ module StackMaster
 
       def upload_files
         return unless use_s3?
-        s3.upload_files(s3_options)
+        s3.upload_files(**s3_options)
       end
 
       def template_method

data/lib/stack_master/stack_definition.rb

@@ -9,7 +9,6 @@ module StackMaster
                   :notification_arns,
                   :base_dir,
                   :template_dir,
-                  :secret_file,
                   :ejson_file,
                   :ejson_file_region,
                   :ejson_file_kms,
@@ -47,7 +46,6 @@ module StackMaster
         @allowed_accounts == other.allowed_accounts &&
         @notification_arns == other.notification_arns &&
         @base_dir == other.base_dir &&
-        @secret_file == other.secret_file &&
         @ejson_file == other.ejson_file &&
         @ejson_file_region == other.ejson_file_region &&
         @ejson_file_kms == other.ejson_file_kms &&

data/lib/stack_master/stack_events/fetcher.rb

@@ -1,8 +1,8 @@
 module StackMaster
   module StackEvents
     class Fetcher
-      def self.fetch(*args)
-        new(*args).fetch
+      def self.fetch(stack_name, region, **args)
+        new(stack_name, region, **args).fetch
       end
 
       def initialize(stack_name, region, from: nil)

data/lib/stack_master/stack_events/streamer.rb

@@ -3,8 +3,8 @@ module StackMaster
     class Streamer
       StackFailed = Class.new(StandardError)
 
-      def self.stream(*args, &block)
-        new(*args, &block).stream
+      def self.stream(stack_name, region, **args, &block)
+        new(stack_name, region, **args, &block).stream
       end
 
       def initialize(stack_name, region, from: Time.now, break_on_finish_state: true, sleep_between_fetches: 1, io: nil, &block)

data/lib/stack_master/version.rb

@@ -1,3 +1,3 @@
 module StackMaster
-  VERSION = "1.18.0"
+  VERSION = "2.0.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: stack_master
 version: !ruby/object:Gem::Version
-  version: 1.18.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Steve Hodgkiss
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-12-23 00:00:00.000000000 Z
+date: 2020-01-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -403,20 +403,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: dotgpg
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: ''
 email:
 - steve@hodgkiss.me
@@ -462,7 +448,6 @@ files:
 - lib/stack_master/parameter_resolvers/latest_container.rb
 - lib/stack_master/parameter_resolvers/one_password.rb
 - lib/stack_master/parameter_resolvers/parameter_store.rb
-- lib/stack_master/parameter_resolvers/secret.rb
 - lib/stack_master/parameter_resolvers/security_group.rb
 - lib/stack_master/parameter_resolvers/sns_topic_name.rb
 - lib/stack_master/parameter_resolvers/stack_output.rb
@@ -517,8 +502,8 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/envato/stack_master/issues
   changelog_uri: https://github.com/envato/stack_master/blob/master/CHANGELOG.md
-  documentation_uri: https://www.rubydoc.info/gems/stack_master/1.18.0
-  source_code_uri: https://github.com/envato/stack_master/tree/v1.18.0
+  documentation_uri: https://www.rubydoc.info/gems/stack_master/2.0.0
+  source_code_uri: https://github.com/envato/stack_master/tree/v2.0.0
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -527,15 +512,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.1.0
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6.2
+rubygems_version: 3.0.4
 signing_key: 
 specification_version: 4
 summary: StackMaster is a sure-footed way of creating, updating and keeping track

data/lib/stack_master/parameter_resolvers/secret.rb

@@ -1,52 +0,0 @@
-require 'os'
-
-module StackMaster
-  module ParameterResolvers
-    class Secret < Resolver
-      SecretNotFound = Class.new(StandardError)
-      PlatformNotSupported = Class.new(StandardError)
-
-      unless OS.windows?
-        require 'dotgpg'
-        array_resolver  
-      end
-
-      def initialize(config, stack_definition)
-        @config = config
-        @stack_definition = stack_definition
-      end
-
-      def resolve(value)
-        raise PlatformNotSupported, "The GPG Secret Parameter Resolver does not support Windows" if OS.windows?
-        secret_key = value
-        raise ArgumentError, "No secret_file defined for stack definition #{@stack_definition.stack_name} in #{@stack_definition.region}" unless !@stack_definition.secret_file.nil?
-        raise ArgumentError, "Could not find secret file at #{secret_file_path}" unless File.exist?(secret_file_path)
-        secrets_hash.fetch(secret_key) do
-          raise SecretNotFound, "Unable to find key #{secret_key} in file #{secret_file_path}"
-        end
-      end
-
-      private
-
-      def secrets_hash
-        @secrets_hash ||= YAML.load(decrypt_with_dotgpg)
-      end
-
-      def decrypt_with_dotgpg
-        Dotgpg.interactive = true
-        dir = Dotgpg::Dir.closest(secret_file_path)
-        stream = StringIO.new
-        dir.decrypt(secret_path_relative_to_base, stream)
-        stream.string
-      end
-
-      def secret_path_relative_to_base
-        @secret_path_relative_to_base ||= File.join('secrets', @stack_definition.secret_file)
-      end
-
-      def secret_file_path
-        @secret_file_path ||= File.join(@config.base_dir, secret_path_relative_to_base)
-      end
-    end
-  end
-end