stack_master 1.18.0 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bad7aee1f85637f215e6c429e7ad3a878a85c632494b9de6e08abbeb8202c178
4
- data.tar.gz: 6424f5daedb3a84f07867071509cd70af94925afc88d282b4894e605877ed330
3
+ metadata.gz: 3346fc35ab512ac3e5f4591a9e556efa4dc373ddcba85c68e08640616d23ad21
4
+ data.tar.gz: d637f865828d695bda3e588ddc8540cfc2fc4af92823ae2067e3d5a1df3cb5fe
5
5
  SHA512:
6
- metadata.gz: f1c8036e17d0b15258ec8117277beea1451f93878472691433f09095350730341d588ff97ff34f157ffbc60d7ceba63fdeb6cd1489ac49b955da153bedf981ad
7
- data.tar.gz: de5a56d9ffe434a132df6e9c6982ced15d97143cf9547a6ccbdbc9064d88f1bd94b8fda93c0e88f4d8ba4680d8dc2e3b6a0bc55a8abc500cf28368278fb08433
6
+ metadata.gz: 961cb4ea04bf2e3b5a9764f8632886668ef067d7256fe13e087880d068433e585091166cc33bf019007b95c31108b2c7da12f9fd6df479ec2d9f6ed1c6622231
7
+ data.tar.gz: f4a0dc93816140f06a4986db62269f7354dbb3a986b76bffca671978f51fc5d1b38d349bb1163377918f27e5a276af0975e1e8780a8a51d21993bd186d185f5a
data/README.md CHANGED
@@ -25,9 +25,8 @@ are displayed for review.
25
25
  - Stack events will be displayed until an end state is reached.
26
26
 
27
27
  Stack parameters can be dynamically resolved at runtime using one of the
28
- built in parameter resolvers. Parameters can be sourced from GPG encrypted YAML
29
- files, other stacks outputs, by querying various AWS APIs to get resource ARNs,
30
- etc.
28
+ built in parameter resolvers. Parameters can be sourced from other stacks
29
+ outputs, or by querying various AWS APIs to get resource ARNs, etc.
31
30
 
32
31
  ## Installation
33
32
 
@@ -64,13 +63,11 @@ stack_defaults:
64
63
  role_arn: service_role_arn
65
64
  region_defaults:
66
65
  us-east-1:
67
- secret_file: production.yml.gpg
68
66
  tags:
69
67
  environment: production
70
68
  notification_arns:
71
69
  - test_arn
72
70
  ap-southeast-2:
73
- secret_file: staging.yml.gpg
74
71
  tags:
75
72
  environment: staging
76
73
  stacks:
@@ -138,7 +135,7 @@ stacks:
138
135
 
139
136
  - `templates` - CloudFormation, SparkleFormation or CfnDsl templates.
140
137
  - `parameters` - Parameters as YAML files.
141
- - `secrets` - GPG encrypted secret files.
138
+ - `secrets` - encrypted secret files.
142
139
  - `policies` - Stack policy JSON files.
143
140
 
144
141
  ## Templates
@@ -264,35 +261,10 @@ into parameters of dependent stacks.
264
261
 
265
262
  ### Secret
266
263
 
267
- Note: This resolver is not supported on Windows, you can instead use the [Parameter Store](#parameter-store).
264
+ Note: The GPG parameter resolver has been extracted into a dedicated gem. Please install and
265
+ follow the instructions for the [stack_master-gpg_parameter_resolver] gem.
268
266
 
269
- The secret parameters resolver expects a `secret_file` to be defined in the
270
- stack definition which is a GPG encrypted YAML file. Once decrypted and parsed,
271
- the value provided to the secret resolver is used to lookup the associated key
272
- in the secret file. A common use case for this is to store database passwords.
273
-
274
- stack_master.yml:
275
-
276
- ```yaml
277
- stacks:
278
- us-east-1:
279
- my_app:
280
- template: my_app.json
281
- secret_file: production.yml.gpg
282
- ```
283
-
284
- secrets/production.yml.gpg, when decrypted:
285
-
286
- ```yaml
287
- db_password: my-password
288
- ```
289
-
290
- parameters/my_app.yml:
291
-
292
- ```yaml
293
- db_password:
294
- secret: db_password
295
- ```
267
+ [stack_master-gpg_parameter_resolver]: https://github.com/envato/stack_master-gpg_parameter_resolver
296
268
 
297
269
  ### Parameter Store
298
270
 
data/lib/stack_master.rb CHANGED
@@ -70,7 +70,6 @@ module StackMaster
70
70
  autoload :AmiFinder, 'stack_master/parameter_resolvers/ami_finder'
71
71
  autoload :StackOutput, 'stack_master/parameter_resolvers/stack_output'
72
72
  autoload :Ejson, 'stack_master/parameter_resolvers/ejson'
73
- autoload :Secret, 'stack_master/parameter_resolvers/secret'
74
73
  autoload :SnsTopicName, 'stack_master/parameter_resolvers/sns_topic_name'
75
74
  autoload :SecurityGroup, 'stack_master/parameter_resolvers/security_group'
76
75
  autoload :LatestAmiByTags, 'stack_master/parameter_resolvers/latest_ami_by_tags'
@@ -148,7 +148,7 @@ module StackMaster
148
148
 
149
149
  def upload_files
150
150
  return unless use_s3?
151
- s3.upload_files(s3_options)
151
+ s3.upload_files(**s3_options)
152
152
  end
153
153
 
154
154
  def template_method
@@ -9,7 +9,6 @@ module StackMaster
9
9
  :notification_arns,
10
10
  :base_dir,
11
11
  :template_dir,
12
- :secret_file,
13
12
  :ejson_file,
14
13
  :ejson_file_region,
15
14
  :ejson_file_kms,
@@ -47,7 +46,6 @@ module StackMaster
47
46
  @allowed_accounts == other.allowed_accounts &&
48
47
  @notification_arns == other.notification_arns &&
49
48
  @base_dir == other.base_dir &&
50
- @secret_file == other.secret_file &&
51
49
  @ejson_file == other.ejson_file &&
52
50
  @ejson_file_region == other.ejson_file_region &&
53
51
  @ejson_file_kms == other.ejson_file_kms &&
@@ -1,8 +1,8 @@
1
1
  module StackMaster
2
2
  module StackEvents
3
3
  class Fetcher
4
- def self.fetch(*args)
5
- new(*args).fetch
4
+ def self.fetch(stack_name, region, **args)
5
+ new(stack_name, region, **args).fetch
6
6
  end
7
7
 
8
8
  def initialize(stack_name, region, from: nil)
@@ -3,8 +3,8 @@ module StackMaster
3
3
  class Streamer
4
4
  StackFailed = Class.new(StandardError)
5
5
 
6
- def self.stream(*args, &block)
7
- new(*args, &block).stream
6
+ def self.stream(stack_name, region, **args, &block)
7
+ new(stack_name, region, **args, &block).stream
8
8
  end
9
9
 
10
10
  def initialize(stack_name, region, from: Time.now, break_on_finish_state: true, sleep_between_fetches: 1, io: nil, &block)
@@ -1,3 +1,3 @@
1
1
  module StackMaster
2
- VERSION = "1.18.0"
2
+ VERSION = "2.0.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: stack_master
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.18.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Steve Hodgkiss
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2019-12-23 00:00:00.000000000 Z
12
+ date: 2020-01-21 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler
@@ -403,20 +403,6 @@ dependencies:
403
403
  - - ">="
404
404
  - !ruby/object:Gem::Version
405
405
  version: '0'
406
- - !ruby/object:Gem::Dependency
407
- name: dotgpg
408
- requirement: !ruby/object:Gem::Requirement
409
- requirements:
410
- - - ">="
411
- - !ruby/object:Gem::Version
412
- version: '0'
413
- type: :runtime
414
- prerelease: false
415
- version_requirements: !ruby/object:Gem::Requirement
416
- requirements:
417
- - - ">="
418
- - !ruby/object:Gem::Version
419
- version: '0'
420
406
  description: ''
421
407
  email:
422
408
  - steve@hodgkiss.me
@@ -462,7 +448,6 @@ files:
462
448
  - lib/stack_master/parameter_resolvers/latest_container.rb
463
449
  - lib/stack_master/parameter_resolvers/one_password.rb
464
450
  - lib/stack_master/parameter_resolvers/parameter_store.rb
465
- - lib/stack_master/parameter_resolvers/secret.rb
466
451
  - lib/stack_master/parameter_resolvers/security_group.rb
467
452
  - lib/stack_master/parameter_resolvers/sns_topic_name.rb
468
453
  - lib/stack_master/parameter_resolvers/stack_output.rb
@@ -517,8 +502,8 @@ licenses:
517
502
  metadata:
518
503
  bug_tracker_uri: https://github.com/envato/stack_master/issues
519
504
  changelog_uri: https://github.com/envato/stack_master/blob/master/CHANGELOG.md
520
- documentation_uri: https://www.rubydoc.info/gems/stack_master/1.18.0
521
- source_code_uri: https://github.com/envato/stack_master/tree/v1.18.0
505
+ documentation_uri: https://www.rubydoc.info/gems/stack_master/2.0.0
506
+ source_code_uri: https://github.com/envato/stack_master/tree/v2.0.0
522
507
  post_install_message:
523
508
  rdoc_options: []
524
509
  require_paths:
@@ -527,15 +512,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
527
512
  requirements:
528
513
  - - ">="
529
514
  - !ruby/object:Gem::Version
530
- version: 2.1.0
515
+ version: 2.4.0
531
516
  required_rubygems_version: !ruby/object:Gem::Requirement
532
517
  requirements:
533
518
  - - ">="
534
519
  - !ruby/object:Gem::Version
535
520
  version: '0'
536
521
  requirements: []
537
- rubyforge_project:
538
- rubygems_version: 2.7.6.2
522
+ rubygems_version: 3.0.4
539
523
  signing_key:
540
524
  specification_version: 4
541
525
  summary: StackMaster is a sure-footed way of creating, updating and keeping track
@@ -1,52 +0,0 @@
1
- require 'os'
2
-
3
- module StackMaster
4
- module ParameterResolvers
5
- class Secret < Resolver
6
- SecretNotFound = Class.new(StandardError)
7
- PlatformNotSupported = Class.new(StandardError)
8
-
9
- unless OS.windows?
10
- require 'dotgpg'
11
- array_resolver
12
- end
13
-
14
- def initialize(config, stack_definition)
15
- @config = config
16
- @stack_definition = stack_definition
17
- end
18
-
19
- def resolve(value)
20
- raise PlatformNotSupported, "The GPG Secret Parameter Resolver does not support Windows" if OS.windows?
21
- secret_key = value
22
- raise ArgumentError, "No secret_file defined for stack definition #{@stack_definition.stack_name} in #{@stack_definition.region}" unless !@stack_definition.secret_file.nil?
23
- raise ArgumentError, "Could not find secret file at #{secret_file_path}" unless File.exist?(secret_file_path)
24
- secrets_hash.fetch(secret_key) do
25
- raise SecretNotFound, "Unable to find key #{secret_key} in file #{secret_file_path}"
26
- end
27
- end
28
-
29
- private
30
-
31
- def secrets_hash
32
- @secrets_hash ||= YAML.load(decrypt_with_dotgpg)
33
- end
34
-
35
- def decrypt_with_dotgpg
36
- Dotgpg.interactive = true
37
- dir = Dotgpg::Dir.closest(secret_file_path)
38
- stream = StringIO.new
39
- dir.decrypt(secret_path_relative_to_base, stream)
40
- stream.string
41
- end
42
-
43
- def secret_path_relative_to_base
44
- @secret_path_relative_to_base ||= File.join('secrets', @stack_definition.secret_file)
45
- end
46
-
47
- def secret_file_path
48
- @secret_file_path ||= File.join(@config.base_dir, secret_path_relative_to_base)
49
- end
50
- end
51
- end
52
- end