stack_master 2.11.0 → 2.13.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 44b54b0c2a5d9050de40c5eb89ec056d423e7e4403071aa295d3165c7eb08128
-  data.tar.gz: 6da32d39a8cb7c1b7f3448516c2fab14fbdb41247a708ebb3bffc59d10111fa4
+  metadata.gz: a322b4f391c33d729067dcc6c64a0b00ce4dd8a9698ec2b4ec67cc14a58d5ff7
+  data.tar.gz: a2cb4f53f9f6b3feaf67c2c27b406cba21b1ba89f20ffadd225bdd796a07733f
 SHA512:
-  metadata.gz: 10eab8adaca08fb72e5751ade8a554b6892f95553a9581c87fba01f2967fde18fae5111e2b97243af83673ba9b2578ea0541ee0b4e70882cae3c2d5a483c0630
-  data.tar.gz: 7542bd369cd86fdbf5c3a198fb8bf331db3acefbc1271850f4603a67ba1ac5eed69d4c1d056ccba60e644e852ec04460129f48697dfb9df545a9a5a7a2b0221e
+  metadata.gz: 387280207539c0cc037f3455478b9e8eb33d4b1e754d7a0144d061a761e63d0ff954a029fc20c4e2e8fa5c384a425ef90b013256a7c614eacdc26dda26819441
+  data.tar.gz: febe1a7a4a4e6e3dbf60f9bfe728db545a9f1821f4f98bbcc733c9a579d19da88995184e702fc7dc7c402a8ef103b930c7fcf2c0d108235a8db7d66a8d48e98e

data/README.md

@@ -2,7 +2,7 @@
 
 [![License MIT](https://img.shields.io/badge/license-MIT-brightgreen.svg)](https://github.com/envato/stack_master/blob/master/LICENSE.md)
 [![Gem Version](https://badge.fury.io/rb/stack_master.svg)](https://badge.fury.io/rb/stack_master)
-[![Build Status](https://travis-ci.org/envato/stack_master.svg?branch=master)](https://travis-ci.org/envato/stack_master)
+[![Build Status](https://github.com/envato/stack_master/workflows/tests/badge.svg?branch=master)](https://github.com/envato/stack_master/actions?query=workflow%3Atests+branch%3Amaster)
 
 StackMaster is a CLI tool to manage [CloudFormation](https://aws.amazon.com/cloudformation/) stacks, with the following features:
 
@@ -143,7 +143,8 @@ stacks:
 ## Templates
 
 StackMaster supports CloudFormation templates in plain JSON or YAML. Any `.yml` or `.yaml` file will be processed as
-YAML, while any `.json` file will be processed as JSON.
+YAML, while any `.json` file will be processed as JSON. Additionally, YAML files can be pre-processed using ERB and
+compile-time parameters.
 
 ### Ruby DSLs
 By default, any template ending with `.rb` will be processed as a [SparkleFormation](https://github.com/sparkleformation/sparkle_formation)
@@ -199,12 +200,13 @@ stacks:
 
 ### Compile Time Parameters
 
-Compile time parameters can be used for [SparkleFormation](http://www.sparkleformation.io) templates. It conforms and
-allows you to use the [Compile Time Parameters](http://www.sparkleformation.io/docs/sparkle_formation/compile-time-parameters.html) feature.
+Compile time parameters can be defined in a stack's parameters file, using the key `compile_time_parameters`. Keys in
+parameter files are automatically converted to camel case.
 
-A simple example looks like this
+As an example:
 
 ```yaml
+# parameters/some_stack.yml
 vpc_cidr: 10.0.0.0/16
 compile_time_parameters:
   subnet_cidrs:
@@ -212,7 +214,37 @@ compile_time_parameters:
     - 10.0.2.0/28
 ```
 
-Keys in parameter files are automatically converted to camel case.
+#### SparkleFormation
+
+Compile time parameters can be used for [SparkleFormation](http://www.sparkleformation.io) templates. It conforms and
+allows you to use the [Compile Time Parameters](http://www.sparkleformation.io/docs/sparkle_formation/compile-time-parameters.html) feature.
+
+#### CloudFormation YAML ERB
+
+Compile time parameters can be used to pre-process YAML CloudFormation templates. An example template:
+
+```yaml
+# templates/some_stack_template.yml.erb
+Parameters:
+  VpcCidr:
+    Type: String
+Resources:
+  Vpc:
+    Type: AWS::EC2::VPC
+    Properties:
+      CidrBlock: !Ref VpcCidr
+  # Given the two subnet_cidrs parameters, this creates two resources:
+  # SubnetPrivate0 with a CidrBlock of 10.0.0.0/28, and
+  # SubnetPrivate1 with a CidrBlock of 10.0.2.0/28
+  <% params["SubnetCidrs"].each_with_index do |cidr, index| %>
+  SubnetPrivate<%= index %>:
+    Type: AWS::EC2::Subnet
+    Properties:
+      VpcId: !Ref Vpc
+      AvailabilityZone: ap-southeast-2
+      CidrBlock: <%= cidr %>
+  <% end %>
+```
 
 ## Parameter Resolvers
 

data/lib/stack_master/cli.rb

@@ -7,7 +7,7 @@ module StackMaster
 
     def initialize(argv, stdin=STDIN, stdout=STDOUT, stderr=STDERR, kernel=Kernel)
       @argv, @stdin, @stdout, @stderr, @kernel = argv, stdin, stdout, stderr, kernel
-      Commander::Runner.instance_variable_set('@singleton', Commander::Runner.new(argv))
+      Commander::Runner.instance_variable_set('@instance', Commander::Runner.new(argv))
       StackMaster.stdout = @stdout
       StackMaster.stderr = @stderr
       TablePrint::Config.io = StackMaster.stdout

data/lib/stack_master/commands/compile.rb

@@ -5,7 +5,7 @@ module StackMaster
       include Commander::UI
 
       def perform
-        puts(proposed_stack.template_body)
+        StackMaster.stdout.puts(proposed_stack.template_body)
       end
 
       private

data/lib/stack_master/config.rb

@@ -92,6 +92,7 @@ module StackMaster
         json: :json,
         yml:  :yaml,
         yaml: :yaml,
+        erb:  :yaml_erb,
       }
     end
 

data/lib/stack_master/identity.rb

@@ -1,12 +1,17 @@
 module StackMaster
   class Identity
+    AllowedAccountAliasesError = Class.new(StandardError)
     MissingIamPermissionsError = Class.new(StandardError)
 
     def running_in_account?(accounts)
-      accounts.nil? ||
-        accounts.empty? ||
-        contains_account_id?(accounts) ||
-        contains_account_alias?(accounts)
+      return true if accounts.nil? || accounts.empty? || contains_account_id?(accounts)
+
+      # skip alias check (which makes an API call) if all values are account IDs
+      return false if accounts.all? { |account| account_id?(account) }
+
+      contains_account_alias?(accounts)
+    rescue MissingIamPermissionsError
+      raise AllowedAccountAliasesError, 'Failed to validate whether the current AWS account is allowed'
     end
 
     def account
@@ -40,5 +45,11 @@ module StackMaster
     def contains_account_alias?(aliases)
       account_aliases.any? { |account_alias| aliases.include?(account_alias) }
     end
+
+    def account_id?(id_or_alias)
+      # While it's not explicitly documented as prohibited, it cannot (currently) be possible to set an account alias of
+      # 12 digits, as that could cause one console sign-in URL to resolve to two separate accounts.
+      /^[0-9]{12}$/.match?(id_or_alias)
+    end
   end
 end

data/lib/stack_master/template_compilers/cfndsl.rb

@@ -2,14 +2,15 @@ module StackMaster::TemplateCompilers
   class Cfndsl
     def self.require_dependencies
       require 'cfndsl'
+      require 'json'
     end
 
     def self.compile(template_dir, template, compile_time_parameters, _compiler_options = {})
-      CfnDsl.disable_binding
       CfnDsl::ExternalParameters.defaults.clear # Ensure there's no leakage across invocations
       CfnDsl::ExternalParameters.defaults(compile_time_parameters.symbolize_keys)
       template_file_path = File.join(template_dir, template)
-      ::CfnDsl.eval_file_with_extras(template_file_path).to_json
+      json_hash = ::CfnDsl.eval_file_with_extras(template_file_path).as_json
+      JSON.pretty_generate(json_hash)
     end
 
     StackMaster::TemplateCompiler.register(:cfndsl, self)

data/lib/stack_master/template_compilers/sparkle_formation.rb

@@ -22,7 +22,7 @@ module StackMaster::TemplateCompilers
         sparkle_template.compile_state = create_state(definitions, compile_time_parameters)
       end
 
-      JSON.pretty_generate(sparkle_template)
+      JSON.pretty_generate(sparkle_template.dump)
     end
 
     private

data/lib/stack_master/template_compilers/yaml_erb.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module StackMaster::TemplateCompilers
+  class YamlErb
+    def self.require_dependencies
+      require 'erubis'
+      require 'yaml'
+    end
+
+    def self.compile(template_dir, template, compile_time_parameters, _compiler_options = {})
+      template_file_path = File.join(template_dir, template)
+      template = Erubis::Eruby.new(File.read(template_file_path))
+      template.filename = template_file_path
+
+      template.result(params: compile_time_parameters)
+    end
+
+    StackMaster::TemplateCompiler.register(:yaml_erb, self)
+  end
+end

data/lib/stack_master/version.rb

@@ -1,3 +1,3 @@
 module StackMaster
-  VERSION = "2.11.0"
+  VERSION = "2.13.2"
 end

data/lib/stack_master.rb

@@ -9,6 +9,7 @@ require 'aws-sdk-sns'
 require 'aws-sdk-ssm'
 require 'aws-sdk-iam'
 require 'rainbow'
+require 'active_support'
 require 'active_support/core_ext/hash/keys'
 require 'active_support/core_ext/object/blank'
 require 'active_support/core_ext/string/inflections'
@@ -52,6 +53,7 @@ module StackMaster
   require 'stack_master/template_compilers/sparkle_formation'
   require 'stack_master/template_compilers/json'
   require 'stack_master/template_compilers/yaml'
+  require 'stack_master/template_compilers/yaml_erb'
   require 'stack_master/template_compilers/cfndsl'
 
   module Commands

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: stack_master
 version: !ruby/object:Gem::Version
-  version: 2.11.0
+  version: 2.13.2
 platform: ruby
 authors:
 - Steve Hodgkiss
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-10-02 00:00:00.000000000 Z
+date: 2022-01-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -143,7 +143,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.5.2
+        version: 4.6.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '5'
@@ -153,7 +153,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.5.2
+        version: 4.6.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '5'
@@ -371,16 +371,16 @@ dependencies:
   name: cfndsl
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
@@ -441,16 +441,22 @@ dependencies:
   name: cfn-nag
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 0.6.7
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 0.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 0.6.7
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 0.8.0
 description: ''
 email:
 - steve@hodgkiss.me
@@ -539,6 +545,7 @@ files:
 - lib/stack_master/template_compilers/json.rb
 - lib/stack_master/template_compilers/sparkle_formation.rb
 - lib/stack_master/template_compilers/yaml.rb
+- lib/stack_master/template_compilers/yaml_erb.rb
 - lib/stack_master/template_utils.rb
 - lib/stack_master/test_driver/cloud_formation.rb
 - lib/stack_master/test_driver/s3.rb
@@ -556,8 +563,8 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/envato/stack_master/issues
   changelog_uri: https://github.com/envato/stack_master/blob/master/CHANGELOG.md
-  documentation_uri: https://www.rubydoc.info/gems/stack_master/2.11.0
-  source_code_uri: https://github.com/envato/stack_master/tree/v2.11.0
+  documentation_uri: https://www.rubydoc.info/gems/stack_master/2.13.2
+  source_code_uri: https://github.com/envato/stack_master/tree/v2.13.2
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -573,7 +580,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.4
+rubygems_version: 3.3.4
 signing_key:
 specification_version: 4
 summary: StackMaster is a sure-footed way of creating, updating and keeping track