stack_master 2.11.0 → 2.13.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +38 -6
- data/lib/stack_master/cli.rb +1 -1
- data/lib/stack_master/commands/compile.rb +1 -1
- data/lib/stack_master/config.rb +1 -0
- data/lib/stack_master/identity.rb +15 -4
- data/lib/stack_master/template_compilers/cfndsl.rb +3 -2
- data/lib/stack_master/template_compilers/sparkle_formation.rb +1 -1
- data/lib/stack_master/template_compilers/yaml_erb.rb +20 -0
- data/lib/stack_master/version.rb +1 -1
- data/lib/stack_master.rb +2 -0
- metadata +20 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a322b4f391c33d729067dcc6c64a0b00ce4dd8a9698ec2b4ec67cc14a58d5ff7
|
4
|
+
data.tar.gz: a2cb4f53f9f6b3feaf67c2c27b406cba21b1ba89f20ffadd225bdd796a07733f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 387280207539c0cc037f3455478b9e8eb33d4b1e754d7a0144d061a761e63d0ff954a029fc20c4e2e8fa5c384a425ef90b013256a7c614eacdc26dda26819441
|
7
|
+
data.tar.gz: febe1a7a4a4e6e3dbf60f9bfe728db545a9f1821f4f98bbcc733c9a579d19da88995184e702fc7dc7c402a8ef103b930c7fcf2c0d108235a8db7d66a8d48e98e
|
data/README.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
[![License MIT](https://img.shields.io/badge/license-MIT-brightgreen.svg)](https://github.com/envato/stack_master/blob/master/LICENSE.md)
|
4
4
|
[![Gem Version](https://badge.fury.io/rb/stack_master.svg)](https://badge.fury.io/rb/stack_master)
|
5
|
-
[![Build Status](https://
|
5
|
+
[![Build Status](https://github.com/envato/stack_master/workflows/tests/badge.svg?branch=master)](https://github.com/envato/stack_master/actions?query=workflow%3Atests+branch%3Amaster)
|
6
6
|
|
7
7
|
StackMaster is a CLI tool to manage [CloudFormation](https://aws.amazon.com/cloudformation/) stacks, with the following features:
|
8
8
|
|
@@ -143,7 +143,8 @@ stacks:
|
|
143
143
|
## Templates
|
144
144
|
|
145
145
|
StackMaster supports CloudFormation templates in plain JSON or YAML. Any `.yml` or `.yaml` file will be processed as
|
146
|
-
YAML, while any `.json` file will be processed as JSON.
|
146
|
+
YAML, while any `.json` file will be processed as JSON. Additionally, YAML files can be pre-processed using ERB and
|
147
|
+
compile-time parameters.
|
147
148
|
|
148
149
|
### Ruby DSLs
|
149
150
|
By default, any template ending with `.rb` will be processed as a [SparkleFormation](https://github.com/sparkleformation/sparkle_formation)
|
@@ -199,12 +200,13 @@ stacks:
|
|
199
200
|
|
200
201
|
### Compile Time Parameters
|
201
202
|
|
202
|
-
Compile time parameters can be
|
203
|
-
|
203
|
+
Compile time parameters can be defined in a stack's parameters file, using the key `compile_time_parameters`. Keys in
|
204
|
+
parameter files are automatically converted to camel case.
|
204
205
|
|
205
|
-
|
206
|
+
As an example:
|
206
207
|
|
207
208
|
```yaml
|
209
|
+
# parameters/some_stack.yml
|
208
210
|
vpc_cidr: 10.0.0.0/16
|
209
211
|
compile_time_parameters:
|
210
212
|
subnet_cidrs:
|
@@ -212,7 +214,37 @@ compile_time_parameters:
|
|
212
214
|
- 10.0.2.0/28
|
213
215
|
```
|
214
216
|
|
215
|
-
|
217
|
+
#### SparkleFormation
|
218
|
+
|
219
|
+
Compile time parameters can be used for [SparkleFormation](http://www.sparkleformation.io) templates. It conforms and
|
220
|
+
allows you to use the [Compile Time Parameters](http://www.sparkleformation.io/docs/sparkle_formation/compile-time-parameters.html) feature.
|
221
|
+
|
222
|
+
#### CloudFormation YAML ERB
|
223
|
+
|
224
|
+
Compile time parameters can be used to pre-process YAML CloudFormation templates. An example template:
|
225
|
+
|
226
|
+
```yaml
|
227
|
+
# templates/some_stack_template.yml.erb
|
228
|
+
Parameters:
|
229
|
+
VpcCidr:
|
230
|
+
Type: String
|
231
|
+
Resources:
|
232
|
+
Vpc:
|
233
|
+
Type: AWS::EC2::VPC
|
234
|
+
Properties:
|
235
|
+
CidrBlock: !Ref VpcCidr
|
236
|
+
# Given the two subnet_cidrs parameters, this creates two resources:
|
237
|
+
# SubnetPrivate0 with a CidrBlock of 10.0.0.0/28, and
|
238
|
+
# SubnetPrivate1 with a CidrBlock of 10.0.2.0/28
|
239
|
+
<% params["SubnetCidrs"].each_with_index do |cidr, index| %>
|
240
|
+
SubnetPrivate<%= index %>:
|
241
|
+
Type: AWS::EC2::Subnet
|
242
|
+
Properties:
|
243
|
+
VpcId: !Ref Vpc
|
244
|
+
AvailabilityZone: ap-southeast-2
|
245
|
+
CidrBlock: <%= cidr %>
|
246
|
+
<% end %>
|
247
|
+
```
|
216
248
|
|
217
249
|
## Parameter Resolvers
|
218
250
|
|
data/lib/stack_master/cli.rb
CHANGED
@@ -7,7 +7,7 @@ module StackMaster
|
|
7
7
|
|
8
8
|
def initialize(argv, stdin=STDIN, stdout=STDOUT, stderr=STDERR, kernel=Kernel)
|
9
9
|
@argv, @stdin, @stdout, @stderr, @kernel = argv, stdin, stdout, stderr, kernel
|
10
|
-
Commander::Runner.instance_variable_set('@
|
10
|
+
Commander::Runner.instance_variable_set('@instance', Commander::Runner.new(argv))
|
11
11
|
StackMaster.stdout = @stdout
|
12
12
|
StackMaster.stderr = @stderr
|
13
13
|
TablePrint::Config.io = StackMaster.stdout
|
data/lib/stack_master/config.rb
CHANGED
@@ -1,12 +1,17 @@
|
|
1
1
|
module StackMaster
|
2
2
|
class Identity
|
3
|
+
AllowedAccountAliasesError = Class.new(StandardError)
|
3
4
|
MissingIamPermissionsError = Class.new(StandardError)
|
4
5
|
|
5
6
|
def running_in_account?(accounts)
|
6
|
-
accounts.nil? ||
|
7
|
-
|
8
|
-
|
9
|
-
|
7
|
+
return true if accounts.nil? || accounts.empty? || contains_account_id?(accounts)
|
8
|
+
|
9
|
+
# skip alias check (which makes an API call) if all values are account IDs
|
10
|
+
return false if accounts.all? { |account| account_id?(account) }
|
11
|
+
|
12
|
+
contains_account_alias?(accounts)
|
13
|
+
rescue MissingIamPermissionsError
|
14
|
+
raise AllowedAccountAliasesError, 'Failed to validate whether the current AWS account is allowed'
|
10
15
|
end
|
11
16
|
|
12
17
|
def account
|
@@ -40,5 +45,11 @@ module StackMaster
|
|
40
45
|
def contains_account_alias?(aliases)
|
41
46
|
account_aliases.any? { |account_alias| aliases.include?(account_alias) }
|
42
47
|
end
|
48
|
+
|
49
|
+
def account_id?(id_or_alias)
|
50
|
+
# While it's not explicitly documented as prohibited, it cannot (currently) be possible to set an account alias of
|
51
|
+
# 12 digits, as that could cause one console sign-in URL to resolve to two separate accounts.
|
52
|
+
/^[0-9]{12}$/.match?(id_or_alias)
|
53
|
+
end
|
43
54
|
end
|
44
55
|
end
|
@@ -2,14 +2,15 @@ module StackMaster::TemplateCompilers
|
|
2
2
|
class Cfndsl
|
3
3
|
def self.require_dependencies
|
4
4
|
require 'cfndsl'
|
5
|
+
require 'json'
|
5
6
|
end
|
6
7
|
|
7
8
|
def self.compile(template_dir, template, compile_time_parameters, _compiler_options = {})
|
8
|
-
CfnDsl.disable_binding
|
9
9
|
CfnDsl::ExternalParameters.defaults.clear # Ensure there's no leakage across invocations
|
10
10
|
CfnDsl::ExternalParameters.defaults(compile_time_parameters.symbolize_keys)
|
11
11
|
template_file_path = File.join(template_dir, template)
|
12
|
-
::CfnDsl.eval_file_with_extras(template_file_path).
|
12
|
+
json_hash = ::CfnDsl.eval_file_with_extras(template_file_path).as_json
|
13
|
+
JSON.pretty_generate(json_hash)
|
13
14
|
end
|
14
15
|
|
15
16
|
StackMaster::TemplateCompiler.register(:cfndsl, self)
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module StackMaster::TemplateCompilers
|
4
|
+
class YamlErb
|
5
|
+
def self.require_dependencies
|
6
|
+
require 'erubis'
|
7
|
+
require 'yaml'
|
8
|
+
end
|
9
|
+
|
10
|
+
def self.compile(template_dir, template, compile_time_parameters, _compiler_options = {})
|
11
|
+
template_file_path = File.join(template_dir, template)
|
12
|
+
template = Erubis::Eruby.new(File.read(template_file_path))
|
13
|
+
template.filename = template_file_path
|
14
|
+
|
15
|
+
template.result(params: compile_time_parameters)
|
16
|
+
end
|
17
|
+
|
18
|
+
StackMaster::TemplateCompiler.register(:yaml_erb, self)
|
19
|
+
end
|
20
|
+
end
|
data/lib/stack_master/version.rb
CHANGED
data/lib/stack_master.rb
CHANGED
@@ -9,6 +9,7 @@ require 'aws-sdk-sns'
|
|
9
9
|
require 'aws-sdk-ssm'
|
10
10
|
require 'aws-sdk-iam'
|
11
11
|
require 'rainbow'
|
12
|
+
require 'active_support'
|
12
13
|
require 'active_support/core_ext/hash/keys'
|
13
14
|
require 'active_support/core_ext/object/blank'
|
14
15
|
require 'active_support/core_ext/string/inflections'
|
@@ -52,6 +53,7 @@ module StackMaster
|
|
52
53
|
require 'stack_master/template_compilers/sparkle_formation'
|
53
54
|
require 'stack_master/template_compilers/json'
|
54
55
|
require 'stack_master/template_compilers/yaml'
|
56
|
+
require 'stack_master/template_compilers/yaml_erb'
|
55
57
|
require 'stack_master/template_compilers/cfndsl'
|
56
58
|
|
57
59
|
module Commands
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: stack_master
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.13.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Steve Hodgkiss
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2022-01-25 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -143,7 +143,7 @@ dependencies:
|
|
143
143
|
requirements:
|
144
144
|
- - ">="
|
145
145
|
- !ruby/object:Gem::Version
|
146
|
-
version: 4.
|
146
|
+
version: 4.6.0
|
147
147
|
- - "<"
|
148
148
|
- !ruby/object:Gem::Version
|
149
149
|
version: '5'
|
@@ -153,7 +153,7 @@ dependencies:
|
|
153
153
|
requirements:
|
154
154
|
- - ">="
|
155
155
|
- !ruby/object:Gem::Version
|
156
|
-
version: 4.
|
156
|
+
version: 4.6.0
|
157
157
|
- - "<"
|
158
158
|
- !ruby/object:Gem::Version
|
159
159
|
version: '5'
|
@@ -371,16 +371,16 @@ dependencies:
|
|
371
371
|
name: cfndsl
|
372
372
|
requirement: !ruby/object:Gem::Requirement
|
373
373
|
requirements:
|
374
|
-
- - "
|
374
|
+
- - "~>"
|
375
375
|
- !ruby/object:Gem::Version
|
376
|
-
version: '1
|
376
|
+
version: '1'
|
377
377
|
type: :runtime
|
378
378
|
prerelease: false
|
379
379
|
version_requirements: !ruby/object:Gem::Requirement
|
380
380
|
requirements:
|
381
|
-
- - "
|
381
|
+
- - "~>"
|
382
382
|
- !ruby/object:Gem::Version
|
383
|
-
version: '1
|
383
|
+
version: '1'
|
384
384
|
- !ruby/object:Gem::Dependency
|
385
385
|
name: multi_json
|
386
386
|
requirement: !ruby/object:Gem::Requirement
|
@@ -441,16 +441,22 @@ dependencies:
|
|
441
441
|
name: cfn-nag
|
442
442
|
requirement: !ruby/object:Gem::Requirement
|
443
443
|
requirements:
|
444
|
-
- - "
|
444
|
+
- - ">="
|
445
445
|
- !ruby/object:Gem::Version
|
446
446
|
version: 0.6.7
|
447
|
+
- - "<"
|
448
|
+
- !ruby/object:Gem::Version
|
449
|
+
version: 0.8.0
|
447
450
|
type: :runtime
|
448
451
|
prerelease: false
|
449
452
|
version_requirements: !ruby/object:Gem::Requirement
|
450
453
|
requirements:
|
451
|
-
- - "
|
454
|
+
- - ">="
|
452
455
|
- !ruby/object:Gem::Version
|
453
456
|
version: 0.6.7
|
457
|
+
- - "<"
|
458
|
+
- !ruby/object:Gem::Version
|
459
|
+
version: 0.8.0
|
454
460
|
description: ''
|
455
461
|
email:
|
456
462
|
- steve@hodgkiss.me
|
@@ -539,6 +545,7 @@ files:
|
|
539
545
|
- lib/stack_master/template_compilers/json.rb
|
540
546
|
- lib/stack_master/template_compilers/sparkle_formation.rb
|
541
547
|
- lib/stack_master/template_compilers/yaml.rb
|
548
|
+
- lib/stack_master/template_compilers/yaml_erb.rb
|
542
549
|
- lib/stack_master/template_utils.rb
|
543
550
|
- lib/stack_master/test_driver/cloud_formation.rb
|
544
551
|
- lib/stack_master/test_driver/s3.rb
|
@@ -556,8 +563,8 @@ licenses:
|
|
556
563
|
metadata:
|
557
564
|
bug_tracker_uri: https://github.com/envato/stack_master/issues
|
558
565
|
changelog_uri: https://github.com/envato/stack_master/blob/master/CHANGELOG.md
|
559
|
-
documentation_uri: https://www.rubydoc.info/gems/stack_master/2.
|
560
|
-
source_code_uri: https://github.com/envato/stack_master/tree/v2.
|
566
|
+
documentation_uri: https://www.rubydoc.info/gems/stack_master/2.13.2
|
567
|
+
source_code_uri: https://github.com/envato/stack_master/tree/v2.13.2
|
561
568
|
post_install_message:
|
562
569
|
rdoc_options: []
|
563
570
|
require_paths:
|
@@ -573,7 +580,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
573
580
|
- !ruby/object:Gem::Version
|
574
581
|
version: '0'
|
575
582
|
requirements: []
|
576
|
-
rubygems_version: 3.
|
583
|
+
rubygems_version: 3.3.4
|
577
584
|
signing_key:
|
578
585
|
specification_version: 4
|
579
586
|
summary: StackMaster is a sure-footed way of creating, updating and keeping track
|