stack_master 2.8.0 → 2.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7d401f198bf80974977c8b031f27422ea84aa171f18747fa6064cf6d9d2af784
-  data.tar.gz: dd930994d8034f57d60ba1a77d8bfee0f524301501306a3d8cee64502c27029e
+  metadata.gz: 8c0add9f29f6f809207e0b64969e084172dc194c77ae1636ceb073000e8020b4
+  data.tar.gz: f5e2a4a3a84a55a74bc29525067691a847f24b9c4256108d3ec9c086cd82ab6a
 SHA512:
-  metadata.gz: de26f0ce262ef2b4b11cced8789a8093896d9bd7db6950008ad7e0e469ea43a9752fbbcb0e4b57271656442aa7bb13dc159697690d0a0754fcbc9ecce39d07b0
-  data.tar.gz: 0ef954037a433821d09b90acbbd39da5a881044f305353267cba379a07e77bd2ffe7645700b8ce927d15d7f518c823aa17a42f0c9971ce3c37b29f5164a8b219
+  metadata.gz: addcb8147d827d7f403018c72a44a4fb1ca1d5536e7d74abe0c32e3645c1eded4278c761d7bb48d861e2857d7cd64ae9e61d69fb70d560f1aa44b79672ccc178
+  data.tar.gz: 98d47ddfcc3e928f55d7946d50f4bab280c04bb4d0eb0b8aade5616c1274ab542755ef616fdec3ccacce739832300bf202ba84e2d22e213f11f9ba62b91b349d

data/README.md

@@ -2,7 +2,7 @@
 
 [![License MIT](https://img.shields.io/badge/license-MIT-brightgreen.svg)](https://github.com/envato/stack_master/blob/master/LICENSE.md)
 [![Gem Version](https://badge.fury.io/rb/stack_master.svg)](https://badge.fury.io/rb/stack_master)
-[![Build Status](https://travis-ci.org/envato/stack_master.svg?branch=master)](https://travis-ci.org/envato/stack_master)
+[![Build Status](https://github.com/envato/stack_master/workflows/tests/badge.svg?branch=master)](https://github.com/envato/stack_master/actions?query=workflow%3Atests+branch%3Amaster)
 
 StackMaster is a CLI tool to manage [CloudFormation](https://aws.amazon.com/cloudformation/) stacks, with the following features:
 
@@ -143,7 +143,8 @@ stacks:
 ## Templates
 
 StackMaster supports CloudFormation templates in plain JSON or YAML. Any `.yml` or `.yaml` file will be processed as
-YAML, while any `.json` file will be processed as JSON.
+YAML, while any `.json` file will be processed as JSON. Additionally, YAML files can be pre-processed using ERB and
+compile-time parameters.
 
 ### Ruby DSLs
 By default, any template ending with `.rb` will be processed as a [SparkleFormation](https://github.com/sparkleformation/sparkle_formation)
@@ -199,12 +200,13 @@ stacks:
 
 ### Compile Time Parameters
 
-Compile time parameters can be used for [SparkleFormation](http://www.sparkleformation.io) templates. It conforms and
-allows you to use the [Compile Time Parameters](http://www.sparkleformation.io/docs/sparkle_formation/compile-time-parameters.html) feature.
+Compile time parameters can be defined in a stack's parameters file, using the key `compile_time_parameters`. Keys in
+parameter files are automatically converted to camel case.
 
-A simple example looks like this
+As an example:
 
 ```yaml
+# parameters/some_stack.yml
 vpc_cidr: 10.0.0.0/16
 compile_time_parameters:
   subnet_cidrs:
@@ -212,7 +214,37 @@ compile_time_parameters:
     - 10.0.2.0/28
 ```
 
-Keys in parameter files are automatically converted to camel case.
+#### SparkleFormation
+
+Compile time parameters can be used for [SparkleFormation](http://www.sparkleformation.io) templates. It conforms and
+allows you to use the [Compile Time Parameters](http://www.sparkleformation.io/docs/sparkle_formation/compile-time-parameters.html) feature.
+
+#### CloudFormation YAML ERB
+
+Compile time parameters can be used to pre-process YAML CloudFormation templates. An example template:
+
+```yaml
+# templates/some_stack_template.yml.erb
+Parameters:
+  VpcCidr:
+    Type: String
+Resources:
+  Vpc:
+    Type: AWS::EC2::VPC
+    Properties:
+      CidrBlock: !Ref VpcCidr
+  # Given the two subnet_cidrs parameters, this creates two resources:
+  # SubnetPrivate0 with a CidrBlock of 10.0.0.0/28, and
+  # SubnetPrivate1 with a CidrBlock of 10.0.2.0/28
+  <% params["SubnetCidrs"].each_with_index do |cidr, index| %>
+  SubnetPrivate<%= index %>:
+    Type: AWS::EC2::Subnet
+    Properties:
+      VpcId: !Ref Vpc
+      AvailabilityZone: ap-southeast-2
+      CidrBlock: <%= cidr %>
+  <% end %>
+```
 
 ## Parameter Resolvers
 
@@ -709,6 +741,10 @@ stack_master outputs [region-or-alias] [stack-name] # Display outputs for a stac
 stack_master resources [region-or-alias] [stack-name] # Display outputs for a stack
 stack_master status # Displays the status of each stack
 stack_master tidy # Find missing or extra templates or parameter files
+stack_master compile # Print the compiled version of a given stack
+stack_master validate # Validate a template
+stack_master lint # Check the stack definition locally using cfn-lint
+stack_master nag # Check the stack template with cfn_nag
 ```
 
 ## Applying updates - `stack_master apply`

data/lib/stack_master.rb

@@ -52,6 +52,7 @@ module StackMaster
   require 'stack_master/template_compilers/sparkle_formation'
   require 'stack_master/template_compilers/json'
   require 'stack_master/template_compilers/yaml'
+  require 'stack_master/template_compilers/yaml_erb'
   require 'stack_master/template_compilers/cfndsl'
 
   module Commands
@@ -70,6 +71,7 @@ module StackMaster
     autoload :Delete, 'stack_master/commands/delete'
     autoload :Status, 'stack_master/commands/status'
     autoload :Tidy, 'stack_master/commands/tidy'
+    autoload :Nag, 'stack_master/commands/nag'
   end
 
   module ParameterResolvers

data/lib/stack_master/cli.rb

@@ -146,6 +146,17 @@ module StackMaster
         end
       end
 
+      command :nag do |c|
+        c.syntax = 'stack_master nag [region_or_alias] [stack_name]'
+        c.summary = "Check this stack's template with cfn_nag"
+        c.description = "Runs SAST scan cfn_nag on the template"
+        c.example 'run cfn_nag on stack myapp-vpc with us-east-1 settings', 'stack_master nag us-east-1 myapp-vpc'
+        c.action do |args, options|
+          options.default config: default_config_file
+          execute_stacks_command(StackMaster::Commands::Nag, args, options)
+        end
+      end
+
       command :compile do |c|
         c.syntax = 'stack_master compile [region_or_alias] [stack_name]'
         c.summary = "Print the compiled version of a given stack"
@@ -219,9 +230,10 @@ module StackMaster
         c.syntax = 'stack_master drift [region_or_alias] [stack_name]'
         c.summary = 'Detects and displays stack drift using the CloudFormation Drift API'
         c.description = 'Detects and displays stack drift'
+        c.option '--timeout SECONDS', Integer, "The number of seconds to wait for drift detection to complete"
         c.example 'view stack drift for a stack named myapp-vpc in us-east-1', 'stack_master drift us-east-1 myapp-vpc'
         c.action do |args, options|
-          options.default config: default_config_file
+          options.default config: default_config_file, timeout: 120
           execute_stacks_command(StackMaster::Commands::Drift, args, options)
         end
       end
@@ -253,6 +265,7 @@ module StackMaster
         stack_definitions = config.filter(region, stack_name)
         if stack_definitions.empty?
           StackMaster.stdout.puts "Could not find stack definition #{stack_name} in region #{region}"
+          show_other_region_candidates(config, stack_name)
           success = false
         end
         stack_definitions = stack_definitions.select do |stack_definition|
@@ -269,6 +282,13 @@ module StackMaster
       @kernel.exit false unless success
     end
 
+    def show_other_region_candidates(config, stack_name)
+      candidates = config.filter(region="", stack_name=stack_name)
+      return if candidates.empty?
+
+      StackMaster.stdout.puts "Stack name #{stack_name} exists in regions: #{candidates.map(&:region).join(', ')}"
+    end
+
     def execute_if_allowed_account(allowed_accounts, &block)
       raise ArgumentError, "Block required to execute this method" unless block_given?
       if running_in_allowed_account?(allowed_accounts)

data/lib/stack_master/commands/compile.rb

@@ -5,7 +5,7 @@ module StackMaster
       include Commander::UI
 
       def perform
-        puts(proposed_stack.template_body)
+        StackMaster.stdout.puts(proposed_stack.template_body)
       end
 
       private

data/lib/stack_master/commands/drift.rb

@@ -88,17 +88,17 @@ module StackMaster
       end
 
       def wait_for_drift_results(detection_id)
-        try_count = 0
         resp = nil
+        start_time = Time.now
         loop do
-          if try_count >= 10
-            raise 'Failed to wait for stack drift detection after 10 tries'
-          end
-
           resp = cf.describe_stack_drift_detection_status(stack_drift_detection_id: detection_id)
           break if DETECTION_COMPLETE_STATES.include?(resp.detection_status)
 
-          try_count += 1
+          elapsed_time = Time.now - start_time
+          if elapsed_time > @options.timeout
+            raise "Timeout waiting for stack drift detection"
+          end
+
           sleep SLEEP_SECONDS
         end
         resp

data/lib/stack_master/commands/nag.rb

@@ -0,0 +1,30 @@
+module StackMaster
+  module Commands
+    class Nag
+      include Command
+      include Commander::UI
+
+      def perform
+        rv = Tempfile.open(['stack', "___#{stack_definition.stack_name}.#{proposed_stack.template_format}"]) do |f|
+          f.write(proposed_stack.template_body)
+          f.flush
+          system('cfn_nag', f.path)
+          $?.exitstatus
+        end
+
+        failed!("cfn_nag check failed with exit status #{rv}") if rv > 0
+      end
+
+      private
+
+      def stack_definition
+        @stack_definition ||= @config.find_stack(@region, @stack_name)
+      end
+
+      def proposed_stack
+        @proposed_stack ||= Stack.generate(stack_definition, @config)
+      end
+
+    end
+  end
+end

data/lib/stack_master/config.rb

@@ -92,6 +92,7 @@ module StackMaster
         json: :json,
         yml:  :yaml,
         yaml: :yaml,
+        erb:  :yaml_erb,
       }
     end
 

data/lib/stack_master/sparkle_formation/compile_time/empty_validator.rb

@@ -19,7 +19,7 @@ module StackMaster
 
         def has_invalid_values?
           values = build_values(@definition, @parameter)
-          values.include?(nil) || values.include?('')
+          values.include?(nil)
         end
 
         def create_error

data/lib/stack_master/template_compilers/cfndsl.rb

@@ -2,14 +2,15 @@ module StackMaster::TemplateCompilers
   class Cfndsl
     def self.require_dependencies
       require 'cfndsl'
+      require 'json'
     end
 
     def self.compile(template_dir, template, compile_time_parameters, _compiler_options = {})
-      CfnDsl.disable_binding
       CfnDsl::ExternalParameters.defaults.clear # Ensure there's no leakage across invocations
       CfnDsl::ExternalParameters.defaults(compile_time_parameters.symbolize_keys)
       template_file_path = File.join(template_dir, template)
-      ::CfnDsl.eval_file_with_extras(template_file_path).to_json
+      json_hash = ::CfnDsl.eval_file_with_extras(template_file_path).as_json
+      JSON.pretty_generate(json_hash)
     end
 
     StackMaster::TemplateCompiler.register(:cfndsl, self)

data/lib/stack_master/template_compilers/sparkle_formation.rb

@@ -22,7 +22,7 @@ module StackMaster::TemplateCompilers
         sparkle_template.compile_state = create_state(definitions, compile_time_parameters)
       end
 
-      JSON.pretty_generate(sparkle_template)
+      JSON.pretty_generate(sparkle_template.dump)
     end
 
     private

data/lib/stack_master/template_compilers/yaml_erb.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module StackMaster::TemplateCompilers
+  class YamlErb
+    def self.require_dependencies
+      require 'erubis'
+      require 'yaml'
+    end
+
+    def self.compile(template_dir, template, compile_time_parameters, _compiler_options = {})
+      template_file_path = File.join(template_dir, template)
+      template = Erubis::Eruby.new(File.read(template_file_path))
+      template.filename = template_file_path
+
+      template.result(params: compile_time_parameters)
+    end
+
+    StackMaster::TemplateCompiler.register(:yaml_erb, self)
+  end
+end

data/lib/stack_master/version.rb

@@ -1,3 +1,3 @@
 module StackMaster
-  VERSION = "2.8.0"
+  VERSION = "2.13.0"
 end

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: stack_master
 version: !ruby/object:Gem::Version
-  version: 2.8.0
+  version: 2.13.0
 platform: ruby
 authors:
 - Steve Hodgkiss
 - Glen Stampoultzis
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-24 00:00:00.000000000 Z
+date: 2021-02-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -371,16 +371,16 @@ dependencies:
   name: cfndsl
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
@@ -437,6 +437,26 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: cfn-nag
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.6.7
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 0.8.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.6.7
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 0.8.0
 description: ''
 email:
 - steve@hodgkiss.me
@@ -464,6 +484,7 @@ files:
 - lib/stack_master/commands/init.rb
 - lib/stack_master/commands/lint.rb
 - lib/stack_master/commands/list_stacks.rb
+- lib/stack_master/commands/nag.rb
 - lib/stack_master/commands/outputs.rb
 - lib/stack_master/commands/resources.rb
 - lib/stack_master/commands/status.rb
@@ -524,6 +545,7 @@ files:
 - lib/stack_master/template_compilers/json.rb
 - lib/stack_master/template_compilers/sparkle_formation.rb
 - lib/stack_master/template_compilers/yaml.rb
+- lib/stack_master/template_compilers/yaml_erb.rb
 - lib/stack_master/template_utils.rb
 - lib/stack_master/test_driver/cloud_formation.rb
 - lib/stack_master/test_driver/s3.rb
@@ -541,9 +563,9 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/envato/stack_master/issues
   changelog_uri: https://github.com/envato/stack_master/blob/master/CHANGELOG.md
-  documentation_uri: https://www.rubydoc.info/gems/stack_master/2.8.0
-  source_code_uri: https://github.com/envato/stack_master/tree/v2.8.0
-post_install_message: 
+  documentation_uri: https://www.rubydoc.info/gems/stack_master/2.13.0
+  source_code_uri: https://github.com/envato/stack_master/tree/v2.13.0
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -558,8 +580,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.2.8
+signing_key:
 specification_version: 4
 summary: StackMaster is a sure-footed way of creating, updating and keeping track
   of Amazon (AWS) CloudFormation stacks.