stackup 0.9.4 → 0.9.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +4 -0
- data/README.md +9 -0
- data/bin/stackup +32 -5
- data/lib/stackup/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c0d5247909e33849cd8ebd01a050d97d446e1e27
|
4
|
+
data.tar.gz: c791ab2604455fb5786ca2c6c3162fa9520e7e87
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 10b971d636c818efe634cca634a30fffe672517b2e05fa46648f7e17eada5320e94f15bac14125917bc8527978068a4f582f00cc154319f4c2c045e0c37446b7
|
7
|
+
data.tar.gz: de309273aa1a1c05a968e4ae12793a35a027d87360bc7612e627f001a828d77d4f84f1ce350c5b941def64f46205c292a791411198d64a3e2b9b4cd9cc0e5a91
|
data/CHANGES.md
CHANGED
data/README.md
CHANGED
@@ -116,3 +116,12 @@ Replace "latest" with a specific version for added safety.
|
|
116
116
|
|
117
117
|
The default working-directory within the container is `/cwd`;
|
118
118
|
hence the volume mount to make files available from the host system.
|
119
|
+
|
120
|
+
## AWS credentials
|
121
|
+
|
122
|
+
The stackup command-line looks for AWS credentials in the [standard environment variables](https://blogs.aws.amazon.com/security/post/Tx3D6U6WSFGOK2H/A-New-and-Standardized-Way-to-Manage-Credentials-in-the-AWS-SDKs).
|
123
|
+
|
124
|
+
You can also use the `--with-role` option to temporarily assume a different IAM role, for stack operations:
|
125
|
+
|
126
|
+
$ stackup myapp-test up -t template.json \
|
127
|
+
--with-role arn:aws:iam::862905684840:role/deployment
|
data/bin/stackup
CHANGED
@@ -5,6 +5,7 @@ $LOAD_PATH << File.expand_path("../../lib", __FILE__)
|
|
5
5
|
require "clamp"
|
6
6
|
require "console_logger"
|
7
7
|
require "multi_json"
|
8
|
+
require "securerandom"
|
8
9
|
require "stackup"
|
9
10
|
require "stackup/differ"
|
10
11
|
require "stackup/version"
|
@@ -26,15 +27,15 @@ Clamp do
|
|
26
27
|
unless arg =~ /^[a-z]{2}-[a-z]+-\d$/
|
27
28
|
fail ArgumentError, "#{arg.inspect} doesn't look like a region"
|
28
29
|
end
|
29
|
-
Aws.config.update(:region => arg)
|
30
30
|
arg
|
31
31
|
end
|
32
32
|
|
33
|
+
option ["--with-role"], "ROLE_ARN", "assume this role",
|
34
|
+
:attribute_name => :role_arn
|
35
|
+
|
33
36
|
option ["--retry-limit"], "N", "maximum number of retries for API calls",
|
34
37
|
:environment_variable => "AWS_API_RETRY_LIMIT" do |arg|
|
35
|
-
Integer(arg)
|
36
|
-
Aws.config.update(:retry_limit => value)
|
37
|
-
end
|
38
|
+
Integer(arg)
|
38
39
|
end
|
39
40
|
|
40
41
|
option ["--[no-]wait"], :flag, "wait for stack updates to complete",
|
@@ -80,8 +81,34 @@ Clamp do
|
|
80
81
|
puts format_data(data)
|
81
82
|
end
|
82
83
|
|
84
|
+
def role_arn=(arg)
|
85
|
+
unless arg =~ %r{^arn:aws:iam::\d+:role/}
|
86
|
+
fail ArgumentError, "#{arg.inspect} doesn't look like a role ARN"
|
87
|
+
end
|
88
|
+
@role_arn = arg
|
89
|
+
end
|
90
|
+
|
83
91
|
def stackup
|
84
|
-
Stackup(
|
92
|
+
Stackup(aws_config)
|
93
|
+
end
|
94
|
+
|
95
|
+
def base_aws_config
|
96
|
+
{
|
97
|
+
:log_level => :debug,
|
98
|
+
:logger => logger,
|
99
|
+
:region => region,
|
100
|
+
:retry_limit => retry_limit
|
101
|
+
}.reject { |_k, v| v.nil? }
|
102
|
+
end
|
103
|
+
|
104
|
+
def aws_config
|
105
|
+
return base_aws_config unless role_arn
|
106
|
+
assumed_credentials = Aws::AssumeRoleCredentials.new(
|
107
|
+
:client => Aws::STS::Client.new(base_aws_config),
|
108
|
+
:role_arn => role_arn,
|
109
|
+
:role_session_name => "stackup-#{SecureRandom.hex(8)}"
|
110
|
+
)
|
111
|
+
base_aws_config.merge(:credentials => assumed_credentials)
|
85
112
|
end
|
86
113
|
|
87
114
|
def stack
|
data/lib/stackup/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: stackup
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mike Williams
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-09-
|
12
|
+
date: 2016-09-26 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: aws-sdk-resources
|
@@ -59,14 +59,14 @@ dependencies:
|
|
59
59
|
requirements:
|
60
60
|
- - "~>"
|
61
61
|
- !ruby/object:Gem::Version
|
62
|
-
version: 3.0
|
62
|
+
version: '3.0'
|
63
63
|
type: :runtime
|
64
64
|
prerelease: false
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
66
66
|
requirements:
|
67
67
|
- - "~>"
|
68
68
|
- !ruby/object:Gem::Version
|
69
|
-
version: 3.0
|
69
|
+
version: '3.0'
|
70
70
|
- !ruby/object:Gem::Dependency
|
71
71
|
name: multi_json
|
72
72
|
requirement: !ruby/object:Gem::Requirement
|