stax 0.0.1 → 0.0.2

data/lib/stax/base.rb

@@ -1,8 +1,36 @@
-require 'thor'
-
 module Stax
   class Base < Thor
+
     no_commands do
+      def app_name
+        @_app_name ||= options[:app].empty? ? nil : cfn_safe(options[:app])
+      end
+
+      def branch_name
+        @_branch_name ||= cfn_safe(options[:branch])
+      end
+
+      def stack_prefix
+        @_stack_prefix ||= [app_name, branch_name].compact.join('-') + '-'
+      end
+
+      ## find or create a stack object
+      def stack(id)
+        object = Stax.const_get(id.to_s.capitalize)
+        ObjectSpace.each_object(object).first || object.new([], options)
+      end
+
+      def ensure_stack(*stacks)
+        stacks.each do |s|
+          stack(s)&.exists? or fail_task("#{s} stack is required")
+        end
+      end
+
+      ## alias for stack to preserve semantics
+      def command(id)
+        stack(id)
+      end
+
       def debug(message)
         say "[DEBUG] #{message}", :blue
       end
@@ -16,14 +44,74 @@ module Stax
         exit(1) if quit
       end
 
+      ## return true only if all given env vars are set
+      def env_set?(*vars)
+        vars.map{ |v| ENV.has_key?(v) }.all?
+      end
+
+      ## fail unless given env vars are set
+      def ensure_env(*vars)
+        unless env_set?(*vars)
+          fail_task("Please set env: #{vars.join(' ')}")
+        end
+      end
+
+      def color(string, hash)
+        set_color(string, hash.fetch(string.to_sym, :yellow))
+      end
+
       ## make string safe to use in naming CFN stuff
       def cfn_safe(string)
         string.gsub(/[\W_]/, '-')
       end
 
-      def stack_prefix
-        'ops-'
+      def prepend(prefix, id)
+        p = prefix.to_s
+        id.start_with?(p) ? id : p + id
+      end
+
+      def append(suffix, id)
+        s = suffix.to_s
+        id.end_with?(s) ? id : id + s
+      end
+
+      def stringify_keys(thing)
+        if thing.is_a?(Hash)
+          Hash[ thing.map { |k,v| [ k.to_s, stringify_keys(v) ] } ]
+        elsif thing.respond_to?(:map)
+          thing.map { |v| stringify_keys(v) }
+        else
+          thing
+        end
+      end
+
+      ## psycho version of thor yes?() that demands a y or n answer
+      def y_or_n?(statement, color = nil)
+        loop do
+          case ask(statement, color, :add_to_history => false).downcase
+          when 'y'
+            return true
+          when 'n'
+            return false
+          else
+            puts "please respond 'y' or 'n'"
+          end
+        end
+      end
+
+      ## make epoch human-readable
+      def human_time(timestamp)
+        timestamp.nil? ? '-' : Time.at(timestamp.to_i/1000)
+      end
+
+      ## convert bytes to nearest unit
+      def human_bytes(bytes, precision = 0)
+        return 0.to_s if bytes < 1
+        {T: 1000*1000*1000*1000, G: 1000*1000*1000, M: 1000*1000, K: 1000, B: 1}.each do |unit, value|
+          return "#{(bytes.to_f/value).round(precision)}#{unit}" if bytes >= value
+        end
       end
+
     end
   end
 end

data/lib/stax/cfer.rb

@@ -0,0 +1,59 @@
+require 'cfer'
+
+module Stax
+  class Stack < Base
+    class_option :use_previous_value, aliases: '-u', type: :array, default: [], desc: 'params to use previous value'
+
+    no_commands do
+      def cfer_parameters
+        {}
+      end
+
+      ## location of cfer template file
+      def cfer_template
+        File.join('cf', "#{class_name}.rb")
+      end
+
+      ## override with S3 bucket for upload of large templates as needed
+      def cfer_s3_path
+        nil
+      end
+
+      ## override with SNS ARNs as needed
+      def cfer_notification_arns
+        []
+      end
+
+      def cfer_termination_protection
+        false
+      end
+
+      ## create/update the stack
+      def cfer_converge(args = {})
+        opts = {
+          parameters: stringify_keys(cfer_parameters).except(*options[:use_previous_value]),
+          template:   cfer_template,
+          follow:     true,
+          number:     1,
+          s3_path:    cfer_s3_path,
+          notification_arns: cfer_notification_arns,
+          enable_termination_protection: cfer_termination_protection,
+        }
+        Cfer.converge!(stack_name, opts.merge(args))
+      end
+
+      ## generate JSON for stack without sending to cloudformation
+      def cfer_generate
+        opts = {parameters: stringify_keys(cfer_parameters)}
+        Cfer.generate!(cfer_template, opts)
+      end
+
+      def cfer_tail
+        Cfer.tail!(stack_name, follow: true, number: 1)
+      rescue ::Aws::CloudFormation::Errors::ValidationError => e
+        puts e.message
+      end
+    end
+
+  end
+end

data/lib/stax/cli.rb

@@ -1,6 +1,11 @@
+require 'stax/aws/cfn'
+
 module Stax
   class Cli < Base
-    include Awful::Short
+    include Aws
+
+    class_option :branch, type: :string, default: Git.branch, desc: 'git branch to use'
+    class_option :app,    type: :string, default: File.basename(Git.toplevel), desc: 'application name'
 
     desc 'version', 'show version'
     def version
@@ -8,9 +13,13 @@ module Stax
     end
 
     desc 'ls', 'list stacks for this branch'
-    def ls(regex = nil)
-      # regex = cfn_safe(options[:branch]) + '(-|$)'
-      cf(:ls, [regex || stack_prefix].compact, long: true)
+    def ls
+      print_table Cfn.stacks.select { |s|
+        s.stack_name.start_with?(stack_prefix)
+      }.map { |s|
+        [s.stack_name, s.creation_time, color(s.stack_status, Cfn::COLORS), s.template_description]
+      }
     end
+
   end
 end

data/lib/stax/docker.rb

@@ -0,0 +1,106 @@
+require 'stax/aws/sts'
+require 'stax/aws/ecr'
+
+module Stax
+  class Docker < Base
+
+    no_commands do
+      ## default to ECR registry for this account
+      def docker_registry
+        @_docker_registry ||= "#{Aws::Sts.id.account}.dkr.ecr.#{ENV['AWS_REGION']}.amazonaws.com"
+      end
+
+      ## name the docker repo after the git repo
+      def docker_repository
+        @_docker_repository ||= File.basename(Git.toplevel)
+      end
+
+      ## full image name for docker push
+      def docker_image
+        @_docker_image ||= "#{docker_registry}/#{docker_repository}"
+      end
+
+      ## build a docker image locally
+      def docker_local_build
+        debug("Docker build #{docker_image}")
+        system "docker build -t #{docker_image} #{Git.toplevel}"
+      end
+
+      ## push docker image from local
+      def docker_push
+        debug("Docker push #{docker_image}")
+        system "docker push #{docker_image}"
+      end
+
+      ## override this for your argus setup
+      def docker_argus_queue
+        @_docker_argus_queue ||= Aws::Sqs.queue_url('argus.fifo')
+      end
+
+      def docker_argus_build
+        debug("Sending to argus #{Git.branch}:#{Git.sha}")
+        org, repo = Git.repo.split('/')
+        Aws::Sqs.send(
+          queue_url: docker_argus_queue,
+          message_group_id: repo,
+          message_body: {
+            org:    org,
+            repo:   repo,
+            branch: Git.branch,
+            sha:    Git.sha,
+          }.to_json
+        ).tap do |r|
+          puts r&.message_id
+        end
+      end
+    end
+
+    desc 'registry', 'show registry name'
+    def registry
+      puts docker_registry
+    end
+
+    desc 'repository', 'show repository name'
+    def repository
+      puts docker_repository
+    end
+
+    desc 'image', 'show image name'
+    def image
+      puts docker_image
+    end
+
+    ## override this method with the desired builder
+    desc 'build', 'build docker image'
+    def build
+      docker_local_build
+      # docker_argus_build
+    end
+
+    desc 'login', 'login to registry'
+    def login
+      Aws::Ecr.auth.each do |auth|
+        debug("Login to ECR registry #{auth.proxy_endpoint}")
+        user, pass = Base64.decode64(auth.authorization_token).split(':')
+        system "docker login -u #{user} -p #{pass} #{auth.proxy_endpoint}"
+      end
+    end
+
+    desc 'push', 'push docker image to registry'
+    def push
+      docker_push
+    end
+
+    desc 'exists', 'check if docker image exists in ECR'
+    def exists
+      puts Aws::Ecr.exists?(docker_repository, Git.sha)
+    end
+
+    desc 'poll', 'poll ECR until docker image exists'
+    def poll
+      debug("Waiting for image in ECR #{docker_repository}:#{Git.sha}")
+      sleep 10 until Aws::Ecr.exists?(docker_repository, Git.sha)
+    end
+
+  end
+end

data/lib/stax/dsl.rb

@@ -0,0 +1,15 @@
+## Staxfile DSL commands
+module Stax
+  module Dsl
+    def stack(*args)
+      Stax.add_stack(*args)
+    end
+
+    def command(*args)
+      Stax.add_command(*args)
+    end
+  end
+end
+
+## add main object singleton methods
+extend Stax::Dsl

data/lib/stax/git.rb

@@ -0,0 +1,61 @@
+require 'git_clone_url'
+
+module Stax
+  class Git < Base
+
+    no_commands do
+      def self.branch
+        @_branch ||= `git symbolic-ref --short HEAD`.chomp
+      end
+
+      def self.sha
+        @_sha ||= `git rev-parse HEAD`.chomp
+      end
+
+      def self.short_sha
+        @_short_sha ||= self.sha.slice(0,7)
+      end
+
+      def self.origin_url
+        @_origin_url ||= `git config --get remote.origin.url`.chomp
+      end
+
+      ## path like org/repo
+      def self.repo
+        @_repo ||= GitCloneUrl.parse(origin_url)&.path&.sub(/\.git$/, '')
+      end
+
+      def self.origin_sha
+        @_origin_sha ||= `git rev-parse origin/#{branch}`.chomp
+      end
+
+      def self.toplevel
+        @_toplevel ||= `git rev-parse --show-toplevel`.chomp
+      end
+
+      def self.uncommitted_changes?
+        !`git diff --shortstat`.chomp.empty?
+      end
+
+      def self.unpushed_commits?
+        sha != origin_sha
+      end
+
+      ## tag the sha and push to origin
+      def self.tag(tag, sha)
+        system "git tag #{tag} #{sha} && git push origin #{tag} --quiet"
+      end
+    end
+
+    desc 'branch', 'show current git branch'
+    def branch
+      puts Git.branch
+    end
+
+    desc 'sha', 'show current local git sha'
+    def sha
+      puts Git.sha
+    end
+
+  end
+end

data/lib/stax/github.rb

@@ -0,0 +1,25 @@
+require 'octokit'
+
+module Stax
+  class Github < Base
+
+    no_commands do
+      def self.octokit
+        abort('Please set GITHUB_TOKEN') unless ENV['GITHUB_TOKEN']
+        @_octokit ||= Octokit::Client.new(access_token: ENV['GITHUB_TOKEN'])
+      end
+
+      def self.tags
+        @_tags ||= octokit.tags(Git.repo)
+      end
+
+      ## check if this sha exists in github
+      def self.exists?
+        !octokit.commit(Git.repo, Git.sha).nil?
+      rescue Octokit::NotFound
+        false
+      end
+    end
+
+  end
+end

data/lib/stax/iam.rb

@@ -0,0 +1,18 @@
+require 'stax/aws/iam'
+require 'stax/aws/sts'
+
+module Stax
+  class Iam < Base
+
+    desc 'id', 'get account id'
+    def id
+      puts Aws::Sts.account_id
+    end
+
+    desc 'aliases', 'get account aliases'
+    def aliases
+      puts Aws::Iam.aliases
+    end
+
+  end
+end

data/lib/stax/keypair.rb

@@ -0,0 +1,75 @@
+require 'tempfile'
+require 'awful/keypair'
+require 'awful/param'
+
+module Stax
+  module Keypair
+    def self.included(thor)
+      thor.class_eval do
+
+        no_commands do
+          def key_pair_name
+            @_key_pair_name ||= stack_name
+          end
+
+          ## parameter store name to store private key
+          def key_pair_store_name
+            "#{key_pair_name}.key_pair"
+          end
+
+          def key_pair_describe
+            keypair(:ls, [key_pair_name], long: true)
+          rescue Aws::EC2::Errors::InvalidKeyPairNotFound => e
+            warn(e.message)
+          end
+
+          ## create a new key pair and return private key
+          def key_pair_create
+            keypair(:create, [key_pair_name], quiet: true).key_material
+          rescue Aws::EC2::Errors::InvalidKeyPairDuplicate => e
+            warn(e.message)
+            nil
+          end
+
+          ## create a key and store it in parameter store
+          def key_pair_store
+            key = key_pair_create or return
+            param(:put, [key_pair_store_name], value: key, type: 'SecureString', key_id: try(:kms_id), overwrite: true)
+          end
+
+          ## get private key from store and write to a tempfile for ssh to find; return file object
+          def key_pair_get
+            Tempfile.new(stack_name).tap do |file|
+              key = param(:get, [key_pair_store_name], decrypt: true, quiet: true).first
+              File.chmod(0400, file.path) # ssh needs this mode
+              file.write(key.value)
+              file.close
+            end
+          end
+
+          ## delete the key pair and the parameter store
+          def key_pair_delete
+            keypair(:delete, [key_pair_name], yes: true)
+            param(:delete, [key_pair_store_name], yes: true)
+          rescue Aws::SSM::Errors::ParameterNotFound
+            warn("Parameter #{key_pair_store_name} does not exist")
+          end
+        end
+
+        desc 'key', 'key pair tasks'
+        method_option :create, type: :boolean, default: false, desc: 'create a new key pair'
+        method_option :delete, type: :boolean, default: false, desc: 'delete key pair'
+        def key
+          if options[:create]
+            key_pair_store
+          elsif options[:delete]
+            key_pair_delete
+          else
+            key_pair_describe
+          end
+        end
+
+      end
+    end
+  end
+end