stax 0.0.3 → 0.0.4

data/lib/stax/stack.rb

@@ -1,9 +1,6 @@
 module Stax
   class Stack < Base
 
-    class_option :resources, type: :array,   default: nil,   desc: 'resources IDs to allow updates'
-    class_option :all,       type: :boolean, default: false, desc: 'DANGER: allow updates to all resources'
-
     no_commands do
       def class_name
         @_class_name ||= self.class.to_s.split('::').last.downcase
@@ -13,16 +10,21 @@ module Stax
         @_stack_name ||= stack_prefix + class_name
       end
 
+      ## list of other stacks we need to reference
+      def stack_imports
+        self.class.instance_variable_get(:@imports)
+      end
+
       def exists?
-        Cfn.exists?(stack_name)
+        Aws::Cfn.exists?(stack_name)
       end
 
       def stack_status
-        Cfn.describe(stack_name).stack_status
+        Aws::Cfn.describe(stack_name).stack_status
       end
 
       def stack_notification_arns
-        Cfn.describe(stack_name).notification_arns
+        Aws::Cfn.describe(stack_name).notification_arns
       end
 
       def resource(id)

data/lib/stax/stack/cfn.rb

@@ -1,23 +1,64 @@
 module Stax
   class Stack < Base
-    include Aws
+
+    no_commands do
+
+      def event_fields(e)
+        [e.timestamp, color(e.resource_status, Aws::Cfn::COLORS), e.resource_type, e.logical_resource_id, e.resource_status_reason]
+      end
+
+      def print_events(events)
+        events.reverse.each do |e|
+          puts "%s  %-44s  %-40s  %-20s  %s" % event_fields(e)
+        end
+      end
+
+    end
 
     desc 'template', 'get template of existing stack from cloudformation'
     method_option :pretty, type: :boolean, default: true, desc: 'format json output'
     def template
-      Cfn.template(stack_name).tap { |t|
+      Aws::Cfn.template(stack_name).tap { |t|
         puts options[:pretty] ? JSON.pretty_generate(JSON.parse(t)) : t
       }
     end
 
     desc 'events', 'show all events for stack'
-    method_option :number, aliases: '-n', type: :numeric, default: nil, desc: 'show n most recent events'
+    method_option :number, aliases: '-n', type: :numeric, default: 0, desc: 'show n most recent events'
     def events
-      print_table Cfn.events(stack_name).tap { |events|
-        events.replace(events.first(options[:number])) if options[:number]
-      }.reverse.map { |e|
-        [e.timestamp, color(e.resource_status, Cfn::COLORS), e.resource_type, e.logical_resource_id, e.resource_status_reason]
-      }
+      print_events(Aws::Cfn.events(stack_name)[0..options[:number]-1])
+    rescue ::Aws::CloudFormation::Errors::ValidationError => e
+      puts e.message
+    end
+
+    desc 'tail', 'tail stack events'
+    method_option :number, aliases: '-n', type: :numeric, default: nil, desc: 'number of historic events to show'
+    def tail
+      trap('SIGINT', 'EXIT')    # clean exit with ctrl-c
+
+      ## print some historical events
+      events = Aws::Cfn.events(stack_name).first(options[:number] || 1)
+      return unless events
+      print_events(events)
+      last_seen = events&.first&.event_id
+
+      loop do
+        sleep(1)
+        events = []
+
+        Aws::Cfn.events(stack_name).each do |e|
+          (last_seen == e.event_id) ? break : events << e
+        end
+
+        unless events.empty?
+          print_events(events)
+          last_seen = events.first.event_id
+        end
+
+        break if Aws::Cfn.describe(stack_name).stack_status.end_with?('COMPLETE', 'FAILED')
+      end
+    rescue ::Aws::CloudFormation::Errors::ValidationError => e
+      puts e.message
     end
 
   end

data/lib/stax/stack/changeset.rb

@@ -0,0 +1,88 @@
+module Stax
+  class Stack < Base
+
+    no_commands do
+
+      ## set this in stack to force changesets on update
+      def stack_force_changeset
+        false
+      end
+
+      ## can be anything unique
+      def change_set_name
+        stack_name + '-' + Time.now.strftime('%Y%m%d%H%M%S')
+      end
+
+      ## create a change set to update existing stack
+      def change_set_update
+        Aws::Cfn.changeset(
+          stack_name: stack_name,
+          template_body: cfn_template_body,
+          template_url: cfn_template_url,
+          parameters: cfn_parameters_update,
+          capabilities: cfn_capabilities,
+          notification_arns: cfer_notification_arns,
+          change_set_name: change_set_name,
+          change_set_type: :UPDATE,
+        ).id
+      rescue ::Aws::CloudFormation::Errors::ValidationError => e
+        fail_task(e.message)
+      end
+
+      ## wait and return true if changeset ready for execute
+      def change_set_complete?(id)
+        begin
+          Aws::Cfn.client.wait_until(:change_set_create_complete, stack_name: stack_name, change_set_name: id) { |w| w.delay = 1 }
+        rescue ::Aws::Waiters::Errors::FailureStateError => e
+          false                 # no changes to apply
+        end
+      end
+
+      ## string to print for replacement flag
+      def change_set_replacement(string)
+        case string
+          when 'True' then 'Replace'
+          when 'Conditional' then 'May replace'
+          else ''
+        end
+      end
+
+      ## display planned changes
+      def change_set_changes(id)
+        debug("Changes to #{stack_name}")
+        print_table Aws::Cfn.changes(stack_name: stack_name, change_set_name: id).map { |c|
+          r = c.resource_change
+          replacement = set_color(change_set_replacement(r.replacement), :red)
+          [color(r.action, Aws::Cfn::COLORS), r.logical_resource_id, r.physical_resource_id, r.resource_type, replacement]
+        }
+      end
+
+      ## confirm and execute the change set
+      def change_set_execute(id)
+        if yes?("Apply these changes to stack #{stack_name}?", :yellow)
+          Aws::Cfn.execute(stack_name: stack_name, change_set_name: id)
+        end
+      end
+
+      def change_set_unlock
+        Aws::Cfn.set_policy(stack_name: stack_name, stack_policy_body: stack_policy_during_update)
+      end
+
+      def change_set_lock
+        Aws::Cfn.set_policy(stack_name: stack_name, stack_policy_body: stack_policy)
+      end
+    end
+
+    desc 'change', 'create and execute a changeset'
+    def change
+      id = change_set_update
+      change_set_complete?(id) || fail_task('No changes')
+      change_set_changes(id)
+      change_set_unlock
+      change_set_execute(id) && tail && update_warn_imports
+    ensure
+      change_set_lock
+    end
+
+  end
+end

data/lib/stax/stack/crud.rb

@@ -1,10 +1,16 @@
 module Stax
   class Stack < Base
 
-    class_option :resources, type: :array,   default: nil,   desc: 'resources IDs to allow updates'
-    class_option :all,       type: :boolean, default: false, desc: 'DANGER: allow updates to all resources'
-
     no_commands do
+
+      ## by default we pass names of imported stacks;
+      ## you are encouraged to override or extend this method
+      def cfn_parameters
+        stack_imports.each_with_object({}) do |i, h|
+          h[i.to_sym] = stack(i).stack_name
+        end
+      end
+
       ## policy to lock the stack to all updates
       def stack_policy
         {
@@ -14,26 +20,19 @@ module Stax
             Principal: '*',
             Resource:  '*'
           ]
-        }
+        }.to_json
       end
 
-      ## temporary policy during updates
+      ## temporary policy during updates; modify this to restrict resources
       def stack_policy_during_update
         {
           Statement: [
             Effect:    'Allow',
             Action:    'Update:*',
             Principal: '*',
-            Resource:  stack_update_resources
+            Resource:  '*'
           ]
-        }
-      end
-
-      ## resources to unlock during update
-      def stack_update_resources
-        (options[:all] ? ['*'] : options[:resources]).map do |r|
-          "LogicalResourceId/#{r}"
-        end
+        }.to_json
       end
 
       ## cleanup sometimes needs to wait
@@ -45,39 +44,148 @@ module Stax
           break unless exists?
         end
       end
+
+      def cfn_parameters_create
+        cfn_parameters.map do |k,v|
+          { parameter_key: k, parameter_value: v }
+        end
+      end
+
+      def cfn_parameters_update
+        cfn_parameters.map do |k,v|
+          if options[:use_previous_value].include?(k.to_s)
+            { parameter_key: k, use_previous_value: true }
+          else
+            { parameter_key: k, parameter_value: v }
+          end
+        end
+      end
+
+      ## memoized template
+      def cfn_template
+        @_cfn_template ||= cfer_generate
+      end
+
+      ## set this to always do an S3 upload of template
+      def cfn_force_s3?
+        false
+      end
+
+      ## decide if we are uploading template to S3
+      def cfn_use_s3?
+        cfn_force_s3? || (cfn_template.bytesize > 51200)
+      end
+
+      ## set this for template uploads as needed, e.g. s3://bucket-name/stax/#{stack_name}"
+      def cfn_s3_path
+        nil
+      end
+
+      ## upload template to S3 and return public url of new object
+      def cfn_s3_upload
+        fail_task('No S3 bucket set for template upload: please set cfn_s3_path') unless cfn_s3_path
+        uri = URI(cfn_s3_path)
+        obj = ::Aws::S3::Object.new(bucket_name: uri.host, key: uri.path.sub(/^\//, ''))
+        obj.put(body: cfn_template)
+        obj.public_url + ((v = obj.version_id) ? "?versionId=#{v}" : '')
+      end
+
+      ## template body, or nil if uploading to S3
+      def cfn_template_body
+        @_cfn_template_body ||= cfn_use_s3? ? nil : cfn_template
+      end
+
+      ## template S3 URL, or nil if not uploading to S3
+      def cfn_template_url
+        @_cfn_template_url ||= cfn_use_s3? ? cfn_s3_upload : nil
+      end
+
+      ## validate template, and return list of require capabilities
+      def cfn_capabilities
+        validate.capabilities
+      end
+
+    end
+
+    desc 'validate', 'validate template'
+    def validate
+      Aws::Cfn.validate(
+        template_body: cfn_template_body,
+        template_url:  cfn_template_url,
+      )
+    rescue ::Aws::CloudFormation::Errors::ValidationError => e
+      fail_task(e.message)
     end
 
     desc 'create', 'create stack'
     def create
-      fail_task("Stack #{stack_name} already exists") if exists?
       debug("Creating stack #{stack_name}")
-      cfer_converge(stack_policy: stack_policy)
+
+      ## ensure stacks we import exist
+      ensure_stack(*stack_imports)
+
+      ## create the stack
+      Aws::Cfn.create(
+        stack_name: stack_name,
+        template_body: cfn_template_body,
+        template_url: cfn_template_url,
+        parameters: cfn_parameters_create,
+        capabilities: cfn_capabilities,
+        stack_policy_body: stack_policy,
+        notification_arns: cfer_notification_arns,
+        enable_termination_protection: cfer_termination_protection,
+      )
+
+      ## show stack events
+      tail
+    rescue ::Aws::CloudFormation::Errors::AlreadyExistsException => e
+      fail_task(e.message)
+    rescue ::Aws::CloudFormation::Errors::ValidationError => e
+      warn(e.message)
     end
 
     desc 'update', 'update stack'
     def update
-      fail_task("Stack #{stack_name} does not exist") unless exists?
+      return change if stack_force_changeset
       debug("Updating stack #{stack_name}")
-      cfer_converge(stack_policy_during_update: stack_policy_during_update)
+      Aws::Cfn.update(
+        stack_name: stack_name,
+        template_body: cfn_template_body,
+        template_url: cfn_template_url,
+        parameters: cfn_parameters_update,
+        capabilities: cfn_capabilities,
+        stack_policy_during_update_body: stack_policy_during_update,
+        notification_arns: cfer_notification_arns,
+      )
+      tail
+      update_warn_imports
+    rescue ::Aws::CloudFormation::Errors::ValidationError => e
+      warn(e.message)
     end
 
     desc 'delete', 'delete stack'
     def delete
+      delete_warn_imports
       if yes? "Really delete stack #{stack_name}?", :yellow
-        Cfn.delete(stack_name)
+        Aws::Cfn.delete(stack_name)
+        tail
       end
     rescue ::Aws::CloudFormation::Errors::ValidationError => e
       fail_task(e.message)
     end
 
-    desc 'tail', 'tail stack events'
-    def tail
-      cfer_tail
+    desc 'cancel', 'cancel update_in_progress'
+    def cancel
+      debug("Cancelling update for #{stack_name}")
+      Aws::Cfn.cancel(stack_name)
+      tail
+    rescue ::Aws::CloudFormation::Errors::ValidationError => e
+      fail_task(e.message)
     end
 
     desc 'generate', 'generate cloudformation template'
     def generate
-      cfer_generate
+      puts cfer_generate
     end
 
     desc 'protection', 'show/set termination protection for stack'
@@ -85,12 +193,21 @@ module Stax
     method_option :disable, aliases: '-d', type: :boolean, default: nil, desc: 'disable termination protection'
     def protection
       if options[:enable]
-        Cfn.protection(stack_name, true)
+        Aws::Cfn.protection(stack_name, true)
       elsif options[:disable]
-        Cfn.protection(stack_name, false)
+        Aws::Cfn.protection(stack_name, false)
       end
       debug("Termination protection for #{stack_name}")
-      puts Cfn.describe(stack_name)&.enable_termination_protection
+      puts Aws::Cfn.describe(stack_name)&.enable_termination_protection
+    end
+
+    desc 'policy [JSON]', 'get/set stack policy'
+    def policy(json = nil)
+      if json
+        Aws::Cfn.set_policy(stack_name: stack_name, stack_policy_body: json)
+      else
+        puts Aws::Cfn.get_policy(stack_name: stack_name)
+      end
     end
 
   end

data/lib/stax/stack/imports.rb

@@ -0,0 +1,34 @@
+module Stax
+  class Stack < Base
+
+    no_commands do
+      def import_stacks
+        @_import_stacks ||= Aws::Cfn.exports(stack_name).map do |e|
+          Aws::Cfn.imports(e.export_name)
+        end.flatten.uniq
+      end
+
+      def update_warn_imports
+        unless import_stacks.empty?
+          warn("You may also need to update stacks that import from this one: #{import_stacks.join(',')}")
+        end
+      end
+
+      def delete_warn_imports
+        unless import_stacks.empty?
+          warn("The following stacks import from this one: #{import_stacks.join(',')}")
+        end
+      end
+    end
+
+    desc 'imports', 'list imports from this stack'
+    def imports
+      debug("Stacks that import from #{stack_name}")
+      print_table Aws::Cfn.exports(stack_name).map { |e|
+        imports = (i = Aws::Cfn.imports(e.export_name)).empty? ? '-' : i.join(',')
+        [e.output_key, imports]
+      }
+    end
+
+  end
+end