RubyGems - sumomo - Versions diffs - 0.9.0 → 0.10.1 - Mend

sumomo 0.9.0 → 0.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +13 -4
data/data/sumomo/custom_resources/TempS3Bucket.js +34 -1
data/exe/sumomo +68 -57
data/lib/sumomo/version.rb +1 -1
data/lib/sumomo.rb +204 -12
data/sumomo.gemspec +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '073782fdfbe69977c7593b76415797b035764772302b35c50ccf69533324c875'
-  data.tar.gz: 1efbe5244de1bf4cd3c8ff6faf18a3b3bbda9b4137297c1ba6d1349553ea60a9
+  metadata.gz: 3f4f67797a004db69b413bc1abd72dd8d26a289847a1ec6943d4b84d3ec2e034
+  data.tar.gz: b28799dfccbebbcb03f3a96af34f383bd94d2ec979c405e354ea36164f11ab88
 SHA512:
-  metadata.gz: 9ee43afb24863f75a9d421d116e696e410ad90c2cdb15e1bd353c05bcde3d6ef08a69055ede03b3ad62f87c0483196a643029839afe255266292d7a5371957b1
-  data.tar.gz: 92f385cc371f99e5201540d9fecc75f6a66ced34b75d3c397bbc85706c1ab00d72e25651d56d30402549994ad4fb6f3b6d4f03df9edcfb0f4c794af036d9f5f9
+  metadata.gz: e4ca377095ae8386d059a35f32efc6c7f57696dd1457301beeee36e6734d437c1cb1b09f1ff4263f9d3d01d517d6bc0aa42e9377c9c0a653e02325e2c7bf6e7c
+  data.tar.gz: 131bf090f8161b6ebe07ddd0eefb304e34426a7aca4c19eb4215111d9b61641977a73ba27baac471f81c6abc6fa6a908bb3438b5c06ca9230a209a3918ae5bd4

data/README.md CHANGED Viewed

@@ -40,19 +40,28 @@ output "Haha", x
 To create a stack that acquires an IP Address and outputs it
-	$ sumomo create mystack
+    $ sumomo create mystack
 To view a stack's outputs
-	$ sumomo outputs mystack
+    $ sumomo outputs mystack
 To update a stack
-	$ sumomo update mystack
+    $ sumomo update mystack
 To delete a stack
-	$ sumomo delete mystack
+    $ sumomo delete mystack
+To view what changes your stuff will cause to your stack
+    $ sumomo diff mystack
+To see the raw cloudformation template
+    $ sumomo show mystack
 ## Library Usage

data/data/sumomo/custom_resources/TempS3Bucket.js CHANGED Viewed

@@ -2,6 +2,7 @@ var s3 = new aws.S3();
 var name = request.ResourceProperties.BucketName;
 var copy_from_dir = request.ResourceProperties.CopyFromDirectory;
 var copy_from_bucket = request.ResourceProperties.CopyFromBucket;
+var disable_acl = request.ResourceProperties.DisableACL;
 var success_obj = {
   Arn: "arn:aws:s3:::" + name,
   DomainName: name + ".s3-" + request.ResourceProperties.Region + ".amazonaws.com"
@@ -72,6 +73,38 @@ function copy_files(success, fail)
   );
 }
+function apply_ownership_policy(name, success, fail)
+{
+  if (disable_acl)
+  {
+    // ACL is disabled by default, so we simply skip this step.
+    return copy_files(success, fail);
+  }
+  var params = {
+    Bucket: name,
+    OwnershipControls: {
+      Rules: [
+        {
+          ObjectOwnership: "BucketOwnerPreferred"
+        }
+      ]
+    }
+  };
+  s3.putBucketOwnershipControls(params, function(err, data)
+  {
+    if (err)
+    {
+      fail(err);
+    }
+    else
+    {
+      copy_files(success, fail);
+    }
+  });
+}
 function create_bucket(name, success, fail)
 {
   var create_params = {
@@ -89,7 +122,7 @@ function create_bucket(name, success, fail)
     }
     else
     {
-      copy_files(success, fail);
+      apply_ownership_policy(name, success, fail);
     }
   });
 }

data/exe/sumomo CHANGED Viewed

@@ -1,16 +1,16 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
-require 'trollop'
+require 'optimist'
 require 'sumomo'
 require 'yaml'
-SUB_COMMANDS = %w[delete create update outputs testapi].freeze
-global_opts = Trollop.options do
+SUB_COMMANDS = %w[delete create update outputs show diff testapi].freeze
+global_opts = Optimist.options do
   banner <<-USAGE
   Sumomo v#{Sumomo::VERSION}
-  Usage: sumomo [options] <create|update|delete|outputs> <stackname>
+  Usage: sumomo [options] <#{SUB_COMMANDS.join('|')}> <stackname>
   USAGE
   opt :region, 'AWS region to use', type: :string, default: 'ap-northeast-1'
@@ -26,58 +26,69 @@ p ENV['AWS_PROFILE']
 cmd = ARGV.shift # get the subcommand
-cmd_opts = case cmd
-           when 'delete'
-             Sumomo.delete_stack(name: ARGV[0], region: global_opts[:region])
-           when 'create'
-             local_opts = Trollop.options do
-               opt :filename, 'File that describes the stack', type: :string, default: 'Sumomofile'
-             end
-             Sumomo.create_stack(name: ARGV[0], region: global_opts[:region]) do
-               proc = proc {}
-               eval File.read(local_opts[:filename]), proc.binding, local_opts[:filename]
-             end
-           when 'update'
-             local_opts = Trollop.options do
-               opt :filename, 'File that describes the stack', type: :string, default: 'Sumomofile'
-               opt :changeset, 'Create a changeset instead of directly update', type: :boolean, default: false
-             end
-             Sumomo.update_stack(name: ARGV[0], changeset: !!local_opts[:changeset], region: global_opts[:region]) do
-               proc = proc {}
-               eval File.read(local_opts[:filename]), proc.binding, local_opts[:filename]
-             end
-           when 'outputs'
-             puts "Outputs for stack #{ARGV[0]}"
-             puts Sumomo.get_stack_outputs(name: ARGV[0], region: global_opts[:region]).to_yaml
-           when 'login'
-             puts "Login to stack #{ARGV[0]} instance at #{ARGV[1]}"
-             `aws s3 cp s3://#{ARGV[0]}/cloudformation/#{ARGV[0]}_master_key.pem x.txt`
-             key = JSON.parse(File.read('x.txt'))['value'].
-              gsub('-----BEGIN RSA PRIVATE KEY----- ', "-----BEGIN RSA PRIVATE KEY-----\n").
-              gsub(' -----END RSA PRIVATE KEY-----', "\n-----END RSA PRIVATE KEY-----").
-              gsub(/(.{64}) /, "\\1\n")
-             File.write('key.pem', key)
-             `chmod 0600 key.pem`
-             exec "ssh -i 'key.pem' ec2-user@#{ARGV[1]} #{ARGV[2]}"
-           when 'testapi'
-             local_opts = Trollop.options do
-               opt :filename, 'File that describes the stack', type: :string, default: 'Sumomofile'
-               opt :apiname, 'Name of the API you want to test', type: :string
-               opt :prettyprint, 'Test API outputs JSON with nice indentation', type: :boolean, default: true
-             end
-             puts 'API Test Mode'
-             Sumomo.test_api(local_opts[:apiname], local_opts[:prettyprint]) do
-               proc = proc {}
-               eval File.read(local_opts[:filename]), proc.binding, local_opts[:filename]
-             end
-             exit(0)
-           else
-             Trollop.die "Unknown subcommand #{cmd.inspect}"
+case cmd
+  when 'delete'
+    Sumomo.delete_stack(name: ARGV[0], region: global_opts[:region])
+  when 'rollback'
+    Sumomo.rollback_stack(name: ARGV[0], region: global_opts[:region])
+  when 'create', 'update', 'show', 'diff'
+    local_opts = Optimist.options do
+      opt :filename, 'File that describes the stack', type: :string, default: 'Sumomofile'
+      opt :changeset, 'Create a changeset instead of directly update', type: :boolean, default: false
+      opt :rollback, 'Specify whether or not to rollback. Allowed values are [enable, disable]', type: :string, default: 'unspecified'
+    end
+    changeset = !!local_opts[:changeset]
+    rollback = local_opts[:rollback].to_sym
+    if rollback == :disable && local_opts[:changeset] == false
+      Optimist.die "Rollback cannot be set to disable when changeset is set to false, because we will end up in an update-failed state"
+    end
+    Sumomo.manage_stack(
+      name: ARGV[0],
+      cmd: cmd,
+      changeset: changeset,
+      region: global_opts[:region],
+      rollback: rollback) do
+      proc = proc {}
+      eval File.read(local_opts[:filename]), proc.binding, local_opts[:filename]
+    end
+  when 'outputs'
+    puts "Outputs for stack #{ARGV[0]}"
+    puts Sumomo.get_stack_outputs(name: ARGV[0], region: global_opts[:region]).to_yaml
+  when 'login'
+    puts "Login to stack #{ARGV[0]} instance at #{ARGV[1]}"
+      `aws s3 cp s3://#{ARGV[0]}/cloudformation/#{ARGV[0]}_master_key.pem x.txt`
+    key = JSON.parse(File.read('x.txt'))['value'].
+      gsub('-----BEGIN RSA PRIVATE KEY----- ', "-----BEGIN RSA PRIVATE KEY-----\n").
+      gsub(' -----END RSA PRIVATE KEY-----', "\n-----END RSA PRIVATE KEY-----").
+      gsub(/(.{64}) /, "\\1\n")
+    File.write('key.pem', key)
+    `chmod 0600 key.pem`
+    exec "ssh -i 'key.pem' ec2-user@#{ARGV[1]} #{ARGV[2]}"
+  when 'testapi'
+    local_opts = Optimist.options do
+      opt :filename, 'File that describes the stack', type: :string, default: 'Sumomofile'
+      opt :apiname, 'Name of the API you want to test', type: :string
+      opt :prettyprint, 'Test API outputs JSON with nice indentation', type: :boolean, default: true
+    end
+    puts 'API Test Mode'
+    Sumomo.test_api(local_opts[:apiname], local_opts[:prettyprint]) do
+      proc = proc {}
+      eval File.read(local_opts[:filename]), proc.binding, local_opts[:filename]
+    end
+    exit(0)
+  else
+    Optimist.die "Unknown subcommand #{cmd.inspect}"
 end
-Sumomo.wait_for_stack(name: ARGV[0], region: global_opts[:region])
+unless %w[show diff].include?(cmd)
+  Sumomo.wait_for_stack(name: ARGV[0], region: global_opts[:region])
+end

data/lib/sumomo/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Sumomo
-  VERSION = '0.9.0'
+  VERSION = '0.10.1'
 end

data/lib/sumomo.rb CHANGED Viewed

@@ -26,17 +26,14 @@ module Sumomo
     "cloudformation/#{make_master_key_name(name: name)}.pem"
   end
-  def self.create_stack(name:, region:, sns_arn: nil, &block)
-    cf = Aws::CloudFormation::Client.new(region: region)
-    begin
-      cf.describe_stacks(stack_name: name)
-      raise "There is already a stack named '#{name}'"
-    rescue Aws::CloudFormation::Errors::ValidationError
-      update_stack(name: name, region: region, sns_arn: sns_arn, &block)
-    end
-  end
+  def self.manage_stack(
+    name:,
+    region:,
+    cmd:'update',
+    sns_arn: nil,
+    rollback: :unspecified,
+    changeset: false, &block)
-  def self.update_stack(name:, region:, sns_arn: nil, changeset: false, &block)
     cf = Aws::CloudFormation::Client.new(region: region)
     s3 = Aws::S3::Client.new(region: region)
     ec2 = Aws::EC2::Client.new(region: region)
@@ -107,9 +104,66 @@ module Sumomo
       hidden_values = @hidden_values
     end.templatize
-    # TODO: if the template is too big, split it into nested templates
+    templatedata = JSON.parse(template)
+    if cmd == 'show'
+      puts templatedata.to_yaml
+      return
+    end
+    if cmd == 'diff'
+      store.set_raw('cloudformation/temporary_template', template)
+      update_options = {
+        stack_name: name,
+        template_url: store.url('cloudformation/temporary_template'),
+        parameters: hidden_values,
+        capabilities: ['CAPABILITY_IAM', 'CAPABILITY_NAMED_IAM']
+      }
+      change_set_name = "CanaryChange#{curtimestr}"
+      puts "Create change set"
+      cf.create_change_set(
+        **update_options,
+        change_set_name: change_set_name
+      )
+      resp = nil
+      puts "Wait for change set"
+      loop do
+        sleep 5
+        resp = cf.describe_change_set({
+          change_set_name: change_set_name,
+          stack_name: name
+        })
+        puts "#{change_set_name} #{resp.status}"
+        break unless resp.status.end_with? 'IN_PROGRESS'
+      end
+      puts "Cleaning up..."
+      cf.delete_change_set({
+        change_set_name: change_set_name,
+        stack_name: name,
+      })
+      puts 'Change list'
+      clist = process_changeset_response(resp)
+      drifts = get_drifts(templatedata, cf, name)
+      # puts clist.to_yaml
+      # puts drifts.to_yaml
+      puts humanize_changeset_response(clist, drifts, templatedata).to_yaml
-    # puts JSON.parse(template).to_yaml
+      return
+    end
+    # TODO: if the template is too big, split it into nested templates
     store.set_raw('cloudformation/template', template)
@@ -117,6 +171,7 @@ module Sumomo
       stack_name: name,
       template_url: store.url('cloudformation/template'),
       parameters: hidden_values,
+      disable_rollback: rollback == :disable,
       capabilities: ['CAPABILITY_IAM', 'CAPABILITY_NAMED_IAM']
     }
@@ -144,6 +199,137 @@ module Sumomo
     end
   end
+  def self.get_drifts(templatedata, cf, stack_name)
+    drifts = {}
+    templatedata['Resources'].each do |k,info|
+      puts "detect drift for #{k}"
+      rd = cf.detect_stack_resource_drift({
+        stack_name: stack_name, # required
+        logical_resource_id: k, # required
+      })
+      diffinfo = {}
+      differences = []
+      rd.stack_resource_drift.property_differences.each do |pd|
+        res = {}
+        %w[property_path expected_value actual_value difference_type].each do |att|
+          res[att] = pd.send(att.to_sym)
+        end
+        differences << res
+      end
+      %w[resource_type expected_properties actual_properties stack_resource_drift_status].each do |key|
+        diffinfo[key] = rd.stack_resource_drift.send(key.to_sym)
+      end
+      diffinfo['differences'] = differences
+      drifts[k] = diffinfo
+    rescue Aws::CloudFormation::Errors::ValidationError => e
+      drifts[k] = {
+        "exception" => e.message
+      }
+    end
+    drifts
+  end
+  def self.process_changeset_response(resp)
+    result = {}
+    resp.changes.each do |change|
+      info = {}
+      %w[action physical_resource_id resource_type replacement].each do |k|
+        info[k] = change.resource_change.send(k.to_sym)
+      end
+      details = []
+      change.resource_change.details.each do |detail|
+        detailinfo = {}
+        %w[attribute name requires_recreation].each do |k|
+          detailinfo[k] = detail.target.send(k.to_sym)
+        end
+        %w[evaluation change_source causing_entity].each do |k|
+          detailinfo[k] = detail.send(k.to_sym)
+        end
+        details << detailinfo
+      end
+      info['details'] = details
+      result[change.resource_change.logical_resource_id] = info
+    end
+    result
+  end
+  def self.humanize_changeset_response(clist, drifts, templatedata)
+    # refs
+    # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudFormation/Types/ResourceChange.html
+    # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudFormation/Types/ResourceTargetDefinition.html
+    result = {}
+    clist.each do |k,info|
+      if info['action'] == 'Modify'
+        z = if info['replacement'] != 'False'
+          result['Replace'] ||= {}
+        else
+          result['Modify'] ||= {}
+        end
+        z[k] = {}
+        info['details'].each do |detail|
+          propname = detail['attribute']
+          if detail['attribute'] == 'Properties'
+            propname = detail['name']
+          end
+          fr = templatedata['Resources'][k]
+          tr = drifts[k]
+          fromprops = fr['Properties']
+          toprops = {}
+          if tr['actual_properties']
+            toprops = JSON.parse(tr['actual_properties'])
+          end
+          z[k][propname] = {
+            'From' => toprops[propname],
+            'To' => fromprops[propname]
+          }
+        end
+      else
+        z = result[info['action']] ||= {}
+        z[k] = {}
+      end
+    end
+    result
+  end
   def self.curtimestr
     Time.now.strftime('%Y%m%d%H%M%S')
   end
@@ -270,6 +456,12 @@ module Sumomo
     end
   end
+  def self.rollback_stack(name:, region:)
+    cf = Aws::CloudFormation::Client.new(region: region)
+    cf.rollback_stack(stack_name: name)
+  end
   def self.get_stack_outputs(name:, region:)
     cf = Aws::CloudFormation::Client.new(region: region)

data/sumomo.gemspec CHANGED Viewed

@@ -38,6 +38,6 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'momo', '0.4.1'
   spec.add_dependency 'rubyzip'
   spec.add_dependency 's3cabinet'
-  spec.add_dependency 'trollop'
+  spec.add_dependency 'optimist'
   spec.add_dependency 'webrick'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sumomo
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.10.1
 platform: ruby
 authors:
 - David Siaw
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-04-27 00:00:00.000000000 Z
+date: 2023-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -151,7 +151,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: trollop
+  name: optimist
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="