sumomo 0.9.0 → 0.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '073782fdfbe69977c7593b76415797b035764772302b35c50ccf69533324c875'
-  data.tar.gz: 1efbe5244de1bf4cd3c8ff6faf18a3b3bbda9b4137297c1ba6d1349553ea60a9
+  metadata.gz: 346a647def575daedb5dc3e3eba04a73024c441be3ae92740cf9edb668992e44
+  data.tar.gz: 379cbf589f7ace6b8da717054ab71754604ed6b863808aadf3b6996a18df292f
 SHA512:
-  metadata.gz: 9ee43afb24863f75a9d421d116e696e410ad90c2cdb15e1bd353c05bcde3d6ef08a69055ede03b3ad62f87c0483196a643029839afe255266292d7a5371957b1
-  data.tar.gz: 92f385cc371f99e5201540d9fecc75f6a66ced34b75d3c397bbc85706c1ab00d72e25651d56d30402549994ad4fb6f3b6d4f03df9edcfb0f4c794af036d9f5f9
+  metadata.gz: a0cd59b9b12bf2ec4e1b968f37962c505e9c9e6b7e47ed8846ad7af3737c162f5947bd4e01bfa1cdddfd4d347c378803db10c25ceadf56c5d7d31e0cecbe6b26
+  data.tar.gz: ed8757d5ca20a22791c1ded35a453ffd00f51260e6f5a96fb38adc9cc55df4617d30dbfa4a83bad353d2758bdc1232f51183e1bdbf09591c6142f6e92d98ff84

data/README.md

@@ -40,19 +40,28 @@ output "Haha", x
 
 To create a stack that acquires an IP Address and outputs it
 
-	$ sumomo create mystack
+    $ sumomo create mystack
 
 To view a stack's outputs
 
-	$ sumomo outputs mystack
+    $ sumomo outputs mystack
 
 To update a stack
 
-	$ sumomo update mystack
+    $ sumomo update mystack
 
 To delete a stack
 
-	$ sumomo delete mystack
+    $ sumomo delete mystack
+
+To view what changes your stuff will cause to your stack
+
+    $ sumomo diff mystack
+
+To see the raw cloudformation template
+
+    $ sumomo show mystack
+
 
 ## Library Usage
 

data/data/sumomo/custom_resources/TempS3Bucket.js

@@ -2,6 +2,7 @@ var s3 = new aws.S3();
 var name = request.ResourceProperties.BucketName;
 var copy_from_dir = request.ResourceProperties.CopyFromDirectory;
 var copy_from_bucket = request.ResourceProperties.CopyFromBucket;
+var disable_acl = request.ResourceProperties.DisableACL;
 var success_obj = {
   Arn: "arn:aws:s3:::" + name,
   DomainName: name + ".s3-" + request.ResourceProperties.Region + ".amazonaws.com"
@@ -72,6 +73,38 @@ function copy_files(success, fail)
   );
 }
 
+function apply_ownership_policy(name, success, fail)
+{
+  if (disable_acl)
+  {
+    // ACL is disabled by default, so we simply skip this step.
+    return copy_files(success, fail);
+  }
+
+  var params = {
+    Bucket: name,
+    OwnershipControls: {
+      Rules: [
+        {
+          ObjectOwnership: "BucketOwnerPreferred"
+        }
+      ]
+    }
+  };
+
+  s3.putBucketOwnershipControls(params, function(err, data)
+  {
+    if (err)
+    {
+      fail(err);
+    }
+    else
+    {
+      copy_files(success, fail);
+    }
+  });
+}
+
 function create_bucket(name, success, fail)
 {
   var create_params = {
@@ -89,7 +122,7 @@ function create_bucket(name, success, fail)
     }
     else
     {
-      copy_files(success, fail);
+      apply_ownership_policy(name, success, fail);
     }
   });
 }

data/exe/sumomo

@@ -5,12 +5,12 @@ require 'trollop'
 require 'sumomo'
 require 'yaml'
 
-SUB_COMMANDS = %w[delete create update outputs testapi].freeze
+SUB_COMMANDS = %w[delete create update outputs show diff testapi].freeze
 global_opts = Trollop.options do
   banner <<-USAGE
   Sumomo v#{Sumomo::VERSION}
 
-  Usage: sumomo [options] <create|update|delete|outputs> <stackname>
+  Usage: sumomo [options] <#{SUB_COMMANDS.join('|')}> <stackname>
   USAGE
 
   opt :region, 'AWS region to use', type: :string, default: 'ap-northeast-1'
@@ -30,21 +30,12 @@ cmd_opts = case cmd
            when 'delete'
              Sumomo.delete_stack(name: ARGV[0], region: global_opts[:region])
 
-           when 'create'
-             local_opts = Trollop.options do
-               opt :filename, 'File that describes the stack', type: :string, default: 'Sumomofile'
-             end
-             Sumomo.create_stack(name: ARGV[0], region: global_opts[:region]) do
-               proc = proc {}
-               eval File.read(local_opts[:filename]), proc.binding, local_opts[:filename]
-             end
-
-           when 'update'
+           when 'create', 'update', 'show', 'diff'
              local_opts = Trollop.options do
                opt :filename, 'File that describes the stack', type: :string, default: 'Sumomofile'
                opt :changeset, 'Create a changeset instead of directly update', type: :boolean, default: false
              end
-             Sumomo.update_stack(name: ARGV[0], changeset: !!local_opts[:changeset], region: global_opts[:region]) do
+             Sumomo.manage_stack(name: ARGV[0], cmd: cmd, changeset: !!local_opts[:changeset], region: global_opts[:region]) do
                proc = proc {}
                eval File.read(local_opts[:filename]), proc.binding, local_opts[:filename]
              end
@@ -80,4 +71,6 @@ cmd_opts = case cmd
              Trollop.die "Unknown subcommand #{cmd.inspect}"
 end
 
-Sumomo.wait_for_stack(name: ARGV[0], region: global_opts[:region])
+unless %w[show diff].include?(cmd)
+  Sumomo.wait_for_stack(name: ARGV[0], region: global_opts[:region])
+end

data/lib/sumomo/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Sumomo
-  VERSION = '0.9.0'
+  VERSION = '0.10.0'
 end

data/lib/sumomo.rb

@@ -26,17 +26,7 @@ module Sumomo
     "cloudformation/#{make_master_key_name(name: name)}.pem"
   end
 
-  def self.create_stack(name:, region:, sns_arn: nil, &block)
-    cf = Aws::CloudFormation::Client.new(region: region)
-    begin
-      cf.describe_stacks(stack_name: name)
-      raise "There is already a stack named '#{name}'"
-    rescue Aws::CloudFormation::Errors::ValidationError
-      update_stack(name: name, region: region, sns_arn: sns_arn, &block)
-    end
-  end
-
-  def self.update_stack(name:, region:, sns_arn: nil, changeset: false, &block)
+  def self.manage_stack(name:, region:, cmd:'update', sns_arn: nil, changeset: false, &block)
     cf = Aws::CloudFormation::Client.new(region: region)
     s3 = Aws::S3::Client.new(region: region)
     ec2 = Aws::EC2::Client.new(region: region)
@@ -107,9 +97,66 @@ module Sumomo
       hidden_values = @hidden_values
     end.templatize
 
-    # TODO: if the template is too big, split it into nested templates
+    templatedata = JSON.parse(template)
+
+    if cmd == 'show'
+      puts templatedata.to_yaml
+      return
+    end
+
+    if cmd == 'diff'
+      store.set_raw('cloudformation/temporary_template', template)
+      update_options = {
+        stack_name: name,
+        template_url: store.url('cloudformation/temporary_template'),
+        parameters: hidden_values,
+        capabilities: ['CAPABILITY_IAM', 'CAPABILITY_NAMED_IAM']
+      }
+
+      change_set_name = "CanaryChange#{curtimestr}"
+
+      puts "Create change set"
+
+      cf.create_change_set(
+        **update_options,
+        change_set_name: change_set_name
+      )
+
+      resp = nil
+
+      puts "Wait for change set"
+
+      loop do
+        sleep 5
+        resp = cf.describe_change_set({
+          change_set_name: change_set_name,
+          stack_name: name
+        })
+        puts "#{change_set_name} #{resp.status}"
+
+        break unless resp.status.end_with? 'IN_PROGRESS'
+      end
+
+      puts "Cleaning up..."
+
+      cf.delete_change_set({
+        change_set_name: change_set_name,
+        stack_name: name,
+      })
+
+      puts 'Change list'
+
+      clist = process_changeset_response(resp)
+      drifts = get_drifts(templatedata, cf, name)
 
-    # puts JSON.parse(template).to_yaml
+      # puts clist.to_yaml
+      # puts drifts.to_yaml
+      puts humanize_changeset_response(clist, drifts, templatedata).to_yaml
+
+      return
+    end
+
+    # TODO: if the template is too big, split it into nested templates
 
     store.set_raw('cloudformation/template', template)
 
@@ -144,6 +191,137 @@ module Sumomo
     end
   end
 
+  def self.get_drifts(templatedata, cf, stack_name)
+    drifts = {}
+
+    templatedata['Resources'].each do |k,info|
+      puts "detect drift for #{k}"
+
+      rd = cf.detect_stack_resource_drift({
+        stack_name: stack_name, # required
+        logical_resource_id: k, # required
+      })
+
+      diffinfo = {}
+      differences = []
+
+      rd.stack_resource_drift.property_differences.each do |pd|
+        res = {}
+
+        %w[property_path expected_value actual_value difference_type].each do |att|
+          res[att] = pd.send(att.to_sym)
+        end
+
+        differences << res
+      end
+
+      %w[resource_type expected_properties actual_properties stack_resource_drift_status].each do |key|
+        diffinfo[key] = rd.stack_resource_drift.send(key.to_sym)
+      end
+
+      diffinfo['differences'] = differences
+
+      drifts[k] = diffinfo
+
+    rescue Aws::CloudFormation::Errors::ValidationError => e
+      drifts[k] = {
+        "exception" => e.message
+      }
+
+    end
+
+    drifts
+  end
+
+  def self.process_changeset_response(resp)
+    result = {}
+
+    resp.changes.each do |change|
+      info = {}
+
+      %w[action physical_resource_id resource_type replacement].each do |k|
+        info[k] = change.resource_change.send(k.to_sym)
+      end
+
+      details = []
+
+      change.resource_change.details.each do |detail|
+
+        detailinfo = {}
+
+        %w[attribute name requires_recreation].each do |k|
+          detailinfo[k] = detail.target.send(k.to_sym)
+        end
+
+        %w[evaluation change_source causing_entity].each do |k|
+          detailinfo[k] = detail.send(k.to_sym)
+        end
+
+        details << detailinfo
+      end
+
+      info['details'] = details
+
+      result[change.resource_change.logical_resource_id] = info
+    end
+
+    result
+  end
+
+  def self.humanize_changeset_response(clist, drifts, templatedata)
+    # refs
+    # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudFormation/Types/ResourceChange.html
+    # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudFormation/Types/ResourceTargetDefinition.html
+
+    result = {}
+
+    clist.each do |k,info|
+
+      if info['action'] == 'Modify'
+
+        z = if info['replacement'] != 'False'
+          result['Replace'] ||= {}
+        else
+          result['Modify'] ||= {}
+        end
+
+        z[k] = {}
+
+        info['details'].each do |detail|
+
+          propname = detail['attribute'] 
+          if detail['attribute'] == 'Properties'
+            propname = detail['name']
+          end
+
+          fr = templatedata['Resources'][k]
+          tr = drifts[k]
+
+          fromprops = fr['Properties']
+          toprops = {}
+
+          if tr['actual_properties']
+            toprops = JSON.parse(tr['actual_properties'])
+          end
+
+
+          z[k][propname] = {
+            'From' => toprops[propname],
+            'To' => fromprops[propname]
+          }
+        end
+      else
+        z = result[info['action']] ||= {}
+
+        z[k] = {}
+      end
+
+    end
+
+    result
+
+  end
+
   def self.curtimestr
     Time.now.strftime('%Y%m%d%H%M%S')
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sumomo
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.10.0
 platform: ruby
 authors:
 - David Siaw
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-04-27 00:00:00.000000000 Z
+date: 2023-06-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler