swa 0.8.6 → 1.0.0

data/lib/swa/athena/catalog.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 require "swa/record"
 
 module Swa
+
   module Athena
 
     class Catalog < Record
@@ -21,4 +24,5 @@ module Swa
     end
 
   end
+
 end

data/lib/swa/athena/database.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 require "swa/record"
 
 module Swa
+
   module Athena
 
     class Database < Record
@@ -18,4 +21,5 @@ module Swa
     end
 
   end
+
 end

data/lib/swa/athena/query_execution.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 require "swa/record"
 
 module Swa
+
   module Athena
 
     class QueryExecution < Record
@@ -25,4 +28,5 @@ module Swa
     end
 
   end
+
 end

data/lib/swa/athena/work_group.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 require "swa/record"
 
 module Swa
+
   module Athena
 
     class WorkGroup < Record
@@ -20,4 +23,5 @@ module Swa
     end
 
   end
+
 end

data/lib/swa/cli/athena_command.rb

@@ -1,4 +1,7 @@
+# frozen_string_literal: true
+
 require "aws-sdk-athena"
+require "bytesize"
 require "csv"
 require "swa/cli/base_command"
 require "swa/cli/collection_behaviour"
@@ -9,12 +12,13 @@ require "swa/athena/query_execution"
 require "swa/athena/work_group"
 
 module Swa
+
   module CLI
 
     class AthenaCommand < BaseCommand
 
       option "--catalog", "NAME", "Data catalog name", default: "AwsDataCatalog"
-      option %w(--workgroup -W), "NAME", "Workgroup name"
+      option %w[--workgroup -W], "NAME", "Workgroup name"
 
       subcommand "catalogs", "Show catalogs" do
 
@@ -34,8 +38,6 @@ module Swa
 
         include ItemBehaviour
 
-        private
-
         def item
           Swa::Athena::Database.new(
             athena_client.get_database(catalog_name: catalog, database_name: database).database
@@ -48,22 +50,56 @@ module Swa
 
         include CollectionBehaviour
 
-        private
-
         def collection
           query_for(:list_databases, :database_list, Swa::Athena::Database, catalog_name: catalog)
         end
 
       end
 
+      module CanOutputResults
+
+        extend Clamp::Option::Declaration
+
+        option ["--text", "-1"], :flag, "output first column as text"
+
+        def display_query_results(query_results)
+          output_rows(
+            query_results.lazy.flat_map do |results|
+              results.result_set.rows
+            end
+          )
+        end
+
+        def output_rows(rows)
+          if text?
+            output_rows_as_text(rows)
+          else
+            output_rows_as_csv(rows)
+          end
+        end
+
+        def output_rows_as_csv(rows)
+          CSV($stdout.dup) do |csv|
+            rows.each do |row|
+              csv << row.data.map(&:var_char_value)
+            end
+          end
+        end
+
+        def output_rows_as_text(rows)
+          rows.drop(1).each do |row|
+            puts row.data.first.var_char_value
+          end
+        end
+
+      end
+
       subcommand ["execution", "query-execution"], "Inspect query execution" do
 
         parameter "ID", "execution ID", attribute_name: :execution_id
 
         include ItemBehaviour
 
-        private
-
         def item
           Swa::Athena::QueryExecution.new(
             athena_client.get_query_execution(query_execution_id: execution_id).query_execution
@@ -72,9 +108,10 @@ module Swa
 
         subcommand "results", "Show results" do
 
+          include CanOutputResults
+
           def execute
-            query_results = athena_client.get_query_results(query_execution_id: execution_id)
-            output_results_as_csv(query_results.result_set)
+            display_query_results(athena_client.get_query_results(query_execution_id: execution_id))
           end
 
         end
@@ -95,10 +132,28 @@ module Swa
 
         option ["--database", "-D"], "NAME", "Database name"
         option ["--output-location", "-O"], "S3_URL", "S3 output location for query results"
+        option ["--explain", "-E"], :flag, "Explain query"
+        option ["--timeout"], "SECONDS", "Time to wait for completion", default: 120, &method(:Integer)
 
-        parameter "[QUERY]", "SQL query", :default => "STDIN"
+        include CanOutputResults
+
+        parameter "[QUERY]", "SQL query", default: "STDIN"
 
         def execute
+          if explain?
+            self.query = "EXPLAIN #{query}"
+            self.text = true
+          end
+          results, statistics = execute_query(query)
+          show_statistics(statistics)
+          display_query_results(results)
+        end
+
+        def default_query
+          $stdin.read
+        end
+
+        def execute_query(query)
           start_query_response = athena_client.start_query_execution(
             query_execution_context: {
               catalog: catalog,
@@ -110,31 +165,36 @@ module Swa
             },
             work_group: workgroup
           )
-          wait_for_query(start_query_response.query_execution_id)
-          query_results = athena_client.get_query_results(query_execution_id: start_query_response.query_execution_id)
-          if query =~ /\AEXPLAIN/
-            output_explain_result(query_results.result_set)
-          else
-            output_results_as_csv(query_results.result_set)
+          query_execution_id = start_query_response.query_execution_id
+          logger.debug "query_execution_id = #{query_execution_id}"
+          query_still_running = true
+          query_execution_output = wait_for_query(query_execution_id)
+          query_still_running = false
+          results = athena_client.get_query_results(query_execution_id: query_execution_id)
+          [results, query_execution_output.query_execution.statistics]
+        rescue Aws::Waiters::Errors::FailureStateError => e
+          query_still_running = false
+          signal_error e.response.query_execution.status.state_change_reason
+        ensure
+          if query_still_running
+            logger.warn "Cancelling query #{query_execution_id}"
+            athena_client.stop_query_execution(query_execution_id: query_execution_id)
           end
         end
 
-        private
-
-        def default_query
-          $stdin.read
-        end
-
         def wait_for_query(query_execution_id)
-          QueryCompletionWaiter.new(client: athena_client).wait(query_execution_id: query_execution_id)
-        rescue Aws::Waiters::Errors::FailureStateError => error
-          signal_error error.response.query_execution.status.state_change_reason
+          poll_interval = 5
+          max_attempts = timeout / poll_interval
+          QueryCompletionWaiter.new(
+            client: athena_client,
+            max_attempts: max_attempts,
+            delay: poll_interval
+          ).wait(query_execution_id: query_execution_id)
         end
 
-        def output_explain_result(result_set)
-          result_set.rows.drop(1).each do |row|
-            puts row.data.first.var_char_value
-          end
+        def show_statistics(statistics)
+          logger.debug "Total execution time = #{statistics.total_execution_time_in_millis} ms"
+          logger.debug "Data scanned = #{ByteSize.bytes(statistics.data_scanned_in_bytes)}"
         end
 
       end
@@ -143,8 +203,6 @@ module Swa
 
         include CollectionBehaviour
 
-        private
-
         def collection
           query_for(:list_work_groups, :work_groups, Swa::Athena::WorkGroup)
         end
@@ -161,14 +219,6 @@ module Swa
         model.list_from_query(athena_client, query_method, response_key, **query_args)
       end
 
-      def output_results_as_csv(result_set)
-        CSV($stdout.dup) do |csv|
-          result_set.rows.each do |row|
-            csv << row.data.map(&:var_char_value)
-          end
-        end
-      end
-
       class QueryCompletionWaiter
 
         def initialize(options)
@@ -183,19 +233,19 @@ module Swa
                   "matcher" => "path",
                   "argument" => "query_execution.status.state",
                   "expected" => "SUCCEEDED",
-                  "state" => "success",
+                  "state" => "success"
                 },
                 {
                   "matcher" => "path",
                   "argument" => "query_execution.status.state",
                   "expected" => "FAILED",
-                  "state" => "failure",
+                  "state" => "failure"
                 },
                 {
                   "matcher" => "path",
                   "argument" => "query_execution.status.state",
                   "expected" => "CANCELLED",
-                  "state" => "error",
+                  "state" => "error"
                 }
               ]
             )
@@ -211,4 +261,5 @@ module Swa
     end
 
   end
+
 end

data/lib/swa/cli/base_command.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "chronic"
 require "clamp"
 require "console_logger"
@@ -7,26 +9,29 @@ require "swa/cli/data_output"
 require "yaml"
 
 module Swa
+
   module CLI
 
     class BaseCommand < Clamp::Command
 
       option "--region", "REGION", "AWS region"
       option "--access-key", "KEY", "AWS access key",
-             :attribute_name => :access_key_id
+             attribute_name: :access_key_id
       option "--secret-key", "KEY", "AWS secret key",
-             :attribute_name => :secret_access_key
+             attribute_name: :secret_access_key
       option "--session-token", "KEY", "AWS security token",
-             :attribute_name => :session_token
+             attribute_name: :session_token
 
       include DataOutput
 
       option ["--debug"], :flag, "enable debugging"
 
       def run(arguments)
-        super(arguments)
+        super
       rescue Aws::Errors::MissingCredentialsError
         signal_error "no credentials provided"
+      rescue Aws::Errors::InvalidProcessCredentialsPayload => e
+        signal_error e.message
       rescue Aws::Errors::MissingRegionError, Aws::Errors::InvalidRegionError => e
         signal_error e.message
       rescue Aws::Errors::ServiceError => e
@@ -37,6 +42,7 @@ module Swa
 
       def parse_subcommand
         return false unless self.class.has_subcommands?
+
         request_help if subcommand_name == "?"
         super
       end
@@ -47,28 +53,30 @@ module Swa
 
       def aws_config
         {
-          :access_key_id => access_key_id,
-          :secret_access_key => secret_access_key,
-          :session_token => session_token,
-          :region => region,
-          :logger => logger, :log_level => :debug
-        }.reject { |_k, v| v.nil? }
+          access_key_id: access_key_id,
+          secret_access_key: secret_access_key,
+          session_token: session_token,
+          region: region,
+          logger: logger, log_level: :debug
+        }.compact
       end
 
       def parse(arguments)
-        if arguments.first =~ /^(\w+)-[0-9a-f]+$/
-          arguments = [$1] + arguments if self.class.find_subcommand($1)
+        if (arguments.first =~ /^(\w+)-[0-9a-f]+$/) && self.class.find_subcommand(::Regexp.last_match(1))
+          arguments = [::Regexp.last_match(1)] + arguments
         end
-        super(arguments)
+        super
       end
 
       def parse_datetime(datetime_string)
-        result = Chronic.parse(datetime_string, :guess => false, :endian_precedence => :little)
+        result = Chronic.parse(datetime_string, guess: false, endian_precedence: :little)
         raise ArgumentError, "unrecognised date/time #{datetime_string.inspect}" unless result
+
         result
       end
 
     end
 
   end
+
 end

data/lib/swa/cli/cloud_formation_command.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "aws-sdk-cloudformation"
 require "swa/cli/base_command"
 require "swa/cli/collection_behaviour"
@@ -5,6 +7,7 @@ require "swa/cli/item_behaviour"
 require "swa/cloud_formation/stack"
 
 module Swa
+
   module CLI
 
     class CloudFormationCommand < BaseCommand
@@ -23,8 +26,13 @@ module Swa
 
         end
 
-        %w(parameters outputs resources).each do |thing|
-          class_eval <<-RUBY
+        %w[parameters outputs resources].each do |thing|
+          # subcommand "parameters", "Show parameters" do
+          #   def execute
+          #     display_data(stack.parameters)
+          #   end
+          # end
+          class_eval <<-RUBY, __FILE__, __LINE__ + 1 # rubocop:disable Style/DocumentDynamicEvalDefinition
             subcommand "#{thing}", "Show #{thing}" do
               def execute
                 display_data(stack.#{thing})
@@ -47,8 +55,6 @@ module Swa
 
         include CollectionBehaviour
 
-        private
-
         def collection
           query_for(:stacks, Swa::CloudFormation::Stack)
         end
@@ -69,4 +75,5 @@ module Swa
     end
 
   end
+
 end

data/lib/swa/cli/cloudtrail_command.rb

@@ -0,0 +1,130 @@
+# frozen_string_literal: true
+
+require "aws-sdk-cloudtrail"
+require "swa/cli/base_command"
+require "swa/cli/collection_behaviour"
+require "swa/cloud_trail/event"
+
+module Swa
+
+  module CLI
+
+    class CloudtrailCommand < BaseCommand
+
+      subcommand "events", "CloudTrail events" do
+
+        include CollectionBehaviour
+
+        option ["-n", "--max"], "N", "number of events to return", default: 50 do |n|
+          Integer(n)
+        end
+
+        option "--source", "SERVICE", "filter by event source (e.g. kms)" do |value|
+          value = "#{value}.amazonaws.com" unless value.include?(".")
+          compile_pattern(value)
+        end
+
+        option "--name", "EVENT_NAME", "filter by event name (e.g. Decrypt)" do |value|
+          compile_pattern(value)
+        end
+
+        option %w[-a --after], "TIME", "filter events after this time" do |value|
+          parse_datetime(value).end
+        end
+
+        option %w[-b --before], "TIME", "filter events before this time" do |value|
+          parse_datetime(value).begin
+        end
+
+        option "--where", "FIELD=VALUE", "filter by field (can be specified multiple times)",
+               multivalued: true do |spec|
+          field, value = spec.split("=", 2)
+          raise ArgumentError, "invalid --where format, expected FIELD=VALUE" if field.nil? || value.nil?
+
+          { field: field, pattern: compile_pattern(value) }
+        end
+
+        private
+
+        def collection
+          query_args = {}
+
+          # CloudTrail API only supports ONE lookup attribute at a time
+          # Use API filter for exact matches (not patterns with wildcards)
+          if name.is_a?(String)
+            query_args[:lookup_attributes] = [{ attribute_key: "EventName", attribute_value: name }]
+          elsif source.is_a?(String)
+            query_args[:lookup_attributes] = [{ attribute_key: "EventSource", attribute_value: source }]
+          end
+
+          # Add time range filters
+          query_args[:start_time] = after if after
+          query_args[:end_time] = before if before
+
+          events = query_for(:lookup_events, :events, Swa::CloudTrail::Event, **query_args)
+
+          # Apply programmatic filters
+          events = events.select { |event| name === event.event_name } if name # rubocop:disable Style/CaseEquality
+          events = events.select { |event| source === event.event_source } if source # rubocop:disable Style/CaseEquality
+
+          # Apply --where filters
+          if where_list && !where_list.empty?
+            events = events.select do |event|
+              where_list.all? { |condition| matches_where_condition?(event, condition) }
+            end
+          end
+
+          events.take(max)
+        end
+
+        def compile_pattern(value)
+          if value.include?("*") || value.include?("?")
+            # Convert shell-style wildcards to regex
+            regex_pattern = Regexp.escape(value).gsub('\*', ".*").gsub('\?', ".")
+            Regexp.new("^#{regex_pattern}$", Regexp::IGNORECASE)
+          else
+            # Return as string for exact match and API filtering
+            value
+          end
+        end
+
+        def matches_where_condition?(event, condition)
+          field_path = condition[:field]
+          pattern = condition[:pattern]
+
+          # Get the event data as a hash
+          event_data = event.data
+
+          # Extract field value using JMESPath
+          begin
+            field_value = JMESPath.search(field_path, event_data)
+          rescue JMESPath::Errors::SyntaxError
+            signal_error("invalid field path in --where: #{field_path}")
+          end
+
+          # Convert field value to string for matching
+          return false if field_value.nil?
+
+          field_value_str = field_value.to_s
+
+          # Match using pattern (either string or regex)
+          pattern === field_value_str # rubocop:disable Style/CaseEquality
+        end
+
+      end
+
+      protected
+
+      def cloudtrail_client
+        ::Aws::CloudTrail::Client.new(aws_config)
+      end
+
+      def query_for(query_method, response_key, model, **query_args)
+        model.list_from_query(cloudtrail_client, query_method, response_key, **query_args)
+      end
+
+    end
+
+  end
+
+end

data/lib/swa/cli/collection_behaviour.rb

@@ -1,12 +1,14 @@
+# frozen_string_literal: true
+
 require "swa/cli/selector"
 
 module Swa
+
   module CLI
 
     module CollectionBehaviour
 
       def self.included(target)
-
         target.default_subcommand = "summary"
 
         target.subcommand ["summary", "s"], "One-line summary" do
@@ -36,7 +38,6 @@ module Swa
           end
 
         end
-
       end
 
       def selector
@@ -50,4 +51,5 @@ module Swa
     end
 
   end
+
 end

data/lib/swa/cli/data_output.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 require "clamp"
 
 module Swa
+
   module CLI
 
     module DataOutput
@@ -8,9 +11,9 @@ module Swa
       extend Clamp::Option::Declaration
 
       option "--format", "FORMAT", "format for data output",
-             :attribute_name => :output_format,
-             :environment_variable => "SWA_OUTPUT_FORMAT",
-             :default => "YAML"
+             attribute_name: :output_format,
+             environment_variable: "SWA_OUTPUT_FORMAT",
+             default: "YAML"
 
       option ["--json", "-J"], :flag, "output data in JSON format" do
         self.output_format = "JSON"
@@ -22,9 +25,8 @@ module Swa
 
       def output_format=(arg)
         arg = arg.upcase
-        unless %w(JSON YAML).member?(arg)
-          raise ArgumentError, "unrecognised data format: #{arg.inspect}"
-        end
+        raise ArgumentError, "unrecognised data format: #{arg.inspect}" unless %w[JSON YAML].member?(arg)
+
         @output_format = arg
       end
 
@@ -33,7 +35,7 @@ module Swa
       def format_data(data)
         case output_format
         when "JSON"
-          MultiJson.dump(data, :pretty => true)
+          MultiJson.dump(data, pretty: true)
         when "YAML"
           YAML.dump(data)
         else
@@ -42,15 +44,14 @@ module Swa
       end
 
       def display_data(data, jmespath_expression = nil)
-        unless jmespath_expression.nil?
-          data = JMESPath.search(jmespath_expression, data)
-        end
+        data = JMESPath.search(jmespath_expression, data) unless jmespath_expression.nil?
         puts format_data(data)
-      rescue JMESPath::Errors::SyntaxError => e
+      rescue JMESPath::Errors::SyntaxError
         signal_error("invalid JMESPath expression")
       end
 
     end
 
   end
+
 end