terrafying-components 1.11.15 → 1.11.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. checksums.yaml +4 -4
  2. data/lib/hash/merge_with_arrays.rb +2 -0
  3. data/lib/terrafying/components.rb +1 -0
  4. data/lib/terrafying/components/auditd.rb +7 -7
  5. data/lib/terrafying/components/ca.rb +17 -21
  6. data/lib/terrafying/components/dynamicset.rb +103 -116
  7. data/lib/terrafying/components/endpoint.rb +32 -41
  8. data/lib/terrafying/components/endpointservice.rb +15 -21
  9. data/lib/terrafying/components/ignition.rb +42 -49
  10. data/lib/terrafying/components/instance.rb +56 -55
  11. data/lib/terrafying/components/instanceprofile.rb +35 -44
  12. data/lib/terrafying/components/letsencrypt.rb +60 -71
  13. data/lib/terrafying/components/loadbalancer.rb +43 -43
  14. data/lib/terrafying/components/ports.rb +12 -11
  15. data/lib/terrafying/components/prometheus.rb +124 -95
  16. data/lib/terrafying/components/selfsignedca.rb +90 -104
  17. data/lib/terrafying/components/service.rb +41 -51
  18. data/lib/terrafying/components/staticset.rb +58 -68
  19. data/lib/terrafying/components/subnet.rb +21 -31
  20. data/lib/terrafying/components/templates/ignition.yaml +26 -5
  21. data/lib/terrafying/components/usable.rb +78 -92
  22. data/lib/terrafying/components/version.rb +3 -1
  23. data/lib/terrafying/components/vpc.rb +181 -209
  24. data/lib/terrafying/components/vpn.rb +136 -156
  25. data/lib/terrafying/components/zone.rb +38 -48
  26. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 58c1f699ab0be91038f929d5854e26a71354b9c6ffadb58ed943daadef765d05
4
- data.tar.gz: f30533a1ca0987301a3f9eae2149d11a8c11cc0a4c5a554dc57bd7852d9a96dc
3
+ metadata.gz: 9e9121015f6897ad8f1ef2101c0a607af0bbab6101ef5d2b6c2908fe65d3b1e0
4
+ data.tar.gz: 16b0ce21f4a8257f0020dd7120444f334e4fbc85b5c776714261e706932ba3a6
5
5
  SHA512:
6
- metadata.gz: ca44d50f99a394df8d0a6d39e70896078961eef694d6ba7de2a0ceaa02f48529fb0f81d3bbb567c3f23aad284fdf54c56fd58fa30cf2ba4e78f708b4b87f828e
7
- data.tar.gz: f6ee8c6164921993eaac80aeffd04cd7a1f62dfe9fe6c099323b2a1bdbcf147b03a3944cb4c30ef9369174499c68cdb1211423515144c218abbab47cb097c1f8
6
+ metadata.gz: 036c602e8ce1e0ca611c4df369e69c543e18dc49a679da4d245ba0111a9f53e4fb382d520cc432ceb7a3a7e957253e089f87eb52e79b03a1a08fc60ba4162a06
7
+ data.tar.gz: f512360a77ce4ffcc0ac9a507079b2d5b33e70b3b25249c5e98cfff9b81fb6ff8793dee086100f9f773a21974419cec8c21d3677fc9d80913ac6452d0215bf14
data/lib/hash/merge_with_arrays.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class ::Hash
2
4
  def merge_with_arrays_merged(newhash)
3
5
  merge(newhash) do |_key, oldval, newval|
data/lib/terrafying/components.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
 
2
3
  require 'terrafying/components/endpoint'
3
4
  require 'terrafying/components/endpointservice'
data/lib/terrafying/components/auditd.rb CHANGED
@@ -36,14 +36,14 @@ module Terrafying
36
36
 
37
37
  def default_tags
38
38
  {
39
- name: 'tagset_name',
40
- instance_id: 'instance_id',
39
+ name: 'tagset_name',
40
+ instance_id: 'instance_id',
41
41
  instance_type: 'instance_type',
42
- private_ip: 'private_ip',
43
- az: 'availability_zone',
44
- vpc_id: 'vpc_id',
45
- ami_id: 'image_id',
46
- account_id: 'account_id'
42
+ private_ip: 'private_ip',
43
+ az: 'availability_zone',
44
+ vpc_id: 'vpc_id',
45
+ ami_id: 'image_id',
46
+ account_id: 'account_id'
47
47
  }
48
48
  end
49
49
 
data/lib/terrafying/components/ca.rb CHANGED
@@ -1,11 +1,9 @@
1
+ # frozen_string_literal: true
1
2
 
2
3
  module Terrafying
3
-
4
4
  module Components
5
-
6
5
  module CA
7
-
8
- def create_keypair(name, options={})
6
+ def create_keypair(name, options = {})
9
7
  create_keypair_in(self, name, options)
10
8
  end
11
9
 
@@ -18,19 +16,20 @@ module Terrafying
18
16
  end
19
17
 
20
18
  def object_name(name, type)
21
- "#{object_ident(name)}-#{type.to_s}"
19
+ "#{object_ident(name)}-#{type}"
22
20
  end
23
21
 
24
- def object_key(name, type, version='')
25
- if (ca? name)
26
- File.join('', @prefix, @name, "ca.#{type.to_s}")
22
+ def object_key(name, type, version = '')
23
+ if ca? name
24
+ File.join('', @prefix, @name, "ca.#{type}")
27
25
  else
28
- raise "A non-ca object must have a version" if version.empty?
26
+ raise 'A non-ca object must have a version' if version.empty?
27
+
29
28
  File.join('', @prefix, @name, name, version, type.to_s)
30
29
  end
31
30
  end
32
31
 
33
- def object_arn(name, type, version="*")
32
+ def object_arn(name, type, version = '*')
34
33
  key = object_key(name, type, version)
35
34
 
36
35
  "arn:aws:s3:::#{@bucket}#{key}"
@@ -40,7 +39,7 @@ module Terrafying
40
39
  name = object_name(name, type)
41
40
  key = output_of(:aws_s3_bucket_object, name, :key).to_s
42
41
 
43
- File.join("s3://", "#{@bucket}#{key}")
42
+ File.join('s3://', "#{@bucket}#{key}")
44
43
  end
45
44
 
46
45
  def reference_keypair(ctx, name)
@@ -48,27 +47,27 @@ module Terrafying
48
47
  name: name,
49
48
  ca: self,
50
49
  path: {
51
- cert: File.join("/etc/ssl", @name, name, "cert"),
52
- key: File.join("/etc/ssl", @name, name, "key"),
50
+ cert: File.join('/etc/ssl', @name, name, 'cert'),
51
+ key: File.join('/etc/ssl', @name, name, 'key')
53
52
  },
54
53
  source: {
55
54
  cert: object_url(name, :cert),
56
- key: object_url(name, :key),
55
+ key: object_url(name, :key)
57
56
  },
58
57
  resources: [
59
58
  "aws_s3_bucket_object.#{object_name(name, :key)}",
60
59
  "aws_s3_bucket_object.#{object_name(name, :cert)}"
61
60
  ],
62
61
  iam_statement: {
63
- Effect: "Allow",
62
+ Effect: 'Allow',
64
63
  Action: [
65
- "s3:GetObjectAcl",
66
- "s3:GetObject",
64
+ 's3:GetObjectAcl',
65
+ 's3:GetObject'
67
66
  ],
68
67
  Resource: [
69
68
  object_arn(@name, :cert),
70
69
  object_arn(name, :cert),
71
- object_arn(name, :key),
70
+ object_arn(name, :key)
72
71
  ]
73
72
  }
74
73
  }
@@ -83,9 +82,6 @@ module Terrafying
83
82
  def <=>(other)
84
83
  @name <=> other.name
85
84
  end
86
-
87
85
  end
88
-
89
86
  end
90
-
91
87
  end
data/lib/terrafying/components/dynamicset.rb CHANGED
@@ -1,19 +1,17 @@
1
+ # frozen_string_literal: true
1
2
 
2
3
  require 'terrafying/components/usable'
3
4
 
4
5
  require_relative './ports'
5
6
 
6
7
  module Terrafying
7
-
8
8
  module Components
9
-
10
9
  class DynamicSet < Terrafying::Context
11
-
12
10
  attr_reader :name, :stack, :asg
13
11
 
14
12
  include Usable
15
13
 
16
- def self.create_in(vpc, name, options={})
14
+ def self.create_in(vpc, name, options = {})
17
15
  DynamicSet.new.create_in vpc, name, options
18
16
  end
19
17
 
@@ -21,7 +19,7 @@ module Terrafying
21
19
  DynamicSet.new.find_in vpc, name
22
20
  end
23
21
 
24
- def initialize()
22
+ def initialize
25
23
  super
26
24
  end
27
25
 
@@ -31,11 +29,11 @@ module Terrafying
31
29
  self
32
30
  end
33
31
 
34
- def create_in(vpc, name, options={})
32
+ def create_in(vpc, name, options = {})
35
33
  options = {
36
34
  public: false,
37
- ami: aws.ami("base-image-24b8d5fb", owners=["136393635417"]),
38
- instance_type: "t2.micro",
35
+ ami: aws.ami('base-image-24b8d5fb', owners = ['136393635417']),
36
+ instance_type: 't2.micro',
39
37
  instances: { min: 1, max: 1, desired: 1, tags: {} },
40
38
  ports: [],
41
39
  instance_profile: nil,
@@ -44,7 +42,7 @@ module Terrafying
44
42
  ssh_group: vpc.ssh_group,
45
43
  subnets: vpc.subnets.fetch(:private, []),
46
44
  depends_on: [],
47
- rolling_update: :simple,
45
+ rolling_update: :simple
48
46
  }.merge(options)
49
47
 
50
48
  ident = "#{tf_safe(vpc.name)}-#{name}"
@@ -52,37 +50,35 @@ module Terrafying
52
50
  @name = ident
53
51
  @ports = enrich_ports(options[:ports])
54
52
 
55
- @security_group = resource :aws_security_group, ident, {
56
- name: "dynamicset-#{ident}",
57
- description: "Describe the ingress and egress of the service #{ident}",
58
- tags: options[:tags],
59
- vpc_id: vpc.id
60
- }
53
+ @security_group = resource :aws_security_group, ident,
54
+ name: "dynamicset-#{ident}",
55
+ description: "Describe the ingress and egress of the service #{ident}",
56
+ tags: options[:tags],
57
+ vpc_id: vpc.id
61
58
 
62
59
  default_egress_rule(ident, @security_group)
63
60
 
64
61
  path_mtu_setup!
65
62
 
66
- launch_config = resource :aws_launch_configuration, ident, {
67
- name_prefix: "#{ident}-",
68
- image_id: options[:ami],
69
- instance_type: options[:instance_type],
70
- user_data: options[:user_data],
71
- iam_instance_profile: profile_from(options[:instance_profile]),
72
- associate_public_ip_address: options[:public],
73
- root_block_device: {
74
- volume_type: 'gp2',
75
- volume_size: 32,
76
- },
77
- security_groups: [
78
- vpc.internal_ssh_security_group,
79
- @security_group,
80
- ].push(*options[:security_groups]),
81
- lifecycle: {
82
- create_before_destroy: true,
83
- },
84
- depends_on: resource_name_from(options[:instance_profile]),
85
- }
63
+ launch_config = resource :aws_launch_configuration, ident,
64
+ name_prefix: "#{ident}-",
65
+ image_id: options[:ami],
66
+ instance_type: options[:instance_type],
67
+ user_data: options[:user_data],
68
+ iam_instance_profile: profile_from(options[:instance_profile]),
69
+ associate_public_ip_address: options[:public],
70
+ root_block_device: {
71
+ volume_type: 'gp2',
72
+ volume_size: 32
73
+ },
74
+ security_groups: [
75
+ vpc.internal_ssh_security_group,
76
+ @security_group
77
+ ].push(*options[:security_groups]),
78
+ lifecycle: {
79
+ create_before_destroy: true
80
+ },
81
+ depends_on: resource_name_from(options[:instance_profile])
86
82
 
87
83
  if options[:instances][:track]
88
84
  instances = instances_by_tags(Name: ident)
@@ -91,26 +87,25 @@ module Terrafying
91
87
  end
92
88
  end
93
89
 
94
- if options.has_key?(:health_check)
95
- raise 'Health check needs a type and grace_period' if ! options[:health_check].has_key?(:type) and ! options[:health_check].has_key?(:grace_period)
90
+ if options.key?(:health_check)
91
+ raise 'Health check needs a type and grace_period' if !options[:health_check].key?(:type) && !options[:health_check].key?(:grace_period)
96
92
  else
97
93
  options = {
98
94
  health_check: {
99
- type: "EC2",
95
+ type: 'EC2',
100
96
  grace_period: 0
101
- },
97
+ }
102
98
  }.merge(options)
103
99
  end
104
- tags = { Name: ident, service_name: name,}.merge(options[:tags]).merge(options[:instances].fetch(:tags, {})).map { |k,v| { Key: k, Value: v, PropagateAtLaunch: true }}
100
+ tags = { Name: ident, service_name: name }.merge(options[:tags]).merge(options[:instances].fetch(:tags, {})).map { |k, v| { Key: k, Value: v, PropagateAtLaunch: true } }
105
101
 
106
- resource :aws_cloudformation_stack, ident, {
107
- name: ident,
108
- disable_rollback: true,
109
- template_body: generate_template(
110
- options[:health_check], options[:instances], launch_config,
111
- options[:subnets].map(&:id), tags, options[:rolling_update]
112
- ),
113
- }
102
+ resource :aws_cloudformation_stack, ident,
103
+ name: ident,
104
+ disable_rollback: true,
105
+ template_body: generate_template(
106
+ options[:health_check], options[:instances], launch_config,
107
+ options[:subnets].map(&:id), tags, options[:rolling_update]
108
+ )
114
109
 
115
110
  @stack = "arn:aws:cloudformation:#{aws.region}:#{aws.account_id}:stack/#{ident}/*"
116
111
 
@@ -119,16 +114,14 @@ module Terrafying
119
114
  self
120
115
  end
121
116
 
122
-
123
117
  def default_egress_rule(ident, security_group)
124
- resource :aws_security_group_rule, "#{ident}-default-egress", {
125
- security_group_id: security_group,
126
- type: 'egress',
127
- from_port: 0,
128
- to_port: 0,
129
- protocol: -1,
130
- cidr_blocks: ['0.0.0.0/0'],
131
- }
118
+ resource :aws_security_group_rule, "#{ident}-default-egress",
119
+ security_group_id: security_group,
120
+ type: 'egress',
121
+ from_port: 0,
122
+ to_port: 0,
123
+ protocol: -1,
124
+ cidr_blocks: ['0.0.0.0/0']
132
125
  end
133
126
 
134
127
  def profile_from(profile)
@@ -140,14 +133,13 @@ module Terrafying
140
133
  end
141
134
 
142
135
  def attach_load_balancer(load_balancer)
143
- load_balancer.targets.each.with_index { |target, i|
144
- resource :aws_autoscaling_attachment, "#{load_balancer.name}-#{@name}-#{i}", {
145
- autoscaling_group_name: @asg,
146
- alb_target_group_arn: target.target_group
147
- }
148
- }
136
+ load_balancer.targets.each.with_index do |target, i|
137
+ resource :aws_autoscaling_attachment, "#{load_balancer.name}-#{@name}-#{i}",
138
+ autoscaling_group_name: @asg,
139
+ alb_target_group_arn: target.target_group
140
+ end
149
141
 
150
- self.used_by(load_balancer) if load_balancer.application?
142
+ used_by(load_balancer) if load_balancer.application?
151
143
  end
152
144
 
153
145
  def autoscale_on_load_balancer(load_balancer, target_value:, disable_scale_in:)
@@ -158,54 +150,53 @@ module Terrafying
158
150
  listener = "aws_lb_listener.#{target.listener.to_s.split('.')[1]}"
159
151
  autoscaling_attachment = "aws_autoscaling_attachment.#{policy_name}"
160
152
 
161
- resource :aws_autoscaling_policy, policy_name, {
162
- name: policy_name,
163
- autoscaling_group_name: @asg,
164
- policy_type: 'TargetTrackingScaling',
165
- target_tracking_configuration: {
166
- predefined_metric_specification: {
167
- predefined_metric_type: 'ALBRequestCountPerTarget',
168
- resource_label: "#{lb_arn}/#{tg_arn}"
169
- },
170
- target_value: target_value,
171
- disable_scale_in: disable_scale_in
172
- },
173
- depends_on: [listener, autoscaling_attachment]
174
- }
153
+ resource :aws_autoscaling_policy, policy_name,
154
+ name: policy_name,
155
+ autoscaling_group_name: @asg,
156
+ policy_type: 'TargetTrackingScaling',
157
+ target_tracking_configuration: {
158
+ predefined_metric_specification: {
159
+ predefined_metric_type: 'ALBRequestCountPerTarget',
160
+ resource_label: "#{lb_arn}/#{tg_arn}"
161
+ },
162
+ target_value: target_value,
163
+ disable_scale_in: disable_scale_in
164
+ },
165
+ depends_on: [listener, autoscaling_attachment]
175
166
  end
176
167
  end
177
168
 
178
- def generate_template(health_check, instances, launch_config, subnets,tags, rolling_update)
169
+ def generate_template(health_check, instances, launch_config, subnets, tags, rolling_update)
179
170
  template = {
180
171
  Resources: {
181
172
  AutoScalingGroup: {
182
- Type: "AWS::AutoScaling::AutoScalingGroup",
173
+ Type: 'AWS::AutoScaling::AutoScalingGroup',
183
174
  Properties: {
184
- Cooldown: "300",
185
- HealthCheckType: "#{health_check[:type]}",
175
+ Cooldown: '300',
176
+ HealthCheckType: (health_check[:type]).to_s,
186
177
  HealthCheckGracePeriod: health_check[:grace_period],
187
- LaunchConfigurationName: "#{launch_config}",
178
+ LaunchConfigurationName: launch_config.to_s,
188
179
  MetricsCollection: [
189
180
  {
190
- Granularity: "1Minute",
191
- Metrics: [
192
- "GroupMinSize",
193
- "GroupMaxSize",
194
- "GroupDesiredCapacity",
195
- "GroupInServiceInstances",
196
- "GroupPendingInstances",
197
- "GroupStandbyInstances",
198
- "GroupTerminatingInstances",
199
- "GroupTotalInstances"
181
+ Granularity: '1Minute',
182
+ Metrics: %w[
183
+ GroupMinSize
184
+ GroupMaxSize
185
+ GroupDesiredCapacity
186
+ GroupInServiceInstances
187
+ GroupPendingInstances
188
+ GroupStandbyInstances
189
+ GroupTerminatingInstances
190
+ GroupTotalInstances
200
191
  ]
201
- },
192
+ }
202
193
  ],
203
194
  MaxSize: instances[:max].to_s,
204
195
  MinSize: instances[:min].to_s,
205
196
  DesiredCapacity: instances[:desired] ? instances[:desired].to_s : nil,
206
197
  Tags: tags,
207
198
  TerminationPolicies: [
208
- "Default"
199
+ 'Default'
209
200
  ],
210
201
  VPCZoneIdentifier: subnets
211
202
  }.compact
@@ -213,31 +204,31 @@ module Terrafying
213
204
  },
214
205
  Outputs: {
215
206
  AsgName: {
216
- Description: "The name of the auto scaling group",
207
+ Description: 'The name of the auto scaling group',
217
208
  Value: {
218
- Ref: "AutoScalingGroup",
219
- },
220
- },
221
- },
209
+ Ref: 'AutoScalingGroup'
210
+ }
211
+ }
212
+ }
222
213
  }
223
214
 
224
215
  if rolling_update == :signal
225
216
  template[:Resources][:AutoScalingGroup][:UpdatePolicy] = {
226
217
  AutoScalingRollingUpdate: {
227
- MinInstancesInService: "#{instances[:desired]}",
228
- MaxBatchSize: "#{instances[:desired]}",
229
- PauseTime: "PT10M",
218
+ MinInstancesInService: (instances[:desired]).to_s,
219
+ MaxBatchSize: (instances[:desired]).to_s,
220
+ PauseTime: 'PT10M',
230
221
  WaitOnResourceSignals: true,
231
- SuspendProcesses: %w[HealthCheck ReplaceUnhealthy AZRebalance AlarmNotification ScheduledActions],
222
+ SuspendProcesses: %w[HealthCheck ReplaceUnhealthy AZRebalance AlarmNotification ScheduledActions]
232
223
  }
233
224
  }
234
225
  elsif rolling_update
235
226
  template[:Resources][:AutoScalingGroup][:UpdatePolicy] = {
236
227
  AutoScalingRollingUpdate: {
237
- MinInstancesInService: "#{instances[:min]}",
238
- MaxBatchSize: "1",
239
- PauseTime: "PT0S",
240
- SuspendProcesses: %w[HealthCheck ReplaceUnhealthy AZRebalance AlarmNotification ScheduledActions],
228
+ MinInstancesInService: (instances[:min]).to_s,
229
+ MaxBatchSize: '1',
230
+ PauseTime: 'PT0S',
231
+ SuspendProcesses: %w[HealthCheck ReplaceUnhealthy AZRebalance AlarmNotification ScheduledActions]
241
232
  }
242
233
  }
243
234
  end
@@ -249,24 +240,20 @@ module Terrafying
249
240
  begin
250
241
  asgs = aws.asgs_by_tags(tags)
251
242
 
252
- if asgs.count != 1
253
- raise "Didn't find only one ASG :("
254
- end
243
+ raise "Didn't find only one ASG :(" if asgs.count != 1
255
244
 
256
245
  instances = {
257
246
  min: asgs[0].min_size,
258
247
  max: asgs[0].max_size,
259
- desired: asgs[0].desired_capacity,
248
+ desired: asgs[0].desired_capacity
260
249
  }
261
- rescue RuntimeError => err
262
- $stderr.puts("instances_by_tags: #{err}")
250
+ rescue RuntimeError => e
251
+ warn("instances_by_tags: #{e}")
263
252
  instances = nil
264
253
  end
265
254
 
266
255
  instances
267
256
  end
268
257
  end
269
-
270
258
  end
271
-
272
259
  end