terrafying-components 1.11.15 → 1.11.16

data/lib/terrafying/components/endpoint.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 
 require 'terrafying/components/loadbalancer'
 require 'terrafying/components/usable'
@@ -5,16 +6,13 @@ require 'terrafying/components/vpc'
 require 'terrafying/generator'
 
 module Terrafying
-
   module Components
-
     class Endpoint < Terrafying::Context
-
       attr_reader :fqdn, :security_group
 
       include Usable
 
-      def self.create_in(vpc, name, options={})
+      def self.create_in(vpc, name, options = {})
         Endpoint.new.create_in(vpc, name, options)
       end
 
@@ -22,12 +20,12 @@ module Terrafying
         super
       end
 
-      def create_in(vpc, name, options={})
+      def create_in(vpc, name, options = {})
         options = {
           auto_accept: true,
           subnets: vpc.subnets.fetch(:private, []),
           private_dns: false,
-          tags: {},
+          tags: {}
         }.merge(options)
 
         ident = "#{tf_safe(vpc.name)}-#{name}"
@@ -40,70 +38,63 @@ module Terrafying
         elsif options[:service_name]
           service_name = options[:service_name]
 
-          if options[:service_name].start_with?("com.amazonaws")
+          if options[:service_name].start_with?('com.amazonaws')
             @ports = enrich_ports([443])
           else
             endpoint_service = aws.endpoint_service_by_name(options[:service_name])
 
-            target_groups = endpoint_service.network_load_balancer_arns.map { |arn|
+            target_groups = endpoint_service.network_load_balancer_arns.map do |arn|
               aws.target_groups_by_lb(arn)
-            }.flatten
+            end.flatten
 
             @ports = enrich_ports(target_groups.map(&:port))
           end
         elsif options[:source]
-          if options[:source].is_a?(VPC)
-            source = { vpc: options[:source], name: name }
-          else
-            source = options[:source]
-          end
+          source = if options[:source].is_a?(VPC)
+                     { vpc: options[:source], name: name }
+                   else
+                     options[:source]
+                   end
 
           lb = LoadBalancer.find_in(source[:vpc], source[:name])
 
           @ports = lb.ports
           service_name = aws.endpoint_service_by_lb_arn(lb.id).service_name
         else
-          raise "You need to pass either a service_name or source option to create an endpoint"
+          raise 'You need to pass either a service_name or source option to create an endpoint'
         end
 
-        @security_group = resource :aws_security_group, ident, {
-                                     name: "endpoint-#{ident}",
-                                     description: "Describe the ingress and egress of the endpoint #{ident}",
-                                     tags: options[:tags],
-                                     vpc_id: vpc.id,
-                                   }
-
-        resource :aws_vpc_endpoint, ident, {
-                   vpc_id: vpc.id,
-                   service_name: service_name,
-                   vpc_endpoint_type: "Interface",
-                   security_group_ids: [ @security_group ],
-                   auto_accept: options[:auto_accept],
-                   subnet_ids: options[:subnets].map(&:id),
-                   private_dns_enabled: options[:private_dns],
-                 }
-
-        @fqdn = output_of(:aws_vpc_endpoint, ident, "dns_entry.0.dns_name")
+        @security_group = resource :aws_security_group, ident,
+                                   name: "endpoint-#{ident}",
+                                   description: "Describe the ingress and egress of the endpoint #{ident}",
+                                   tags: options[:tags],
+                                   vpc_id: vpc.id
+
+        resource :aws_vpc_endpoint, ident,
+                 vpc_id: vpc.id,
+                 service_name: service_name,
+                 vpc_endpoint_type: 'Interface',
+                 security_group_ids: [@security_group],
+                 auto_accept: options[:auto_accept],
+                 subnet_ids: options[:subnets].map(&:id),
+                 private_dns_enabled: options[:private_dns]
+
+        @fqdn = output_of(:aws_vpc_endpoint, ident, 'dns_entry.0.dns_name')
 
         if options[:service]
           endpoint_service = options[:service]
 
-          record_name = endpoint_service.fqdn.gsub(/.#{endpoint_service.zone.fqdn}$/, "")
+          record_name = endpoint_service.fqdn.gsub(/.#{endpoint_service.zone.fqdn}$/, '')
 
           private_zone = add! Zone.create(endpoint_service.zone.fqdn, vpc: vpc)
           private_zone.add_record(
-            record_name, [@fqdn], type: "CNAME",
-            resource_name: tf_safe("#{@name}-#{endpoint_service.fqdn}"),
+            record_name, [@fqdn], type: 'CNAME',
+                                  resource_name: tf_safe("#{@name}-#{endpoint_service.fqdn}")
           )
-        else
-
         end
 
         self
       end
-
     end
-
   end
-
 end

data/lib/terrafying/components/endpointservice.rb

@@ -1,15 +1,13 @@
+# frozen_string_literal: true
 
 require 'terrafying/generator'
 
 module Terrafying
-
   module Components
-
     class EndpointService < Terrafying::Context
-
       attr_reader :name, :load_balancer, :service_name, :fqdn, :zone
 
-      def self.create_for(load_balancer, name, options={})
+      def self.create_for(load_balancer, name, options = {})
         EndpointService.new.create_for(load_balancer, name, options)
       end
 
@@ -21,20 +19,20 @@ module Terrafying
         super
       end
 
-      def find(service_name)
+      def find(_service_name)
         raise 'unimplemented'
       end
 
-      def create_for(load_balancer, name, options={})
+      def create_for(load_balancer, name, options = {})
         options = {
           acceptance_required: true,
           allowed_principals: [
-            "arn:aws:iam::#{aws.account_id}:root",
-          ],
+            "arn:aws:iam::#{aws.account_id}:root"
+          ]
         }.merge(options)
 
-        if ! load_balancer or load_balancer.type != "network"
-          raise "The load balancer needs to be a network load balancer"
+        if !load_balancer || (load_balancer.type != 'network')
+          raise 'The load balancer needs to be a network load balancer'
         end
 
         @name = name
@@ -43,24 +41,20 @@ module Terrafying
         @fqdn = options[:fqdn]
         @zone = options[:zone]
 
-        resource :aws_vpc_endpoint_service, name, {
-                   acceptance_required: options[:acceptance_required],
-                   allowed_principals: options[:allowed_principals],
-                   network_load_balancer_arns: [load_balancer.id],
-                 }
+        resource :aws_vpc_endpoint_service, name,
+                 acceptance_required: options[:acceptance_required],
+                 allowed_principals: options[:allowed_principals],
+                 network_load_balancer_arns: [load_balancer.id]
 
-        @service_name = output_of(:aws_vpc_endpoint_service, name, "service_name")
+        @service_name = output_of(:aws_vpc_endpoint_service, name, 'service_name')
 
         self
       end
 
-      def expose_in(vpc, options={})
+      def expose_in(vpc, options = {})
         name = options.fetch(:name, @name)
-        add! Endpoint.create_in(vpc, name, options.merge({ service: self }))
+        add! Endpoint.create_in(vpc, name, options.merge(service: self))
       end
-
     end
-
   end
-
 end

data/lib/terrafying/components/ignition.rb

@@ -1,54 +1,49 @@
+# frozen_string_literal: true
+
 require 'erb'
 require 'ostruct'
 
 module Terrafying
-
   module Components
-
     class Ignition
+      UNIT_REQUIRED_KEYS = [:name].freeze
+      FILE_REQUIRED_KEYS = %i[path mode contents].freeze
 
-      UNIT_REQUIRED_KEYS = [:name]
-      FILE_REQUIRED_KEYS = [:path, :mode, :contents]
-
-      def self.container_unit(name, image, options={})
+      def self.container_unit(name, image, options = {})
         options = {
           volumes: [],
           environment_variables: [],
           arguments: [],
           require_units: [],
           host_networking: false,
-          privileged: false,
+          privileged: false
         }.merge(options)
 
         if options[:require_units].count > 0
-          require_units = options[:require_units].join(" ")
-          require = <<EOF
-After=#{require_units}
-Requires=#{require_units}
-EOF
+          require_units = options[:require_units].join(' ')
+          require = <<~EOF
+            After=#{require_units}
+            Requires=#{require_units}
+          EOF
         end
 
         docker_options = []
 
         if options[:environment_variables].count > 0
-          docker_options += options[:environment_variables].map { |var|
+          docker_options += options[:environment_variables].map do |var|
             "-e #{var}"
-          }
+          end
         end
 
         if options[:volumes].count > 0
-          docker_options += options[:volumes].map { |volume|
+          docker_options += options[:volumes].map do |volume|
             "-v #{volume}"
-          }
+          end
         end
 
-        if options[:host_networking]
-          docker_options << "--net=host"
-        end
+        docker_options << '--net=host' if options[:host_networking]
 
-        if options[:privileged]
-          docker_options << "--privileged"
-        end
+        docker_options << '--privileged' if options[:privileged]
 
         docker_options_str = " \\\n" + docker_options.join(" \\\n")
 
@@ -58,60 +53,58 @@ EOF
 
         {
           name: "#{name}.service",
-          contents: <<EOF
-[Install]
-WantedBy=multi-user.target
-
-[Unit]
-Description=#{name}
-#{require}
-
-[Service]
-ExecStartPre=-/usr/bin/docker rm -f #{name}
-ExecStart=/usr/bin/docker run --name #{name} #{docker_options_str} \
-#{image} #{arguments}
-Restart=always
-RestartSec=30
-
-EOF
+          contents: <<~EOF
+            [Install]
+            WantedBy=multi-user.target
+
+            [Unit]
+            Description=#{name}
+            #{require}
+
+            [Service]
+            ExecStartPre=-/usr/bin/docker rm -f #{name}
+            ExecStart=/usr/bin/docker run --name #{name} #{docker_options_str} \
+            #{image} #{arguments}
+            Restart=always
+            RestartSec=30
+
+          EOF
         }
       end
 
-      def self.generate(options={})
+      def self.generate(options = {})
         options = {
           keypairs: [],
           volumes: [],
           files: [],
           units: [],
-          ssh_group: "cloud",
+          networkd_units: [],
+          ssh_group: 'cloud',
           disable_update_engine: false,
-          region: Terrafying::Generator.aws.region,
+          region: Terrafying::Generator.aws.region
         }.merge(options)
 
-        if ! options[:units].all? { |u| UNIT_REQUIRED_KEYS.all? { |key| u.has_key?(key) } }
+        unless options[:units].all? { |u| UNIT_REQUIRED_KEYS.all? { |key| u.key?(key) } }
           raise "All units require the following keys: #{UNIT_REQUIRED_KEYS}"
         end
 
-        if ! options[:units].all? { |u| u.has_key?(:contents) || u.has_key?(:dropins) }
-          raise "All units have to have contents and/or dropins"
+        unless options[:units].all? { |u| u.key?(:contents) || u.key?(:dropins) || u.fetch(:enabled, true) == false || u.fetch(:mask, false) == true }
+          raise 'All enabled unmasked units have to have contents and/or dropins'
         end
 
-        if ! options[:files].all? { |f| FILE_REQUIRED_KEYS.all? { |key| f.has_key?(key) } }
+        unless options[:files].all? { |f| FILE_REQUIRED_KEYS.all? { |key| f.key?(key) } }
           raise "All files require the following keys: #{FILE_REQUIRED_KEYS}"
         end
 
         options[:cas] = options[:keypairs].map { |kp| kp[:ca] }.compact.sort.uniq
 
-        erb_path = File.join(File.dirname(__FILE__), "templates/ignition.yaml")
+        erb_path = File.join(File.dirname(__FILE__), 'templates/ignition.yaml')
         erb = ERB.new(IO.read(erb_path))
 
         yaml = erb.result(OpenStruct.new(options).instance_eval { binding })
 
         Terrafying::Util.to_ignition(yaml)
       end
-
     end
-
   end
-
 end

data/lib/terrafying/components/instance.rb

@@ -1,19 +1,17 @@
+# frozen_string_literal: true
 
 require 'xxhash'
 
 require 'terrafying/components/usable'
 
 module Terrafying
-
   module Components
-
     class Instance < Terrafying::Context
-
       attr_reader :id, :name, :ip_address, :subnet
 
       include Usable
 
-      def self.create_in(vpc, name, options={})
+      def self.create_in(vpc, name, options = {})
         Instance.new.create_in vpc, name, options
       end
 
@@ -21,23 +19,24 @@ module Terrafying
         Instance.new.find_in vpc, name
       end
 
-      def initialize()
+      def initialize
         super
       end
 
-      def find_in(vpc, name)
+      def find_in(_vpc, _name)
         raise 'unimplemented'
       end
 
-      def create_in(vpc, name, options={})
+      def create_in(vpc, name, options = {})
         options = {
           public: false,
-          instance_type: "t2.micro",
+          instance_type: 't2.micro',
+          cpu_credits: 'unlimited',
           instance_profile: nil,
           ports: [],
           tags: {},
           security_groups: [],
-          depends_on: [],
+          depends_on: []
         }.merge(options)
 
         ident = "#{tf_safe(vpc.name)}-#{name}"
@@ -45,34 +44,33 @@ module Terrafying
         @name = name
         @ports = enrich_ports(options[:ports])
 
-        @security_group = resource :aws_security_group, ident, {
-                                     name: "instance-#{ident}",
-                                     description: "Describe the ingress and egress of the instance #{ident}",
-                                     tags: options[:tags],
-                                     vpc_id: vpc.id,
-                                     egress: [
-                                       {
-                                         from_port: 0,
-                                         to_port: 0,
-                                         protocol: -1,
-                                         cidr_blocks: ["0.0.0.0/0"],
-                                       }
-                                     ],
-                                   }
+        @security_group = resource :aws_security_group, ident,
+                                   name: "instance-#{ident}",
+                                   description: "Describe the ingress and egress of the instance #{ident}",
+                                   tags: options[:tags],
+                                   vpc_id: vpc.id,
+                                   egress: [
+                                     {
+                                       from_port: 0,
+                                       to_port: 0,
+                                       protocol: -1,
+                                       cidr_blocks: ['0.0.0.0/0']
+                                     }
+                                   ]
 
         path_mtu_setup!
 
-        if options.has_key? :ip_address
-          lifecycle = {
-            lifecycle: { create_before_destroy: false },
-          }
-        else
-          lifecycle = {
-            lifecycle: { create_before_destroy: true },
-          }
-        end
-
-        if options.has_key? :subnet
+        lifecycle = if options.key? :ip_address
+                      {
+                        lifecycle: { create_before_destroy: false }
+                      }
+                    else
+                      {
+                        lifecycle: { create_before_destroy: true }
+                      }
+                    end
+
+        if options.key? :subnet
           @subnet = options[:subnet]
         else
           subnets = options.fetch(:subnets, vpc.subnets[:private])
@@ -82,27 +80,30 @@ module Terrafying
         end
 
         @id = resource :aws_instance, ident, {
-                         ami: options[:ami],
-                         instance_type: options[:instance_type],
-                         iam_instance_profile: profile_from(options[:instance_profile]),
-                         subnet_id: @subnet.id,
-                         associate_public_ip_address: options[:public],
-                         root_block_device: {
-                           volume_type: 'gp2',
-                           volume_size: 32,
-                         },
-                         tags: {
-                           'Name' => ident,
-                         }.merge(options[:tags]),
-                         vpc_security_group_ids: [
-                           vpc.internal_ssh_security_group,
-                         ].push(*options[:security_groups]),
-                         user_data: options[:user_data],
-                         lifecycle: {
-                           create_before_destroy: true,
-                         },
-                         depends_on: options[:depends_on],
-                       }.merge(options[:ip_address] ? { private_ip: options[:ip_address] } : {}).merge(lifecycle)
+          ami: options[:ami],
+          instance_type: options[:instance_type],
+          credit_specification: {
+            cpu_credits: options[:cpu_credits]
+          },
+          iam_instance_profile: profile_from(options[:instance_profile]),
+          subnet_id: @subnet.id,
+          associate_public_ip_address: options[:public],
+          root_block_device: {
+            volume_type: 'gp2',
+            volume_size: 32
+          },
+          tags: {
+            'Name' => ident
+          }.merge(options[:tags]),
+          vpc_security_group_ids: [
+            vpc.internal_ssh_security_group
+          ].push(*options[:security_groups]),
+          user_data: options[:user_data],
+          lifecycle: {
+            create_before_destroy: true
+          },
+          depends_on: options[:depends_on]
+        }.merge(options[:ip_address] ? { private_ip: options[:ip_address] } : {}).merge(lifecycle)
 
         @ip_address = output_of(:aws_instance, ident, options[:public] ? :public_ip : :private_ip)