RubyGems - terrafying-components - Versions diffs - 1.8.2 → 1.9.0 - Mend

terrafying-components 1.8.2 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/terrafying/components/loadbalancer.rb +31 -13
data/lib/terrafying/components/version.rb +1 -1
data/lib/terrafying/components/vpn.rb +2 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 84fe1be5772c600fc5cf95dc2aae831fc51572aebdc345ee229c72155b36fdf6
-  data.tar.gz: ba036a6d318acbfb6b6a5cd366ee61e1e327098591e10df014b8f18c15432c7f
+  metadata.gz: '08a95565a526f4e5d5a331389ca7ef561a18a152019ea348d8d6a785e88da46e'
+  data.tar.gz: b27f3550689d39722e6e1c16704b72e62e65a66077ab42f64a39e955e24a0ed6
 SHA512:
-  metadata.gz: 2e4d838f52361dccf5c6e41f742083cf36b4f3b0589feb6820bf764f2a12571b953545d6c43bab387e61c33bd659e2113dc578e23b0700dad19d76701594ca4a
-  data.tar.gz: 2cdf632aaf54f93d1d60b46518fe092e81a4aaec076df1ee6933790312bec6a28dba1423d6ade1276ce2dd7920464112f1817494dc32cb4f9968965c75a4c75b
+  metadata.gz: 8f2261b8735c540fae6963fea825c6d1997ec34cd7173224feb9f13af5e25ccb4b11619ec8f3bd230c45da567c986cd8bbbfcd55eba70e844f08b69565d3b396
+  data.tar.gz: 2069b0d8198803f7a4b010d67f391372d6b303031b00cba90664467ba08ca18015a0c44c7a75bf1541faa035284faccb72fc841d8b48af3eaf80bc97f280c5d0

data/lib/terrafying/components/loadbalancer.rb CHANGED Viewed

@@ -63,12 +63,14 @@ module Terrafying
           ports: [],
           public: false,
           subnets: vpc.subnets.fetch(:private, []),
-          tags: {
-            Name: name
-          },
-          hex_ident: false
+          hex_ident: false,
+          tags: {}
         }.merge(options)
+        @tags = {
+          Name: name
+        }.merge(options[:tags])
         @hex_ident = options[:hex_ident]
         @ports = enrich_ports(options[:ports])
@@ -87,7 +89,7 @@ module Terrafying
           @security_group = resource :aws_security_group, ident, {
                                        name: "loadbalancer-#{ident}",
                                        description: "Describe the ingress and egress of the load balancer #{ident}",
-                                       tags: options[:tags].merge(
+                                       tags: @tags.merge(
                                          {
                                            loadbalancer_name: ident,
                                          }
@@ -102,7 +104,7 @@ module Terrafying
           name: ident,
           load_balancer_type: type,
           internal: !options[:public],
-          tags: options[:tags],
+          tags: @tags,
         }.merge(subnets_for(options[:subnets]))
          .merge(application? ? { security_groups: [@security_group] } : {})
@@ -118,13 +120,7 @@ module Terrafying
                                     vpc_id: vpc.id,
                                   }.merge(port.has_key?(:health_check) ? { health_check: port[:health_check] }: {})
-          ssl_options = {}
-          if port.has_key?(:ssl_certificate)
-            ssl_options = {
-              ssl_policy: "ELBSecurityPolicy-2015-05",
-              certificate_arn: port[:ssl_certificate],
-            }
-          end
+          ssl_options = alb_certs(port, port_ident)
           resource :aws_lb_listener, port_ident, {
                      load_balancer_arn: @id,
@@ -148,6 +144,28 @@ module Terrafying
         self
       end
+      def alb_certs(port, port_ident)
+        return {} unless port.key? :ssl_certificate
+        certs = Array(port[:ssl_certificate])
+        default_cert = certs.shift
+        certs.map { |cert| alb_cert(cert, port_ident) }
+        {
+          ssl_policy: 'ELBSecurityPolicy-2016-08',
+          certificate_arn: default_cert
+        }
+      end
+      def alb_cert(cert_arn, port_ident)
+        cert_ident = "#{port_ident}-#{Digest::SHA2.hexdigest(cert_arn)[0..8]}"
+        resource :aws_lb_listener_certificate, cert_ident, {
+          listener_arn:    "${aws_lb_listener.#{port_ident}.arn}",
+          certificate_arn: cert_arn
+        }
+      end
       def application?
         @type == 'application'
       end

data/lib/terrafying/components/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Terrafying
   module Components
-    VERSION = "1.8.2"
+    VERSION = "1.9.0"
   end
 end

data/lib/terrafying/components/vpn.rb CHANGED Viewed

@@ -148,7 +148,7 @@ module Terrafying
         end
         Ignition.container_unit(
-          "openvpn-authz", "quay.io/uswitch/openvpn-authz:stable",
+          "openvpn-authz", "quay.io/uswitch/openvpn-authz:1.1",
           {
             host_networking: true,
             volumes: [
@@ -161,6 +161,7 @@ module Terrafying
             arguments: optional_arguments + [
               "--fqdn #{@fqdn}",
               "--cache /var/openvpn-authz",
+              '--user-header "X-Forwarded-Email"',
               "/etc/ssl/openvpn",
             ],
           }

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: terrafying-components
 version: !ruby/object:Gem::Version
-  version: 1.8.2
+  version: 1.9.0
 platform: ruby
 authors:
 - uSwitch Limited
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-10-19 00:00:00.000000000 Z
+date: 2018-11-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -144,7 +144,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.7
+rubygems_version: 2.7.8
 signing_key:
 specification_version: 4
 summary: No.