terraspace_plugin_aws 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/templates/hcl/project/config/terraform/backend.tf.tt +2 -2
- data/lib/terraspace_plugin_aws.rb +11 -1
- data/lib/terraspace_plugin_aws/autoloader.rb +1 -1
- data/lib/terraspace_plugin_aws/clients.rb +12 -0
- data/lib/terraspace_plugin_aws/interfaces/backend/base.rb +1 -4
- data/lib/terraspace_plugin_aws/interfaces/helper.rb +15 -0
- data/lib/terraspace_plugin_aws/interfaces/helper/secret.rb +18 -0
- data/lib/terraspace_plugin_aws/interfaces/helper/secret_base.rb +13 -0
- data/lib/terraspace_plugin_aws/interfaces/helper/ssm.rb +18 -0
- data/lib/terraspace_plugin_aws/logging.rb +7 -0
- data/lib/terraspace_plugin_aws/version.rb +1 -1
- data/terraspace_plugin_aws.gemspec +2 -0
- metadata +36 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b62c32aa56b1d692d2438f73de9a320cc428b6905b37f622576c0ecb47ae4e08
|
|
4
|
+
data.tar.gz: 4f3e359016f41e102f4666a5494d76114bad4b0e24ea98530dea4167764643c8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2db6fa9293af079f29af0823e77176a26b8b5634bdc03a4cf057add8c5b945b53adf58e48ab5bf84758ad219bff3298428e129545a977db0b7a6e9aff8c53391
|
|
7
|
+
data.tar.gz: bad12d3090b11d5320e0636b3abfd2ad5722963ad48ae7a96f58864e716b1150fbde41bc96ad4da097e9a13cf723333b67bae2f1f8295aae61ef31d15c24d440
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,10 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
|
|
5
5
|
|
|
6
|
+
## [0.3.0] - 2020-11-15
|
|
7
|
+
- [#5](https://github.com/boltops-tools/terraspace_plugin_aws/pull/5) helper and secrets support
|
|
8
|
+
- aws_secret and aws_ssm helpers
|
|
9
|
+
|
|
6
10
|
## [0.2.2]
|
|
7
11
|
- #4 default access logging to false
|
|
8
12
|
- set prefix to @folder for performance improvement
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
terraform {
|
|
2
2
|
backend "s3" {
|
|
3
|
-
bucket = "<%%= expansion('terraform-state-:ACCOUNT-:REGION-:ENV') %>"
|
|
4
|
-
key = "<%%= expansion(':REGION/:ENV/:BUILD_DIR/terraform.tfstate') %>"
|
|
3
|
+
bucket = "<%%= expansion('terraform-state-:ACCOUNT-:REGION-:ENV') %>"
|
|
4
|
+
key = "<%%= expansion(':REGION/:ENV/:BUILD_DIR/terraform.tfstate') %>"
|
|
5
5
|
region = "<%%= expansion(':REGION') %>"
|
|
6
6
|
encrypt = true
|
|
7
7
|
dynamodb_table = "terraform_locks"
|
|
@@ -22,12 +22,22 @@ module TerraspacePluginAws
|
|
|
22
22
|
Interfaces::Config.instance.config
|
|
23
23
|
end
|
|
24
24
|
|
|
25
|
+
@@logger = nil
|
|
26
|
+
def logger
|
|
27
|
+
@@logger ||= Terraspace.logger
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def logger=(v)
|
|
31
|
+
@@logger = v
|
|
32
|
+
end
|
|
33
|
+
|
|
25
34
|
extend self
|
|
26
35
|
end
|
|
27
36
|
|
|
28
37
|
Terraspace::Plugin.register("aws",
|
|
29
38
|
backend: "s3",
|
|
30
39
|
config_class: TerraspacePluginAws::Interfaces::Config,
|
|
31
|
-
|
|
40
|
+
helper_class: TerraspacePluginAws::Interfaces::Helper,
|
|
41
|
+
layer_class: TerraspacePluginAws::Interfaces::Layer,
|
|
32
42
|
root: File.dirname(__dir__),
|
|
33
43
|
)
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
require "aws-sdk-dynamodb"
|
|
2
2
|
require "aws-sdk-s3"
|
|
3
|
+
require "aws-sdk-secretsmanager"
|
|
4
|
+
require "aws-sdk-ssm"
|
|
3
5
|
|
|
4
6
|
module TerraspacePluginAws
|
|
5
7
|
module Clients
|
|
@@ -10,6 +12,16 @@ module TerraspacePluginAws
|
|
|
10
12
|
end
|
|
11
13
|
memoize :s3
|
|
12
14
|
|
|
15
|
+
def secretsmanager
|
|
16
|
+
Aws::SecretsManager::Client.new
|
|
17
|
+
end
|
|
18
|
+
memoize :secretsmanager
|
|
19
|
+
|
|
20
|
+
def ssm
|
|
21
|
+
Aws::SSM::Client.new
|
|
22
|
+
end
|
|
23
|
+
memoize :ssm
|
|
24
|
+
|
|
13
25
|
def dynamodb
|
|
14
26
|
Aws::DynamoDB::Client.new
|
|
15
27
|
end
|
|
@@ -3,13 +3,10 @@ require "s3-secure"
|
|
|
3
3
|
class TerraspacePluginAws::Interfaces::Backend
|
|
4
4
|
class Base
|
|
5
5
|
include TerraspacePluginAws::Clients
|
|
6
|
+
include TerraspacePluginAws::Logging
|
|
6
7
|
|
|
7
8
|
def initialize(info)
|
|
8
9
|
@info = info
|
|
9
10
|
end
|
|
10
|
-
|
|
11
|
-
def logger
|
|
12
|
-
Terraspace.logger
|
|
13
|
-
end
|
|
14
11
|
end
|
|
15
12
|
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
module TerraspacePluginAws::Interfaces
|
|
2
|
+
module Helper
|
|
3
|
+
include Terraspace::Plugin::Helper::Interface
|
|
4
|
+
|
|
5
|
+
def aws_secret(name, options={})
|
|
6
|
+
Secret.new(options).fetch(name)
|
|
7
|
+
end
|
|
8
|
+
cache_helper :aws_secret
|
|
9
|
+
|
|
10
|
+
def aws_ssm(name, options={})
|
|
11
|
+
SSM.new(options).fetch(name)
|
|
12
|
+
end
|
|
13
|
+
cache_helper :aws_ssm
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
module TerraspacePluginAws::Interfaces::Helper
|
|
2
|
+
class Secret < SecretBase
|
|
3
|
+
def fetch(secret_id)
|
|
4
|
+
value = fetch_value(secret_id)
|
|
5
|
+
value = Base64.strict_encode64(value).strip if @base64
|
|
6
|
+
value
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def fetch_value(secret_id)
|
|
10
|
+
secret_value = secretsmanager.get_secret_value(secret_id: secret_id)
|
|
11
|
+
secret_value.secret_string
|
|
12
|
+
rescue Aws::SecretsManager::Errors::ResourceNotFoundException => e
|
|
13
|
+
logger.info "WARN: secret_id #{secret_id} not found".color(:yellow)
|
|
14
|
+
logger.info e.message
|
|
15
|
+
"NOT FOUND #{secret_id}" # simple string so Kubernetes YAML is valid
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
require "base64"
|
|
2
|
+
|
|
3
|
+
module TerraspacePluginAws::Interfaces::Helper
|
|
4
|
+
class SecretBase
|
|
5
|
+
include TerraspacePluginAws::Clients
|
|
6
|
+
include TerraspacePluginAws::Logging
|
|
7
|
+
|
|
8
|
+
def initialize(options={})
|
|
9
|
+
@options = options
|
|
10
|
+
@base64 = options[:base64]
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
module TerraspacePluginAws::Interfaces::Helper
|
|
2
|
+
class SSM < SecretBase
|
|
3
|
+
def fetch(name)
|
|
4
|
+
value = fetch_value(name)
|
|
5
|
+
value = Base64.strict_encode64(value).strip if @base64
|
|
6
|
+
value
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def fetch_value(name)
|
|
10
|
+
resp = ssm.get_parameter(name: name, with_decryption: true)
|
|
11
|
+
resp.parameter.value
|
|
12
|
+
rescue Aws::SSM::Errors::ParameterNotFound => e
|
|
13
|
+
logger.info "WARN: name #{name} not found".color(:yellow)
|
|
14
|
+
logger.info e.message
|
|
15
|
+
"NOT FOUND #{name}" # simple string so tfvars valid
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
@@ -24,6 +24,8 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
|
|
25
25
|
spec.add_dependency "aws-sdk-dynamodb"
|
|
26
26
|
spec.add_dependency "aws-sdk-s3"
|
|
27
|
+
spec.add_dependency "aws-sdk-secretsmanager"
|
|
28
|
+
spec.add_dependency "aws-sdk-ssm"
|
|
27
29
|
spec.add_dependency "aws_data"
|
|
28
30
|
spec.add_dependency "memoist"
|
|
29
31
|
spec.add_dependency "s3-secure"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: terraspace_plugin_aws
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-11-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-dynamodb
|
|
@@ -38,6 +38,34 @@ dependencies:
|
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: aws-sdk-secretsmanager
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ">="
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '0'
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: aws-sdk-ssm
|
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
|
58
|
+
requirements:
|
|
59
|
+
- - ">="
|
|
60
|
+
- !ruby/object:Gem::Version
|
|
61
|
+
version: '0'
|
|
62
|
+
type: :runtime
|
|
63
|
+
prerelease: false
|
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
+
requirements:
|
|
66
|
+
- - ">="
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: '0'
|
|
41
69
|
- !ruby/object:Gem::Dependency
|
|
42
70
|
name: aws_data
|
|
43
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -149,8 +177,13 @@ files:
|
|
|
149
177
|
- lib/terraspace_plugin_aws/interfaces/decorator/aws_security_group.rb
|
|
150
178
|
- lib/terraspace_plugin_aws/interfaces/decorator/base.rb
|
|
151
179
|
- lib/terraspace_plugin_aws/interfaces/expander.rb
|
|
180
|
+
- lib/terraspace_plugin_aws/interfaces/helper.rb
|
|
181
|
+
- lib/terraspace_plugin_aws/interfaces/helper/secret.rb
|
|
182
|
+
- lib/terraspace_plugin_aws/interfaces/helper/secret_base.rb
|
|
183
|
+
- lib/terraspace_plugin_aws/interfaces/helper/ssm.rb
|
|
152
184
|
- lib/terraspace_plugin_aws/interfaces/layer.rb
|
|
153
185
|
- lib/terraspace_plugin_aws/interfaces/summary.rb
|
|
186
|
+
- lib/terraspace_plugin_aws/logging.rb
|
|
154
187
|
- lib/terraspace_plugin_aws/version.rb
|
|
155
188
|
- terraspace_plugin_aws.gemspec
|
|
156
189
|
homepage: https://github.com/boltops-tools/terraspace_plugin_aws
|
|
@@ -173,7 +206,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
173
206
|
- !ruby/object:Gem::Version
|
|
174
207
|
version: '0'
|
|
175
208
|
requirements: []
|
|
176
|
-
rubygems_version: 3.1.
|
|
209
|
+
rubygems_version: 3.1.4
|
|
177
210
|
signing_key:
|
|
178
211
|
specification_version: 4
|
|
179
212
|
summary: Terraspace AWS Plugin
|