terraspace_plugin_azurerm 0.3.3 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +2 -0
- data/lib/terraspace_plugin_azurerm/clients/options.rb +1 -13
- data/lib/terraspace_plugin_azurerm/clients/storage.rb +4 -6
- data/lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb +1 -0
- data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb +40 -2
- data/lib/terraspace_plugin_azurerm/interfaces/config.rb +22 -0
- data/lib/terraspace_plugin_azurerm/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8c595d865e64d26fdc4fa827ef247aae21266701bdf2afcf5438c6458d50d96e
|
|
4
|
+
data.tar.gz: a3bdfe44206f463c945d5f416c81529d77c9507b676f27654b1071aa6da0c7fd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 67fdfe608c63b99cea0b1dfa29cc131c68df2b8651428800fb9d085aba3747bd99d29757551b74828693d323f7378cd580bd38b5b195a43920f7c844d3409a70
|
|
7
|
+
data.tar.gz: b675685420ced87b9b21504b011d332987569a2cc94ff91de6cde41ca8e6a5dd72ec99e2551274de45bc1ed537c75e4a2c76e565e23018b8a86843cbd73c7416
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,11 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
|
|
5
5
|
|
|
6
|
+
## [0.4.0] - 2022-01-05
|
|
7
|
+
- [#11](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/11) fix tags config in README
|
|
8
|
+
- [#13](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/13) data management and security features
|
|
9
|
+
- [#8](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/8) Add config.tags
|
|
10
|
+
|
|
6
11
|
## [0.3.3] - 2022-01-04
|
|
7
12
|
- [#10](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/10) azure_secret support expansion automatically
|
|
8
13
|
|
data/README.md
CHANGED
|
@@ -3,18 +3,6 @@ module TerraspacePluginAzurerm::Clients
|
|
|
3
3
|
extend Memoist
|
|
4
4
|
|
|
5
5
|
def client_options
|
|
6
|
-
o = base_client_options
|
|
7
|
-
o[:credentials] = credentials
|
|
8
|
-
o
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
def credentials
|
|
12
|
-
o = base_client_options
|
|
13
|
-
provider = MsRestAzure::ApplicationTokenProvider.new(o[:tenant_id], o[:client_id], o[:client_secret])
|
|
14
|
-
MsRest::TokenCredentials.new(provider)
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
def base_client_options
|
|
18
6
|
# AZURE_* is used by ruby generally.
|
|
19
7
|
# ARM_* is used by Terraform azurerm provider: https://www.terraform.io/docs/providers/azurerm/index.html
|
|
20
8
|
# Favor ARM_ because this plugin is designed for Terraspace.
|
|
@@ -32,7 +20,7 @@ module TerraspacePluginAzurerm::Clients
|
|
|
32
20
|
validate_base_options!(o)
|
|
33
21
|
o
|
|
34
22
|
end
|
|
35
|
-
memoize :
|
|
23
|
+
memoize :client_options
|
|
36
24
|
|
|
37
25
|
def validate_base_options!(options)
|
|
38
26
|
vars = []
|
|
@@ -6,12 +6,10 @@ module TerraspacePluginAzurerm::Clients
|
|
|
6
6
|
extend Memoist
|
|
7
7
|
|
|
8
8
|
# Include SDK modules to ease access to Storage classes.
|
|
9
|
-
include Azure::Storage::Mgmt
|
|
10
|
-
include Azure::Storage::Mgmt::
|
|
9
|
+
include Azure::Storage::Profiles::Latest::Mgmt
|
|
10
|
+
include Azure::Storage::Profiles::Latest::Mgmt::Models
|
|
11
11
|
|
|
12
|
-
|
|
13
|
-
mgmt.storage_accounts
|
|
14
|
-
end
|
|
12
|
+
delegate :storage_accounts, :blob_services, :blob_containers, to: :mgmt
|
|
15
13
|
|
|
16
14
|
def blob_containers
|
|
17
15
|
BlobContainers.new(mgmt)
|
|
@@ -19,7 +17,7 @@ module TerraspacePluginAzurerm::Clients
|
|
|
19
17
|
memoize :blob_containers
|
|
20
18
|
|
|
21
19
|
def mgmt
|
|
22
|
-
client =
|
|
20
|
+
client = Client.new(client_options)
|
|
23
21
|
client.subscription_id = client_options[:subscription_id]
|
|
24
22
|
client
|
|
25
23
|
end
|
|
@@ -20,6 +20,7 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
20
20
|
resource_group = ResourceGroup.new
|
|
21
21
|
resource_group.name = @resource_group_name
|
|
22
22
|
resource_group.location = config.location || AzureInfo.location
|
|
23
|
+
resource_group.tags = config.tags
|
|
23
24
|
resource_groups.create_or_update(@resource_group_name, resource_group)
|
|
24
25
|
end
|
|
25
26
|
|
|
@@ -6,8 +6,11 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
6
6
|
def create
|
|
7
7
|
if exist?
|
|
8
8
|
logger.debug "Storage Account #{@storage_account_name} already exists"
|
|
9
|
+
update_storage_account if config.storage_account.update_existing
|
|
10
|
+
set_blob_service_properties if config.storage_account.configure_data_protection_for_existing
|
|
9
11
|
else
|
|
10
12
|
create_storage_account
|
|
13
|
+
set_blob_service_properties
|
|
11
14
|
end
|
|
12
15
|
end
|
|
13
16
|
|
|
@@ -32,16 +35,29 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
32
35
|
end
|
|
33
36
|
end
|
|
34
37
|
|
|
38
|
+
def update_storage_account
|
|
39
|
+
logger.debug "Updating Storage Account #{@storage_account_name}..."
|
|
40
|
+
storage_accounts.update(@resource_group_name, @storage_account_name, storage_account_update_params)
|
|
41
|
+
end
|
|
42
|
+
|
|
35
43
|
def create_storage_account
|
|
36
44
|
logger.info "Creating Storage Account #{@storage_account_name}..."
|
|
37
|
-
storage_accounts.create(@resource_group_name, @storage_account_name,
|
|
45
|
+
storage_accounts.create(@resource_group_name, @storage_account_name, storage_account_create_params)
|
|
38
46
|
end
|
|
39
47
|
|
|
40
|
-
def
|
|
48
|
+
def storage_account_create_params
|
|
41
49
|
params = StorageAccountCreateParameters.new
|
|
42
50
|
params.location = config.location || azure_info.location # IE: eastus
|
|
43
51
|
params.sku = sku
|
|
52
|
+
params.allow_blob_public_access = config.storage_account.allow_blob_public_access
|
|
44
53
|
params.kind = Kind::StorageV2
|
|
54
|
+
params.tags = config.tags
|
|
55
|
+
params
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def storage_account_update_params
|
|
59
|
+
params = StorageAccountUpdateParameters.new
|
|
60
|
+
params.allow_blob_public_access = config.storage_account.allow_blob_public_access
|
|
45
61
|
params
|
|
46
62
|
end
|
|
47
63
|
|
|
@@ -51,5 +67,27 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
51
67
|
sku.tier = config.storage_account.sku.tier
|
|
52
68
|
sku
|
|
53
69
|
end
|
|
70
|
+
|
|
71
|
+
def set_blob_service_properties
|
|
72
|
+
blob_services.set_service_properties(@resource_group_name, @storage_account_name, blob_service_properties)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def blob_service_properties
|
|
76
|
+
props = BlobServiceProperties.new
|
|
77
|
+
|
|
78
|
+
sa = config.storage_account
|
|
79
|
+
policy = DeleteRetentionPolicy.new
|
|
80
|
+
policy.days = sa.container_delete_retention_policy.days || sa.delete_retention_policy.days
|
|
81
|
+
policy.enabled = sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
|
|
82
|
+
props.container_delete_retention_policy = policy # containers
|
|
83
|
+
|
|
84
|
+
policy = DeleteRetentionPolicy.new
|
|
85
|
+
policy.days = sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days
|
|
86
|
+
policy.enabled = sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
|
|
87
|
+
props.delete_retention_policy = policy # blobs
|
|
88
|
+
|
|
89
|
+
props.is_versioning_enabled = sa.is_versioning_enabled
|
|
90
|
+
props
|
|
91
|
+
end
|
|
54
92
|
end
|
|
55
93
|
end
|
|
@@ -13,14 +13,36 @@ module TerraspacePluginAzurerm::Interfaces
|
|
|
13
13
|
# must return an ActiveSupport::OrderedOptions
|
|
14
14
|
def defaults
|
|
15
15
|
c = ActiveSupport::OrderedOptions.new
|
|
16
|
+
|
|
16
17
|
c.auto_create = true
|
|
17
18
|
c.location = nil # AzureInfo.location not assigned here so it can be lazily inferred
|
|
19
|
+
|
|
18
20
|
c.secrets = ActiveSupport::OrderedOptions.new
|
|
19
21
|
c.secrets.vault = nil
|
|
22
|
+
|
|
20
23
|
c.storage_account = ActiveSupport::OrderedOptions.new
|
|
24
|
+
c.storage_account.update_existing = false
|
|
21
25
|
c.storage_account.sku = ActiveSupport::OrderedOptions.new
|
|
22
26
|
c.storage_account.sku.name = "Standard_LRS"
|
|
23
27
|
c.storage_account.sku.tier = "Standard"
|
|
28
|
+
c.storage_account.allow_blob_public_access = false # Azure default is true
|
|
29
|
+
|
|
30
|
+
# data protection management
|
|
31
|
+
c.storage_account.configure_data_protection_for_existing = false
|
|
32
|
+
c.storage_account.delete_retention_policy = ActiveSupport::OrderedOptions.new
|
|
33
|
+
c.storage_account.delete_retention_policy.days = 365
|
|
34
|
+
c.storage_account.delete_retention_policy.enabled = true
|
|
35
|
+
# overrides the setting above
|
|
36
|
+
c.storage_account.blob_delete_retention_policy = ActiveSupport::OrderedOptions.new
|
|
37
|
+
c.storage_account.blob_delete_retention_policy.days = nil
|
|
38
|
+
c.storage_account.blob_delete_retention_policy.enabled = nil
|
|
39
|
+
c.storage_account.container_delete_retention_policy = ActiveSupport::OrderedOptions.new
|
|
40
|
+
c.storage_account.container_delete_retention_policy.days = nil
|
|
41
|
+
c.storage_account.container_delete_retention_policy.enabled = nil
|
|
42
|
+
c.storage_account.is_versioning_enabled = true
|
|
43
|
+
|
|
44
|
+
c.tags = {}
|
|
45
|
+
|
|
24
46
|
c
|
|
25
47
|
end
|
|
26
48
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: terraspace_plugin_azurerm
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-01-
|
|
11
|
+
date: 2022-01-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: azure-storage-blob
|