terraspace_plugin_azurerm 0.3.3 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +2 -0
- data/lib/terraspace_plugin_azurerm/clients/options.rb +1 -13
- data/lib/terraspace_plugin_azurerm/clients/storage.rb +4 -6
- data/lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb +1 -0
- data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb +40 -2
- data/lib/terraspace_plugin_azurerm/interfaces/config.rb +22 -0
- data/lib/terraspace_plugin_azurerm/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8c595d865e64d26fdc4fa827ef247aae21266701bdf2afcf5438c6458d50d96e
|
|
4
|
+
data.tar.gz: a3bdfe44206f463c945d5f416c81529d77c9507b676f27654b1071aa6da0c7fd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 67fdfe608c63b99cea0b1dfa29cc131c68df2b8651428800fb9d085aba3747bd99d29757551b74828693d323f7378cd580bd38b5b195a43920f7c844d3409a70
|
|
7
|
+
data.tar.gz: b675685420ced87b9b21504b011d332987569a2cc94ff91de6cde41ca8e6a5dd72ec99e2551274de45bc1ed537c75e4a2c76e565e23018b8a86843cbd73c7416
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,11 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
|
|
5
5
|
|
|
6
|
+
## [0.4.0] - 2022-01-05
|
|
7
|
+
- [#11](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/11) fix tags config in README
|
|
8
|
+
- [#13](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/13) data management and security features
|
|
9
|
+
- [#8](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/8) Add config.tags
|
|
10
|
+
|
|
6
11
|
## [0.3.3] - 2022-01-04
|
|
7
12
|
- [#10](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/10) azure_secret support expansion automatically
|
|
8
13
|
|
data/README.md
CHANGED
|
@@ -3,18 +3,6 @@ module TerraspacePluginAzurerm::Clients
|
|
|
3
3
|
extend Memoist
|
|
4
4
|
|
|
5
5
|
def client_options
|
|
6
|
-
o = base_client_options
|
|
7
|
-
o[:credentials] = credentials
|
|
8
|
-
o
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
def credentials
|
|
12
|
-
o = base_client_options
|
|
13
|
-
provider = MsRestAzure::ApplicationTokenProvider.new(o[:tenant_id], o[:client_id], o[:client_secret])
|
|
14
|
-
MsRest::TokenCredentials.new(provider)
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
def base_client_options
|
|
18
6
|
# AZURE_* is used by ruby generally.
|
|
19
7
|
# ARM_* is used by Terraform azurerm provider: https://www.terraform.io/docs/providers/azurerm/index.html
|
|
20
8
|
# Favor ARM_ because this plugin is designed for Terraspace.
|
|
@@ -32,7 +20,7 @@ module TerraspacePluginAzurerm::Clients
|
|
|
32
20
|
validate_base_options!(o)
|
|
33
21
|
o
|
|
34
22
|
end
|
|
35
|
-
memoize :
|
|
23
|
+
memoize :client_options
|
|
36
24
|
|
|
37
25
|
def validate_base_options!(options)
|
|
38
26
|
vars = []
|
|
@@ -6,12 +6,10 @@ module TerraspacePluginAzurerm::Clients
|
|
|
6
6
|
extend Memoist
|
|
7
7
|
|
|
8
8
|
# Include SDK modules to ease access to Storage classes.
|
|
9
|
-
include Azure::Storage::Mgmt
|
|
10
|
-
include Azure::Storage::Mgmt::
|
|
9
|
+
include Azure::Storage::Profiles::Latest::Mgmt
|
|
10
|
+
include Azure::Storage::Profiles::Latest::Mgmt::Models
|
|
11
11
|
|
|
12
|
-
|
|
13
|
-
mgmt.storage_accounts
|
|
14
|
-
end
|
|
12
|
+
delegate :storage_accounts, :blob_services, :blob_containers, to: :mgmt
|
|
15
13
|
|
|
16
14
|
def blob_containers
|
|
17
15
|
BlobContainers.new(mgmt)
|
|
@@ -19,7 +17,7 @@ module TerraspacePluginAzurerm::Clients
|
|
|
19
17
|
memoize :blob_containers
|
|
20
18
|
|
|
21
19
|
def mgmt
|
|
22
|
-
client =
|
|
20
|
+
client = Client.new(client_options)
|
|
23
21
|
client.subscription_id = client_options[:subscription_id]
|
|
24
22
|
client
|
|
25
23
|
end
|
|
@@ -20,6 +20,7 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
20
20
|
resource_group = ResourceGroup.new
|
|
21
21
|
resource_group.name = @resource_group_name
|
|
22
22
|
resource_group.location = config.location || AzureInfo.location
|
|
23
|
+
resource_group.tags = config.tags
|
|
23
24
|
resource_groups.create_or_update(@resource_group_name, resource_group)
|
|
24
25
|
end
|
|
25
26
|
|
|
@@ -6,8 +6,11 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
6
6
|
def create
|
|
7
7
|
if exist?
|
|
8
8
|
logger.debug "Storage Account #{@storage_account_name} already exists"
|
|
9
|
+
update_storage_account if config.storage_account.update_existing
|
|
10
|
+
set_blob_service_properties if config.storage_account.configure_data_protection_for_existing
|
|
9
11
|
else
|
|
10
12
|
create_storage_account
|
|
13
|
+
set_blob_service_properties
|
|
11
14
|
end
|
|
12
15
|
end
|
|
13
16
|
|
|
@@ -32,16 +35,29 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
32
35
|
end
|
|
33
36
|
end
|
|
34
37
|
|
|
38
|
+
def update_storage_account
|
|
39
|
+
logger.debug "Updating Storage Account #{@storage_account_name}..."
|
|
40
|
+
storage_accounts.update(@resource_group_name, @storage_account_name, storage_account_update_params)
|
|
41
|
+
end
|
|
42
|
+
|
|
35
43
|
def create_storage_account
|
|
36
44
|
logger.info "Creating Storage Account #{@storage_account_name}..."
|
|
37
|
-
storage_accounts.create(@resource_group_name, @storage_account_name,
|
|
45
|
+
storage_accounts.create(@resource_group_name, @storage_account_name, storage_account_create_params)
|
|
38
46
|
end
|
|
39
47
|
|
|
40
|
-
def
|
|
48
|
+
def storage_account_create_params
|
|
41
49
|
params = StorageAccountCreateParameters.new
|
|
42
50
|
params.location = config.location || azure_info.location # IE: eastus
|
|
43
51
|
params.sku = sku
|
|
52
|
+
params.allow_blob_public_access = config.storage_account.allow_blob_public_access
|
|
44
53
|
params.kind = Kind::StorageV2
|
|
54
|
+
params.tags = config.tags
|
|
55
|
+
params
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def storage_account_update_params
|
|
59
|
+
params = StorageAccountUpdateParameters.new
|
|
60
|
+
params.allow_blob_public_access = config.storage_account.allow_blob_public_access
|
|
45
61
|
params
|
|
46
62
|
end
|
|
47
63
|
|
|
@@ -51,5 +67,27 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
|
51
67
|
sku.tier = config.storage_account.sku.tier
|
|
52
68
|
sku
|
|
53
69
|
end
|
|
70
|
+
|
|
71
|
+
def set_blob_service_properties
|
|
72
|
+
blob_services.set_service_properties(@resource_group_name, @storage_account_name, blob_service_properties)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def blob_service_properties
|
|
76
|
+
props = BlobServiceProperties.new
|
|
77
|
+
|
|
78
|
+
sa = config.storage_account
|
|
79
|
+
policy = DeleteRetentionPolicy.new
|
|
80
|
+
policy.days = sa.container_delete_retention_policy.days || sa.delete_retention_policy.days
|
|
81
|
+
policy.enabled = sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
|
|
82
|
+
props.container_delete_retention_policy = policy # containers
|
|
83
|
+
|
|
84
|
+
policy = DeleteRetentionPolicy.new
|
|
85
|
+
policy.days = sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days
|
|
86
|
+
policy.enabled = sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
|
|
87
|
+
props.delete_retention_policy = policy # blobs
|
|
88
|
+
|
|
89
|
+
props.is_versioning_enabled = sa.is_versioning_enabled
|
|
90
|
+
props
|
|
91
|
+
end
|
|
54
92
|
end
|
|
55
93
|
end
|
|
@@ -13,14 +13,36 @@ module TerraspacePluginAzurerm::Interfaces
|
|
|
13
13
|
# must return an ActiveSupport::OrderedOptions
|
|
14
14
|
def defaults
|
|
15
15
|
c = ActiveSupport::OrderedOptions.new
|
|
16
|
+
|
|
16
17
|
c.auto_create = true
|
|
17
18
|
c.location = nil # AzureInfo.location not assigned here so it can be lazily inferred
|
|
19
|
+
|
|
18
20
|
c.secrets = ActiveSupport::OrderedOptions.new
|
|
19
21
|
c.secrets.vault = nil
|
|
22
|
+
|
|
20
23
|
c.storage_account = ActiveSupport::OrderedOptions.new
|
|
24
|
+
c.storage_account.update_existing = false
|
|
21
25
|
c.storage_account.sku = ActiveSupport::OrderedOptions.new
|
|
22
26
|
c.storage_account.sku.name = "Standard_LRS"
|
|
23
27
|
c.storage_account.sku.tier = "Standard"
|
|
28
|
+
c.storage_account.allow_blob_public_access = false # Azure default is true
|
|
29
|
+
|
|
30
|
+
# data protection management
|
|
31
|
+
c.storage_account.configure_data_protection_for_existing = false
|
|
32
|
+
c.storage_account.delete_retention_policy = ActiveSupport::OrderedOptions.new
|
|
33
|
+
c.storage_account.delete_retention_policy.days = 365
|
|
34
|
+
c.storage_account.delete_retention_policy.enabled = true
|
|
35
|
+
# overrides the setting above
|
|
36
|
+
c.storage_account.blob_delete_retention_policy = ActiveSupport::OrderedOptions.new
|
|
37
|
+
c.storage_account.blob_delete_retention_policy.days = nil
|
|
38
|
+
c.storage_account.blob_delete_retention_policy.enabled = nil
|
|
39
|
+
c.storage_account.container_delete_retention_policy = ActiveSupport::OrderedOptions.new
|
|
40
|
+
c.storage_account.container_delete_retention_policy.days = nil
|
|
41
|
+
c.storage_account.container_delete_retention_policy.enabled = nil
|
|
42
|
+
c.storage_account.is_versioning_enabled = true
|
|
43
|
+
|
|
44
|
+
c.tags = {}
|
|
45
|
+
|
|
24
46
|
c
|
|
25
47
|
end
|
|
26
48
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: terraspace_plugin_azurerm
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-01-
|
|
11
|
+
date: 2022-01-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: azure-storage-blob
|