RubyGems - terraspace_plugin_azurerm - Versions diffs - 0.4.0 → 0.5.0 - Mend

terraspace_plugin_azurerm 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8c595d865e64d26fdc4fa827ef247aae21266701bdf2afcf5438c6458d50d96e
-  data.tar.gz: a3bdfe44206f463c945d5f416c81529d77c9507b676f27654b1071aa6da0c7fd
+  metadata.gz: 11fda0fac205761533c2f4d73f68b4e1e8b97c98acdd81b59989dabf855f7a71
+  data.tar.gz: 92d71e9bce40c3dff7a644ee98baf1a6f1e8864f86b34ee861b30604b976f6e3
 SHA512:
-  metadata.gz: 67fdfe608c63b99cea0b1dfa29cc131c68df2b8651428800fb9d085aba3747bd99d29757551b74828693d323f7378cd580bd38b5b195a43920f7c844d3409a70
-  data.tar.gz: b675685420ced87b9b21504b011d332987569a2cc94ff91de6cde41ca8e6a5dd72ec99e2551274de45bc1ed537c75e4a2c76e565e23018b8a86843cbd73c7416
+  metadata.gz: d687364d16af25a282933fd7eba6107fb7d422a062b1d7b44608fb504d78de1c56668f14f4a0ec7b002bbad4c35102eaef16652a8fab03f4a34c56b26d114676
+  data.tar.gz: cd71ed24124dbc1f00665b2aa5566d3d07fbd93ca47415a405ae5b1061a471ad7d47d938bd43db5de91af57694d58450c30fa6f83c1eb110db03cb8c721f7c10

data/CHANGELOG.md CHANGED Viewed

@@ -3,6 +3,9 @@
 All notable changes to this project will be documented in this file.
 This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
+## [0.5.0] - 2022-01-20
+- [#14](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/14) use armrest gem
 ## [0.4.0] - 2022-01-05
 - [#11](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/11) fix tags config in README
 - [#13](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/13) data management and security features

data/README.md CHANGED Viewed

@@ -1,5 +1,9 @@
 # Terraspace Azurerm Plugin
+[![BoltOps Badge](https://img.boltops.com/boltops/badges/boltops-badge.png)](https://www.boltops.com)
+[![Gem Version](https://badge.fury.io/rb/terraspace_plugin_azurerm.svg)](https://badge.fury.io/rb/terraspace_plugin_azurerm)
 Azurerm support for [terraspace](https://terraspace.cloud/).
 ## Installation

data/lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb ADDED Viewed

@@ -0,0 +1,26 @@
+class TerraspacePluginAzurerm::Interfaces::Backend
+  class BlobContainer < Base
+    def create
+      if exist?
+        logger.debug "Storage Blob Container #{@container_name} already exists"
+      else
+        create_blob_container
+      end
+    end
+    def exist?
+      blob_container.exist?(name: @container_name)
+    end
+    def create_blob_container
+      logger.info "Creating Storage Blob Container #{@container_name}..."
+      blob_container.create(name: @container_name)
+    end
+   private
+    def blob_container
+      Armrest::Services::BlobContainer.new(storage_account: @storage_account_name, group: @resource_group_name)
+    end
+    memoize :blob_container
+  end
+end

data/lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb CHANGED Viewed

@@ -1,33 +1,32 @@
 class TerraspacePluginAzurerm::Interfaces::Backend
   # Named ResourceGroupCreator to avoid collision with Azure ResourceGroup model
   class ResourceGroupCreator < Base
-    include TerraspacePluginAzurerm::Clients::Resources
     def create
       if exist?
         logger.debug "Resource Group #{@resource_group_name} already exists"
+        create_or_update_resource_group if config.resource_group.update_existing
       else
-        create_resource_group
+        create_or_update_resource_group
       end
     end
     def exist?
-      resource_groups.check_existence(@resource_group_name)
+      resource_group.check_existence(name: @resource_group_name)
     end
-    def create_resource_group
+    def create_or_update_resource_group
       logger.info "Creating Resource Group #{@resource_group_name}..."
-      resource_group = ResourceGroup.new
-      resource_group.name = @resource_group_name
-      resource_group.location = config.location || AzureInfo.location
-      resource_group.tags = config.tags
-      resource_groups.create_or_update(@resource_group_name, resource_group)
+      resource_group.create_or_update(
+        name: @resource_group_name,
+        location: config.location || AzureInfo.location,
+        tags: config.tags,
+      )
     end
   private
-    def resource_groups
-      ResourceGroups.new(mgmt)
+    def resource_group
+      Armrest::Services::ResourceGroup.new
     end
-    memoize :resource_groups
+    memoize :resource_group
   end
 end

data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb CHANGED Viewed

@@ -1,23 +1,20 @@
 class TerraspacePluginAzurerm::Interfaces::Backend
   class StorageAccount < Base
-    include TerraspacePluginAzurerm::Clients::Storage
     extend Memoist
     def create
       if exist?
         logger.debug "Storage Account #{@storage_account_name} already exists"
-        update_storage_account if config.storage_account.update_existing
+        save_storage_account if config.storage_account.update_existing
         set_blob_service_properties if config.storage_account.configure_data_protection_for_existing
       else
-        create_storage_account
+        save_storage_account
         set_blob_service_properties
       end
     end
     def exist?
-      params = StorageAccountCheckNameAvailabilityParameters.new
-      params.name = @storage_account_name
-      result = storage_accounts.check_name_availability(params)
+      result = storage_account.check_name_availability(name: @storage_account_name)
       validate!(result)
       !result.name_available
     end
@@ -35,59 +32,60 @@ class TerraspacePluginAzurerm::Interfaces::Backend
       end
     end
-    def update_storage_account
-      logger.debug "Updating Storage Account #{@storage_account_name}..."
-      storage_accounts.update(@resource_group_name, @storage_account_name, storage_account_update_params)
+    def save_storage_account
+      action = exist? ? "Updating" : "Creating"
+      logger.info "#{action} Storage Account #{@storage_account_name}..."
+      storage_account.create(
+        name: @storage_account_name,
+        location: config.location || azure_info.location, # IE: eastus
+        sku: {
+          name: config.storage_account.sku.name,
+          tier: config.storage_account.sku.tier,
+        },
+        properties: {
+          allow_blob_public_access: config.storage_account.allow_blob_public_access,
+        },
+        kind: "StorageV2",
+        tags: config.tags,
+      )
     end
-    def create_storage_account
-      logger.info "Creating Storage Account #{@storage_account_name}..."
-      storage_accounts.create(@resource_group_name, @storage_account_name, storage_account_create_params)
-    end
-    def storage_account_create_params
-      params = StorageAccountCreateParameters.new
-      params.location = config.location || azure_info.location # IE: eastus
-      params.sku = sku
-      params.allow_blob_public_access = config.storage_account.allow_blob_public_access
-      params.kind = Kind::StorageV2
-      params.tags = config.tags
-      params
+    def set_blob_service_properties
+      blob_service.set_properties(blob_service_properties)
     end
-    def storage_account_update_params
-      params = StorageAccountUpdateParameters.new
-      params.allow_blob_public_access = config.storage_account.allow_blob_public_access
-      params
+    def blob_service_properties
+      sa = config.storage_account
+      container_delete_retention_policy = {
+        days: sa.container_delete_retention_policy.days || sa.delete_retention_policy.days,
+        enabled: sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
+      }
+      # blobs
+      delete_retention_policy = {
+        days: sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days,
+        enabled: sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
+      }
+      # final props
+      {
+        container_delete_retention_policy: container_delete_retention_policy,
+        delete_retention_policy: delete_retention_policy,
+        is_versioning_enabled: sa.is_versioning_enabled,
+      }
     end
-    def sku
-      sku = Sku.new
-      sku.name = config.storage_account.sku.name
-      sku.tier = config.storage_account.sku.tier
-      sku
+  private
+    def storage_account
+      Armrest::Services::StorageAccount.new(service_options)
     end
+    memoize :storage_account
-    def set_blob_service_properties
-      blob_services.set_service_properties(@resource_group_name, @storage_account_name, blob_service_properties)
+    def blob_service
+      Armrest::Services::BlobService.new(service_options)
     end
+    memoize :blob_service
-    def blob_service_properties
-      props = BlobServiceProperties.new
-      sa = config.storage_account
-      policy = DeleteRetentionPolicy.new
-      policy.days = sa.container_delete_retention_policy.days || sa.delete_retention_policy.days
-      policy.enabled = sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
-      props.container_delete_retention_policy = policy # containers
-      policy = DeleteRetentionPolicy.new
-      policy.days = sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days
-      policy.enabled = sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
-      props.delete_retention_policy = policy # blobs
-      props.is_versioning_enabled = sa.is_versioning_enabled
-      props
+    def service_options
+      { storage_account: @storage_account_name, group: @resource_group_name }
     end
   end
 end

data/lib/terraspace_plugin_azurerm/interfaces/backend.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module TerraspacePluginAzurerm::Interfaces
       ResourceGroupCreator.new(@info).create
       StorageAccount.new(@info).create
-      StorageContainer.new(@info).create
+      BlobContainer.new(@info).create
     end
   end
 end

data/lib/terraspace_plugin_azurerm/interfaces/config.rb CHANGED Viewed

@@ -20,6 +20,9 @@ module TerraspacePluginAzurerm::Interfaces
       c.secrets = ActiveSupport::OrderedOptions.new
       c.secrets.vault = nil
+      c.resource_group = ActiveSupport::OrderedOptions.new
+      c.resource_group.update_existing = false
       c.storage_account = ActiveSupport::OrderedOptions.new
       c.storage_account.update_existing = false
       c.storage_account.sku = ActiveSupport::OrderedOptions.new

data/lib/terraspace_plugin_azurerm/interfaces/helper/secret/fetcher.rb CHANGED Viewed

@@ -7,15 +7,10 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
     class VaultNotConfiguredError < Error; end
     include TerraspacePluginAzurerm::Logging
-    include TerraspacePluginAzurerm::Clients::Options
     extend Memoist
     def initialize(mod, options={})
       @mod, @options = mod, options
-      o = base_client_options
-      @client_id     = o[:client_id]
-      @client_secret = o[:client_secret]
-      @tenant_id     = o[:tenant_id]
     end
     def fetch(name, opts={})
@@ -25,42 +20,11 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
     def get_secret(name, options={})
       vault = options[:vault]
+      check_vault_configured!(vault)
       version = options[:version]
-      unless token
-        return "ERROR: Unable to authorize and get the temporary token. Double check your ARM_ env variables."
-      end
       version = "/#{version}" if version
-      check_vault_configured!(vault)
-      vault_subdomain = vault.downcase
-      # Using Azure REST API since the old gem doesnt support secrets https://github.com/Azure/azure-sdk-for-ruby
-      # https://docs.microsoft.com/en-us/rest/api/keyvault/getsecret/getsecret
       name = expansion(name) if expand?
-      url = "https://#{vault_subdomain}.vault.azure.net/secrets/#{name}#{version}?api-version=7.1"
-      logger.debug "Azure vault url #{url}"
-      uri = URI(url)
-      req = Net::HTTP::Get.new(uri)
-      req["Authorization"] = token
-      req["Content-Type"] = "application/json"
-      resp = nil
-      begin
-        resp = send_request(uri, req)
-      rescue VaultNotFoundError
-        message = "WARN: Vault not found #{vault}"
-        logger.info message.color(:yellow)
-        return message
-      end
-      case resp.code.to_s
-      when /^2/
-        data = JSON.load(resp.body)
-        data['value']
-      else
-        message = standard_error_message(resp)
-        logger.info "WARN: #{message}".color(:yellow)
-        message
-      end
+      secret.show(name: name, vault: vault)
     end
     def check_vault_configured!(vault)
@@ -80,61 +44,12 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
       raise VaultNotConfiguredError.new
     end
-    def send_request(uri, req)
-      http = Net::HTTP.new(uri.host, uri.port)
-      http.open_timeout = http.read_timeout = 30
-      http.use_ssl = true if uri.scheme == 'https'
-      begin
-        http.request(req) # response
-      rescue SocketError => e
-        # SocketError: Failed to open TCP connection to MISSING-VAULT.vault.azure.net:443 (getaddrinfo: Name or service not known)
-        if e.message.include?("vault.azure.net")
-          raise VaultNotFoundError.new(e)
-        else
-          raise
-        end
-      end
-    end
-    # Secret error handling: 1. network 2. json parse 3. missing secret
-    #
-    # Azure API responses with decent error message when
-    #   403 Forbidden - KeyVault Access Policy needs to be set up
-    #   404 Not Found - Secret name is incorrect
-    #
-    def standard_error_message(resp)
-      data = JSON.load(resp.body)
-      data['error']['message']
-    rescue JSON::ParserError
-      resp.body
-    end
-    @@token = nil
-    def token
-      return @@token unless @@token.nil?
-      url = "https://login.microsoftonline.com/#{@tenant_id}/oauth2/token"
-      uri = URI(url)
-      req = Net::HTTP::Get.new(uri)
-      req.set_form_data(
-        grant_type: "client_credentials",
-        client_id: @client_id,
-        client_secret: @client_secret,
-        resource: "https://vault.azure.net",
-      )
-      resp = send_request(uri, req)
-      data = JSON.load(resp.body)
-      if resp.code =~ /^2/
-        @@token = "Bearer #{data['access_token']}" if data
-      else
-        logger.info "WARN: #{data['error_description']}".color(:yellow)
-        # return false otherwise error message is used as the bearer toke and get this error:
-        # ArgumentError: header field value cannot include CR/LF
-        @@token = false
-      end
+  private
+    def secret
+      Armrest::Services::KeyVault::Secret.new
     end
+    memoize :secret
-  private
     delegate :expansion, to: :expander
     def expander
       TerraspacePluginAzurerm::Interfaces::Expander.new(@mod)

data/lib/terraspace_plugin_azurerm/interfaces/helper/secret.rb CHANGED Viewed

@@ -4,7 +4,6 @@ module TerraspacePluginAzurerm::Interfaces::Helper
   class Secret
     extend Memoist
     include TerraspacePluginAzurerm::Logging
-    include TerraspacePluginAzurerm::Clients::Options
     def initialize(mod, options={})
       @mod, @options = mod, options

data/lib/terraspace_plugin_azurerm/interfaces/summary.rb CHANGED Viewed

@@ -3,7 +3,6 @@ require 'azure/storage/blob'
 module TerraspacePluginAzurerm::Interfaces
   class Summary
     include Terraspace::Plugin::Summary::Interface
-    include TerraspacePluginAzurerm::Clients::Storage # for mgmt storage_accounts to get keys only, the azure/storage/blob gem is used to get the objects
     extend Memoist
     # interface method

data/lib/terraspace_plugin_azurerm/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module TerraspacePluginAzurerm
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

data/lib/terraspace_plugin_azurerm.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+require "armrest"
 require "azure_info"
 require "memoist"
 require "terraspace" # for interface

data/terraspace_plugin_azurerm.gemspec CHANGED Viewed

@@ -22,10 +22,8 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
-  spec.add_dependency "azure-storage-blob"
-  spec.add_dependency "azure_info", "~> 0.1.2"
-  spec.add_dependency "azure_mgmt_resources"
-  spec.add_dependency "azure_mgmt_storage"
+  spec.add_dependency "armrest"
+  spec.add_dependency "azure_info"
   spec.add_dependency "memoist"
   spec.add_dependency "zeitwerk"
 end

metadata CHANGED Viewed

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: terraspace_plugin_azurerm
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Tung Nguyen
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-01-05 00:00:00.000000000 Z
+date: 2022-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: azure-storage-blob
+  name: armrest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -26,34 +26,6 @@ dependencies:
         version: '0'
 - !ruby/object:Gem::Dependency
   name: azure_info
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.1.2
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.1.2
-- !ruby/object:Gem::Dependency
-  name: azure_mgmt_resources
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: azure_mgmt_storage
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -141,14 +113,11 @@ files:
 - lib/templates/test/rspec/project/spec/stacks/demo/main_spec.rb
 - lib/terraspace_plugin_azurerm.rb
 - lib/terraspace_plugin_azurerm/autoloader.rb
-- lib/terraspace_plugin_azurerm/clients/options.rb
-- lib/terraspace_plugin_azurerm/clients/resources.rb
-- lib/terraspace_plugin_azurerm/clients/storage.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend/base.rb
+- lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb
-- lib/terraspace_plugin_azurerm/interfaces/backend/storage_container.rb
 - lib/terraspace_plugin_azurerm/interfaces/config.rb
 - lib/terraspace_plugin_azurerm/interfaces/expander.rb
 - lib/terraspace_plugin_azurerm/interfaces/helper.rb

data/lib/terraspace_plugin_azurerm/clients/options.rb DELETED Viewed

@@ -1,39 +0,0 @@
-module TerraspacePluginAzurerm::Clients
-  module Options
-    extend Memoist
-    def client_options
-      # AZURE_* is used by ruby generally.
-      # ARM_* is used by Terraform azurerm provider: https://www.terraform.io/docs/providers/azurerm/index.html
-      # Favor ARM_ because this plugin is designed for Terraspace.
-      client_id       = ENV['ARM_CLIENT_ID'] || ENV['AZURE_CLIENT_ID']
-      client_secret   = ENV['ARM_CLIENT_SECRET'] || ENV['AZURE_CLIENT_SECRET']
-      subscription_id = ENV['ARM_SUBSCRIPTION_ID'] || ENV['AZURE_SUBSCRIPTION_ID'] || AzureInfo.subscription_id
-      tenant_id       = ENV['ARM_TENANT_ID'] || ENV['AZURE_TENANT_ID'] || AzureInfo.tenant_id
-      o = {
-        tenant_id: tenant_id,
-        client_id: client_id,
-        client_secret: client_secret,
-        subscription_id: subscription_id,
-      }
-      validate_base_options!(o)
-      o
-    end
-    memoize :client_options
-    def validate_base_options!(options)
-      vars = []
-      options.each do |k,v|
-        vars << "ARM_#{k}".upcase if v.nil?
-      end
-      return if vars.empty?
-      logger.error "ERROR: Required Azure env variables missing. Please set these env variables:".color(:red)
-      vars.each do |var|
-        logger.error "    #{var}"
-      end
-      exit 1
-    end
-  end
-end

data/lib/terraspace_plugin_azurerm/clients/resources.rb DELETED Viewed

@@ -1,17 +0,0 @@
-require 'azure_mgmt_resources'
-module TerraspacePluginAzurerm::Clients
-  module Resources
-    include Options
-    extend Memoist
-    # Include SDK modules to ease access to Resources classes.
-    include Azure::Resources::Profiles::Latest::Mgmt
-    include Azure::Resources::Profiles::Latest::Mgmt::Models
-    def mgmt
-      Client.new(client_options)
-    end
-    memoize :mgmt
-  end
-end

data/lib/terraspace_plugin_azurerm/clients/storage.rb DELETED Viewed

@@ -1,26 +0,0 @@
-require "azure_mgmt_storage"
-module TerraspacePluginAzurerm::Clients
-  module Storage
-    include Options
-    extend Memoist
-    # Include SDK modules to ease access to Storage classes.
-    include Azure::Storage::Profiles::Latest::Mgmt
-    include Azure::Storage::Profiles::Latest::Mgmt::Models
-    delegate :storage_accounts, :blob_services, :blob_containers, to: :mgmt
-    def blob_containers
-      BlobContainers.new(mgmt)
-    end
-    memoize :blob_containers
-    def mgmt
-      client = Client.new(client_options)
-      client.subscription_id = client_options[:subscription_id]
-      client
-    end
-    memoize :mgmt
-  end
-end

data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_container.rb DELETED Viewed

@@ -1,29 +0,0 @@
-class TerraspacePluginAzurerm::Interfaces::Backend
-  class StorageContainer < Base
-    include TerraspacePluginAzurerm::Clients::Storage
-    def create
-      if exist?
-        logger.debug "Storage Container #{@container_name} already exists"
-      else
-        create_storage_container
-      end
-    end
-    def exist?
-      begin
-        blob_containers.get(@resource_group_name, @storage_account_name, @container_name)
-        true
-      rescue MsRestAzure::AzureOperationError => e
-        e.message.include?("The specified container does not exist") ? false : raise
-      end
-    end
-    def create_storage_container
-      logger.info "Creating Storage Container #{@container_name}..."
-      blob_container = BlobContainer.new
-      blob_container.name = @container_name
-      blob_containers.create(@resource_group_name, @storage_account_name, @container_name, blob_container)
-    end
-  end
-end