RubyGems - terraspace_plugin_azurerm - Versions diffs - 0.4.0 → 0.5.0 - Mend

terraspace_plugin_azurerm 0.4.0 → 0.5.0

Files changed (19) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8c595d865e64d26fdc4fa827ef247aae21266701bdf2afcf5438c6458d50d96e
-  data.tar.gz: a3bdfe44206f463c945d5f416c81529d77c9507b676f27654b1071aa6da0c7fd
+  metadata.gz: 11fda0fac205761533c2f4d73f68b4e1e8b97c98acdd81b59989dabf855f7a71
+  data.tar.gz: 92d71e9bce40c3dff7a644ee98baf1a6f1e8864f86b34ee861b30604b976f6e3
 SHA512:
-  metadata.gz: 67fdfe608c63b99cea0b1dfa29cc131c68df2b8651428800fb9d085aba3747bd99d29757551b74828693d323f7378cd580bd38b5b195a43920f7c844d3409a70
-  data.tar.gz: b675685420ced87b9b21504b011d332987569a2cc94ff91de6cde41ca8e6a5dd72ec99e2551274de45bc1ed537c75e4a2c76e565e23018b8a86843cbd73c7416
+  metadata.gz: d687364d16af25a282933fd7eba6107fb7d422a062b1d7b44608fb504d78de1c56668f14f4a0ec7b002bbad4c35102eaef16652a8fab03f4a34c56b26d114676
+  data.tar.gz: cd71ed24124dbc1f00665b2aa5566d3d07fbd93ca47415a405ae5b1061a471ad7d47d938bd43db5de91af57694d58450c30fa6f83c1eb110db03cb8c721f7c10

data/CHANGELOG.md CHANGED Viewed

@@ -3,6 +3,9 @@
 All notable changes to this project will be documented in this file.
 This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
+## [0.5.0] - 2022-01-20
+- [#14](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/14) use armrest gem
 ## [0.4.0] - 2022-01-05
 - [#11](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/11) fix tags config in README
 - [#13](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/13) data management and security features

data/README.md CHANGED Viewed

@@ -1,5 +1,9 @@
 # Terraspace Azurerm Plugin
+[![BoltOps Badge](https://img.boltops.com/boltops/badges/boltops-badge.png)](https://www.boltops.com)
+[![Gem Version](https://badge.fury.io/rb/terraspace_plugin_azurerm.svg)](https://badge.fury.io/rb/terraspace_plugin_azurerm)
 Azurerm support for [terraspace](https://terraspace.cloud/).
 ## Installation

data/lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb ADDED Viewed

@@ -0,0 +1,26 @@
+class TerraspacePluginAzurerm::Interfaces::Backend
+  class BlobContainer < Base
+    def create
+      if exist?
+        logger.debug "Storage Blob Container #{@container_name} already exists"
+      else
+        create_blob_container
+      end
+    end
+    def exist?
+      blob_container.exist?(name: @container_name)
+    end
+    def create_blob_container
+      logger.info "Creating Storage Blob Container #{@container_name}..."
+      blob_container.create(name: @container_name)
+    end
+   private
+    def blob_container
+      Armrest::Services::BlobContainer.new(storage_account: @storage_account_name, group: @resource_group_name)
+    end
+    memoize :blob_container
+  end
+end

data/lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb CHANGED Viewed

@@ -1,33 +1,32 @@
 class TerraspacePluginAzurerm::Interfaces::Backend
   # Named ResourceGroupCreator to avoid collision with Azure ResourceGroup model
   class ResourceGroupCreator < Base
-    include TerraspacePluginAzurerm::Clients::Resources
     def create
       if exist?
         logger.debug "Resource Group #{@resource_group_name} already exists"
+        create_or_update_resource_group if config.resource_group.update_existing
       else
-        create_resource_group
+        create_or_update_resource_group
       end
     end
     def exist?
-      resource_groups.check_existence(@resource_group_name)
+      resource_group.check_existence(name: @resource_group_name)
     end
-    def create_resource_group
+    def create_or_update_resource_group
       logger.info "Creating Resource Group #{@resource_group_name}..."
-      resource_group = ResourceGroup.new
-      resource_group.name = @resource_group_name
-      resource_group.location = config.location || AzureInfo.location
-      resource_group.tags = config.tags
-      resource_groups.create_or_update(@resource_group_name, resource_group)
+      resource_group.create_or_update(
+        name: @resource_group_name,
+        location: config.location || AzureInfo.location,
+        tags: config.tags,
+      )
     end
   private
-    def resource_groups
-      ResourceGroups.new(mgmt)
+    def resource_group
+      Armrest::Services::ResourceGroup.new
     end
-    memoize :resource_groups
+    memoize :resource_group
   end
 end

data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb CHANGED Viewed

@@ -1,23 +1,20 @@
 class TerraspacePluginAzurerm::Interfaces::Backend
   class StorageAccount < Base
-    include TerraspacePluginAzurerm::Clients::Storage
     extend Memoist
     def create
       if exist?
         logger.debug "Storage Account #{@storage_account_name} already exists"
-        update_storage_account if config.storage_account.update_existing
+        save_storage_account if config.storage_account.update_existing
         set_blob_service_properties if config.storage_account.configure_data_protection_for_existing
       else
-        create_storage_account
+        save_storage_account
         set_blob_service_properties
       end
     end
     def exist?
-      params = StorageAccountCheckNameAvailabilityParameters.new
-      params.name = @storage_account_name
-      result = storage_accounts.check_name_availability(params)
+      result = storage_account.check_name_availability(name: @storage_account_name)
       validate!(result)
       !result.name_available
     end
@@ -35,59 +32,60 @@ class TerraspacePluginAzurerm::Interfaces::Backend
       end
     end
-    def update_storage_account
-      logger.debug "Updating Storage Account #{@storage_account_name}..."
-      storage_accounts.update(@resource_group_name, @storage_account_name, storage_account_update_params)
+    def save_storage_account
+      action = exist? ? "Updating" : "Creating"
+      logger.info "#{action} Storage Account #{@storage_account_name}..."
+      storage_account.create(
+        name: @storage_account_name,
+        location: config.location || azure_info.location, # IE: eastus
+        sku: {
+          name: config.storage_account.sku.name,
+          tier: config.storage_account.sku.tier,
+        },
+        properties: {
+          allow_blob_public_access: config.storage_account.allow_blob_public_access,
+        },
+        kind: "StorageV2",
+        tags: config.tags,
+      )
     end
-    def create_storage_account
-      logger.info "Creating Storage Account #{@storage_account_name}..."
-      storage_accounts.create(@resource_group_name, @storage_account_name, storage_account_create_params)
-    end
-    def storage_account_create_params
-      params = StorageAccountCreateParameters.new
-      params.location = config.location || azure_info.location # IE: eastus
-      params.sku = sku
-      params.allow_blob_public_access = config.storage_account.allow_blob_public_access
-      params.kind = Kind::StorageV2
-      params.tags = config.tags
-      params
+    def set_blob_service_properties
+      blob_service.set_properties(blob_service_properties)
     end
-    def storage_account_update_params
-      params = StorageAccountUpdateParameters.new
-      params.allow_blob_public_access = config.storage_account.allow_blob_public_access
-      params
+    def blob_service_properties
+      sa = config.storage_account
+      container_delete_retention_policy = {
+        days: sa.container_delete_retention_policy.days || sa.delete_retention_policy.days,
+        enabled: sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
+      }
+      # blobs
+      delete_retention_policy = {
+        days: sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days,
+        enabled: sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
+      }
+      # final props
+      {
+        container_delete_retention_policy: container_delete_retention_policy,
+        delete_retention_policy: delete_retention_policy,
+        is_versioning_enabled: sa.is_versioning_enabled,
+      }
     end
-    def sku
-      sku = Sku.new
-      sku.name = config.storage_account.sku.name
-      sku.tier = config.storage_account.sku.tier
-      sku
+  private
+    def storage_account
+      Armrest::Services::StorageAccount.new(service_options)
     end
+    memoize :storage_account
-    def set_blob_service_properties
-      blob_services.set_service_properties(@resource_group_name, @storage_account_name, blob_service_properties)
+    def blob_service
+      Armrest::Services::BlobService.new(service_options)
     end
+    memoize :blob_service
-    def blob_service_properties
-      props = BlobServiceProperties.new
-      sa = config.storage_account
-      policy = DeleteRetentionPolicy.new
-      policy.days = sa.container_delete_retention_policy.days || sa.delete_retention_policy.days
-      policy.enabled = sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
-      props.container_delete_retention_policy = policy # containers
-      policy = DeleteRetentionPolicy.new
-      policy.days = sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days
-      policy.enabled = sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
-      props.delete_retention_policy = policy # blobs
-      props.is_versioning_enabled = sa.is_versioning_enabled
-      props
+    def service_options
+      { storage_account: @storage_account_name, group: @resource_group_name }
     end
   end
 end

data/lib/terraspace_plugin_azurerm/interfaces/backend.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module TerraspacePluginAzurerm::Interfaces
       ResourceGroupCreator.new(@info).create
       StorageAccount.new(@info).create
-      StorageContainer.new(@info).create
+      BlobContainer.new(@info).create
     end
   end
 end

data/lib/terraspace_plugin_azurerm/interfaces/config.rb CHANGED Viewed

@@ -20,6 +20,9 @@ module TerraspacePluginAzurerm::Interfaces
       c.secrets = ActiveSupport::OrderedOptions.new
       c.secrets.vault = nil
+      c.resource_group = ActiveSupport::OrderedOptions.new
+      c.resource_group.update_existing = false
       c.storage_account = ActiveSupport::OrderedOptions.new
       c.storage_account.update_existing = false
       c.storage_account.sku = ActiveSupport::OrderedOptions.new

data/lib/terraspace_plugin_azurerm/interfaces/helper/secret/fetcher.rb CHANGED Viewed

@@ -7,15 +7,10 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
     class VaultNotConfiguredError < Error; end
     include TerraspacePluginAzurerm::Logging
-    include TerraspacePluginAzurerm::Clients::Options
     extend Memoist
     def initialize(mod, options={})
       @mod, @options = mod, options
-      o = base_client_options
-      @client_id     = o[:client_id]
-      @client_secret = o[:client_secret]
-      @tenant_id     = o[:tenant_id]
     end
     def fetch(name, opts={})
@@ -25,42 +20,11 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
     def get_secret(name, options={})
       vault = options[:vault]
+      check_vault_configured!(vault)
       version = options[:version]
-      unless token
-        return "ERROR: Unable to authorize and get the temporary token. Double check your ARM_ env variables."
-      end
       version = "/#{version}" if version
-      check_vault_configured!(vault)
-      vault_subdomain = vault.downcase
-      # Using Azure REST API since the old gem doesnt support secrets https://github.com/Azure/azure-sdk-for-ruby
-      # https://docs.microsoft.com/en-us/rest/api/keyvault/getsecret/getsecret
       name = expansion(name) if expand?
-      url = "https://#{vault_subdomain}.vault.azure.net/secrets/#{name}#{version}?api-version=7.1"
-      logger.debug "Azure vault url #{url}"
-      uri = URI(url)
-      req = Net::HTTP::Get.new(uri)
-      req["Authorization"] = token
-      req["Content-Type"] = "application/json"
-      resp = nil
-      begin
-        resp = send_request(uri, req)
-      rescue VaultNotFoundError
-        message = "WARN: Vault not found #{vault}"
-        logger.info message.color(:yellow)
-        return message
-      end
-      case resp.code.to_s
-      when /^2/
-        data = JSON.load(resp.body)
-        data['value']
-      else
-        message = standard_error_message(resp)
-        logger.info "WARN: #{message}".color(:yellow)
-        message
-      end
+      secret.show(name: name, vault: vault)
     end
     def check_vault_configured!(vault)
@@ -80,61 +44,12 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
       raise VaultNotConfiguredError.new
     end
-    def send_request(uri, req)
-      http = Net::HTTP.new(uri.host, uri.port)
-      http.open_timeout = http.read_timeout = 30
-      http.use_ssl = true if uri.scheme == 'https'
-      begin
-        http.request(req) # response
-      rescue SocketError => e
-        # SocketError: Failed to open TCP connection to MISSING-VAULT.vault.azure.net:443 (getaddrinfo: Name or service not known)
-        if e.message.include?("vault.azure.net")
-          raise VaultNotFoundError.new(e)
-        else
-          raise
-        end
-      end
-    end
-    # Secret error handling: 1. network 2. json parse 3. missing secret
-    #
-    # Azure API responses with decent error message when
-    #   403 Forbidden - KeyVault Access Policy needs to be set up
-    #   404 Not Found - Secret name is incorrect
-    #
-    def standard_error_message(resp)
-      data = JSON.load(resp.body)
-      data['error']['message']
-    rescue JSON::ParserError
-      resp.body
-    end
-    @@token = nil
-    def token
-      return @@token unless @@token.nil?
-      url = "https://login.microsoftonline.com/#{@tenant_id}/oauth2/token"
-      uri = URI(url)
-      req = Net::HTTP::Get.new(uri)
-      req.set_form_data(
-        grant_type: "client_credentials",
-        client_id: @client_id,
-        client_secret: @client_secret,
-        resource: "https://vault.azure.net",
-      )
-      resp = send_request(uri, req)
-      data = JSON.load(resp.body)
-      if resp.code =~ /^2/
-        @@token = "Bearer #{data['access_token']}" if data
-      else
-        logger.info "WARN: #{data['error_description']}".color(:yellow)
-        # return false otherwise error message is used as the bearer toke and get this error:
-        # ArgumentError: header field value cannot include CR/LF
-        @@token = false
-      end
+  private
+    def secret
+      Armrest::Services::KeyVault::Secret.new
     end
+    memoize :secret
-  private
     delegate :expansion, to: :expander
     def expander
       TerraspacePluginAzurerm::Interfaces::Expander.new(@mod)

data/lib/terraspace_plugin_azurerm/interfaces/helper/secret.rb CHANGED Viewed

@@ -4,7 +4,6 @@ module TerraspacePluginAzurerm::Interfaces::Helper
   class Secret
     extend Memoist
     include TerraspacePluginAzurerm::Logging
-    include TerraspacePluginAzurerm::Clients::Options
     def initialize(mod, options={})
       @mod, @options = mod, options

data/lib/terraspace_plugin_azurerm/interfaces/summary.rb CHANGED Viewed

@@ -3,7 +3,6 @@ require 'azure/storage/blob'
 module TerraspacePluginAzurerm::Interfaces
   class Summary
     include Terraspace::Plugin::Summary::Interface
-    include TerraspacePluginAzurerm::Clients::Storage # for mgmt storage_accounts to get keys only, the azure/storage/blob gem is used to get the objects
     extend Memoist
     # interface method

data/lib/terraspace_plugin_azurerm/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module TerraspacePluginAzurerm
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

data/lib/terraspace_plugin_azurerm.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+require "armrest"
 require "azure_info"
 require "memoist"
 require "terraspace" # for interface

data/terraspace_plugin_azurerm.gemspec CHANGED Viewed

@@ -22,10 +22,8 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
-  spec.add_dependency "azure-storage-blob"
-  spec.add_dependency "azure_info", "~> 0.1.2"
-  spec.add_dependency "azure_mgmt_resources"
-  spec.add_dependency "azure_mgmt_storage"
+  spec.add_dependency "armrest"
+  spec.add_dependency "azure_info"
   spec.add_dependency "memoist"
   spec.add_dependency "zeitwerk"
 end

metadata CHANGED Viewed

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: terraspace_plugin_azurerm
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Tung Nguyen
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-01-05 00:00:00.000000000 Z
+date: 2022-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: azure-storage-blob
+  name: armrest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -26,34 +26,6 @@ dependencies:
         version: '0'
 - !ruby/object:Gem::Dependency
   name: azure_info
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.1.2
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.1.2
-- !ruby/object:Gem::Dependency
-  name: azure_mgmt_resources
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: azure_mgmt_storage
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -141,14 +113,11 @@ files:
 - lib/templates/test/rspec/project/spec/stacks/demo/main_spec.rb
 - lib/terraspace_plugin_azurerm.rb
 - lib/terraspace_plugin_azurerm/autoloader.rb
-- lib/terraspace_plugin_azurerm/clients/options.rb
-- lib/terraspace_plugin_azurerm/clients/resources.rb
-- lib/terraspace_plugin_azurerm/clients/storage.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend/base.rb
+- lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb
 - lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb
-- lib/terraspace_plugin_azurerm/interfaces/backend/storage_container.rb
 - lib/terraspace_plugin_azurerm/interfaces/config.rb
 - lib/terraspace_plugin_azurerm/interfaces/expander.rb
 - lib/terraspace_plugin_azurerm/interfaces/helper.rb

data/lib/terraspace_plugin_azurerm/clients/options.rb DELETED Viewed

@@ -1,39 +0,0 @@
-module TerraspacePluginAzurerm::Clients
-  module Options
-    extend Memoist
-    def client_options
-      # AZURE_* is used by ruby generally.
-      # ARM_* is used by Terraform azurerm provider: https://www.terraform.io/docs/providers/azurerm/index.html
-      # Favor ARM_ because this plugin is designed for Terraspace.
-      client_id       = ENV['ARM_CLIENT_ID'] || ENV['AZURE_CLIENT_ID']
-      client_secret   = ENV['ARM_CLIENT_SECRET'] || ENV['AZURE_CLIENT_SECRET']
-      subscription_id = ENV['ARM_SUBSCRIPTION_ID'] || ENV['AZURE_SUBSCRIPTION_ID'] || AzureInfo.subscription_id
-      tenant_id       = ENV['ARM_TENANT_ID'] || ENV['AZURE_TENANT_ID'] || AzureInfo.tenant_id
-      o = {
-        tenant_id: tenant_id,
-        client_id: client_id,
-        client_secret: client_secret,
-        subscription_id: subscription_id,
-      }
-      validate_base_options!(o)
-      o
-    end
-    memoize :client_options
-    def validate_base_options!(options)
-      vars = []
-      options.each do |k,v|
-        vars << "ARM_#{k}".upcase if v.nil?
-      end
-      return if vars.empty?
-      logger.error "ERROR: Required Azure env variables missing. Please set these env variables:".color(:red)
-      vars.each do |var|
-        logger.error "    #{var}"
-      end
-      exit 1
-    end
-  end
-end

data/lib/terraspace_plugin_azurerm/clients/resources.rb DELETED Viewed

@@ -1,17 +0,0 @@
-require 'azure_mgmt_resources'
-module TerraspacePluginAzurerm::Clients
-  module Resources
-    include Options
-    extend Memoist
-    # Include SDK modules to ease access to Resources classes.
-    include Azure::Resources::Profiles::Latest::Mgmt
-    include Azure::Resources::Profiles::Latest::Mgmt::Models
-    def mgmt
-      Client.new(client_options)
-    end
-    memoize :mgmt
-  end
-end

data/lib/terraspace_plugin_azurerm/clients/storage.rb DELETED Viewed

@@ -1,26 +0,0 @@
-require "azure_mgmt_storage"
-module TerraspacePluginAzurerm::Clients
-  module Storage
-    include Options
-    extend Memoist
-    # Include SDK modules to ease access to Storage classes.
-    include Azure::Storage::Profiles::Latest::Mgmt
-    include Azure::Storage::Profiles::Latest::Mgmt::Models
-    delegate :storage_accounts, :blob_services, :blob_containers, to: :mgmt
-    def blob_containers
-      BlobContainers.new(mgmt)
-    end
-    memoize :blob_containers
-    def mgmt
-      client = Client.new(client_options)
-      client.subscription_id = client_options[:subscription_id]
-      client
-    end
-    memoize :mgmt
-  end
-end

data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_container.rb DELETED Viewed

@@ -1,29 +0,0 @@
-class TerraspacePluginAzurerm::Interfaces::Backend
-  class StorageContainer < Base
-    include TerraspacePluginAzurerm::Clients::Storage
-    def create
-      if exist?
-        logger.debug "Storage Container #{@container_name} already exists"
-      else
-        create_storage_container
-      end
-    end
-    def exist?
-      begin
-        blob_containers.get(@resource_group_name, @storage_account_name, @container_name)
-        true
-      rescue MsRestAzure::AzureOperationError => e
-        e.message.include?("The specified container does not exist") ? false : raise
-      end
-    end
-    def create_storage_container
-      logger.info "Creating Storage Container #{@container_name}..."
-      blob_container = BlobContainer.new
-      blob_container.name = @container_name
-      blob_containers.create(@resource_group_name, @storage_account_name, @container_name, blob_container)
-    end
-  end
-end