terraspace_plugin_google 0.1.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5cf0133e608b9d6aad667aa5f4c1ea70c77f98a6b8d52a56396f47153fc26e75
-  data.tar.gz: 8956a3a1461da92d9d250971e170df0ac66ea637e6f1ac89d4200bd894c7d8b4
+  metadata.gz: 1e63e836f63ed2b6731dbdf64bdd6a7635bacea437bb0e6430f5723552f83899
+  data.tar.gz: b7c5eb01564d29cae316d07bf52310bd4c110500d869392135a26275b196068f
 SHA512:
-  metadata.gz: 22eb1640abc543c3812c35873353e360cb70df65f3c39da53b6083cbe9b03707b0697aeadf93a7e4852321be184fd3c9ac16cc1e3ba95fc8e0b13f57a0bf8eb9
-  data.tar.gz: f3ae41ed56e36b351d101f2b4931c7270b3dd5df3de6841e88f174df02359d4a7e80e0b789e5c0971413b5f4603a6ffc32cc160b4bc600fb24899f5731ff7f29
+  metadata.gz: dbc69e11cc8e24f636ea4fe3d9996d13d4d373dd7678018d2bf078e0a971762e55be7b61ec2cc0b39bfe321ffa9b0113715bc0075aa6110cf071c98774b39d11
+  data.tar.gz: 3aa893e192eb8004641bb0131da7ee2fffcb97b07d58ca09674ad5d5935806d7103e892538aae9896457a35b5241a73822bc59045cfdfc7d8506c49d08fc8308

data/CHANGELOG.md

@@ -3,5 +3,22 @@
 All notable changes to this project will be documented in this file.
 This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
 
+## [0.3.0] - 2020-11-15
+- [#5](https://github.com/boltops-tools/terraspace_provider_google/pull/5) helper and secrets support
+- google secret
+
+## [0.2.2]
+- #4 fix test template: folder rename to stacks
+
+## [0.2.1]
+- #3 update starter example template: bucket_policy_only deprecated for uniform_bucket_level_access
+- edge case: graceful error when bucket doesnt exist yet
+
+## [0.2.0]
+- #2 include layer interface, update template to use expansion method
+
+## [0.1.1]
+- summary command: fix edge case when files are deleted mid-loop
+
 ## [0.1.0]
 - Initial release

data/lib/templates/hcl/module/main.tf

@@ -1,4 +1,4 @@
 resource "google_storage_bucket" "this" {
-  name               = var.name
-  bucket_policy_only = var.bucket_policy_only
+  name                        = var.name
+  uniform_bucket_level_access = var.uniform_bucket_level_access
 }

data/lib/templates/hcl/module/variables.tf

@@ -3,8 +3,8 @@ variable "name" {
   type        = string
 }
 
-variable "bucket_policy_only" {
-  description = "bucket_policy_only"
+variable "uniform_bucket_level_access" {
+  description = "uniform_bucket_level_access"
   type        = bool
   default     = false
 }

data/lib/templates/hcl/project/config/terraform/backend.tf.tt

@@ -1,6 +1,6 @@
 terraform {
   backend "gcs" {
-    bucket = "<%%= backend_expand('gcs', 'terraform-state-:PROJECT-:REGION-:ENV') %>" # expanded by terraspace IE: terraform-state-project-us-central1-dev
-    prefix = "<%%= backend_expand('gcs', ':REGION/:ENV/:BUILD_DIR') %>" # expanded by terraspace IE: us-central1/dev/modules/vm
+    bucket = "<%%= expansion('terraform-state-:PROJECT-:REGION-:ENV') %>"
+    prefix = "<%%= expansion(':REGION/:ENV/:BUILD_DIR') %>"
   }
 }

data/lib/templates/hcl/stack/main.tf

@@ -5,6 +5,6 @@ resource "random_pet" "this" {
 module "bucket" {
   source = "../../modules/example"
 
-  name               = "bucket-${random_pet.this.id}"
-  bucket_policy_only = var.bucket_policy_only
+  name                        = "bucket-${random_pet.this.id}"
+  uniform_bucket_level_access = var.uniform_bucket_level_access
 }

data/lib/templates/hcl/stack/variables.tf

@@ -1,5 +1,5 @@
-variable "bucket_policy_only" {
-  description = "bucket_policy_only"
+variable "uniform_bucket_level_access" {
+  description = "uniform_bucket_level_access"
   type        = bool
   default     = false
 }

data/lib/templates/ruby/module/main.rb

@@ -1,4 +1,4 @@
 resource("google_storage_bucket", "this",
-  name:              var.name,
-  bucket_policy_only:var.bucket_policy_only,
+  name:                         var.name,
+  uniform_bucket_level_access: var.uniform_bucket_level_access,
 )

data/lib/templates/ruby/module/variables.rb

@@ -3,8 +3,8 @@ variable("name",
   type:        "string",
 )
 
-variable("bucket_policy_only",
-  description: "bucket_policy_only",
+variable("uniform_bucket_level_access",
+  description: "uniform_bucket_level_access",
   type:        "bool",
   default:     false,
 )

data/lib/templates/ruby/stack/variables.rb

@@ -1,5 +1,5 @@
-variable("bucket_policy_only",
-  description: "bucket_policy_only",
+variable("uniform_bucket_level_access",
+  description: "uniform_bucket_level_access",
   type:        "bool",
   default:     false,
 )

data/lib/templates/test/rspec/module/test/spec/fixtures/stack/main.tf

@@ -5,6 +5,6 @@ resource "random_pet" "this" {
 module "bucket" {
   source = "../../modules/example"
 
-  name               = "bucket-${random_pet.this.id}"
-  bucket_policy_only = var.bucket_policy_only
+  name                        = "bucket-${random_pet.this.id}"
+  uniform_bucket_level_access = var.uniform_bucket_level_access
 }

data/lib/templates/test/rspec/module/test/spec/fixtures/stack/variables.tf

@@ -1,5 +1,5 @@
-variable "bucket_policy_only" {
-  description = "bucket_policy_only"
+variable "uniform_bucket_level_access" {
+  description = "uniform_bucket_level_access"
   type        = bool
   default     = false
 }

data/lib/terraspace_plugin_google.rb

@@ -22,12 +22,22 @@ module TerraspacePluginGoogle
     Interfaces::Config.instance.config
   end
 
+  @@logger = nil
+  def logger
+    @@logger ||= Terraspace.logger
+  end
+
+  def logger=(v)
+    @@logger = v
+  end
+
   extend self
 end
 
 Terraspace::Plugin.register("google",
   backend: "gcs",
   config_class: TerraspacePluginGoogle::Interfaces::Config,
+  helper_class: TerraspacePluginGoogle::Interfaces::Helper,
   layer_class: TerraspacePluginGoogle::Interfaces::Layer,
   root: File.dirname(__dir__),
 )

data/lib/terraspace_plugin_google/clients.rb

@@ -1,9 +1,15 @@
+require "google-cloud-secret_manager"
 require "google/cloud/storage"
 
 module TerraspacePluginGoogle
   module Clients
     extend Memoist
 
+    def secret_manager_service
+      Google::Cloud::SecretManager.secret_manager_service
+    end
+    memoize :secret_manager_service
+
     def storage
       Google::Cloud::Storage.new
     end

data/lib/terraspace_plugin_google/interfaces/helper.rb

@@ -0,0 +1,10 @@
+module TerraspacePluginGoogle::Interfaces
+  module Helper
+    include Terraspace::Plugin::Helper::Interface
+
+    def google_secret(name, options={})
+      Secret.new(options).fetch(name)
+    end
+    cache_helper :google_secret
+  end
+end

data/lib/terraspace_plugin_google/interfaces/helper/secret.rb

@@ -0,0 +1,43 @@
+require "base64"
+
+module TerraspacePluginGoogle::Interfaces::Helper
+  class Secret
+    include TerraspacePluginGoogle::Clients
+    include TerraspacePluginGoogle::Logging
+
+    def initialize(options={})
+      @options = options
+      @base64 = options[:base64]
+      @project_id = options[:google_project] || ENV['GOOGLE_PROJECT'] || raise("GOOGLE_PROJECT env variable is not set. It's required.")
+    end
+
+    def fetch(short_name, version: "latest")
+      value = fetch_value(short_name, version)
+      value = Base64.strict_encode64(value).strip if @base64
+      value
+    end
+
+    def fetch_value(short_name, version="latest")
+      name = "projects/#{project_number}/secrets/#{short_name}/versions/#{version}"
+      version = secret_manager_service.access_secret_version(name: name)
+      version.payload.data
+    rescue Google::Cloud::NotFoundError => e
+      logger.info "WARN: secret #{name} not found".color(:yellow)
+      logger.info e.message
+      "NOT FOUND #{name}" # simple string so Kubernetes YAML is valid
+    end
+
+    # TODO: Get the project from the list project api instead. Unsure where the docs are for this.
+    # If someone knows, let me know.
+    # Right now grabbing the first secret to then be able to get the google project number
+    @@project_number = nil
+    def project_number
+      return @@project_number if @@project_number
+
+      parent = "projects/#{@project_id}"
+      resp = secret_manager_service.list_secrets(parent: parent) # note: page_size doesnt seem to get respected
+      name = resp.first.name # IE: projects/111111111111/secrets/demo-dev-db_host
+      @@project_number = name.split('/')[1]
+    end
+  end
+end

data/lib/terraspace_plugin_google/interfaces/layer.rb

@@ -2,6 +2,7 @@ require "gcp_data"
 
 module TerraspacePluginGoogle::Interfaces
   class Layer
+    include Terraspace::Plugin::Layer::Interface
     extend Memoist
 
     # interface method
@@ -13,10 +14,5 @@ module TerraspacePluginGoogle::Interfaces
     def region
       GcpData.region
     end
-
-    # interface method
-    def provider
-      "google"
-    end
   end
 end

data/lib/terraspace_plugin_google/interfaces/summary.rb

@@ -11,8 +11,13 @@ module TerraspacePluginGoogle::Interfaces
     # interface method
     def download
       bucket = storage.bucket(@bucket)
+      unless bucket
+        logger.error "ERROR: bucket #{@bucket} does not exist".color(:red)
+        exit 1
+      end
       bucket.files(prefix: @folder).all do |f|
         file = bucket.file(f.name)
+        next if file.nil? # in case file has been removed since .files
         # Note the f.name already includes the folder
         local_path = "#{@dest}/#{f.name}"
         FileUtils.mkdir_p(File.dirname(local_path))

data/lib/terraspace_plugin_google/logging.rb

@@ -0,0 +1,7 @@
+module TerraspacePluginGoogle
+  module Logging
+    def logger
+      Terraspace.logger
+    end
+  end
+end

data/lib/terraspace_plugin_google/version.rb

@@ -1,3 +1,3 @@
 module TerraspacePluginGoogle
-  VERSION = "0.1.0"
+  VERSION = "0.3.0"
 end

data/terraspace_plugin_google.gemspec

@@ -24,6 +24,7 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency "gcp_data"
   spec.add_dependency "google-cloud-storage"
+  spec.add_dependency "google-cloud-secret_manager"
   spec.add_dependency "memoist"
   spec.add_dependency "zeitwerk"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: terraspace_plugin_google
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Tung Nguyen
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-07-23 00:00:00.000000000 Z
+date: 2020-11-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gcp_data
@@ -38,6 +38,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: google-cloud-secret_manager
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: memoist
   requirement: !ruby/object:Gem::Requirement
@@ -107,15 +121,18 @@ files:
 - lib/templates/test/rspec/module/test/spec/main_spec.rb.tt
 - lib/templates/test/rspec/module/test/spec/spec_helper.rb
 - lib/templates/test/rspec/project/spec/fixtures/tfvars/demo.tfvars
-- lib/templates/test/rspec/project/spec/stack/demo/main_spec.rb
+- lib/templates/test/rspec/project/spec/stacks/demo/main_spec.rb
 - lib/terraspace_plugin_google.rb
 - lib/terraspace_plugin_google/autoloader.rb
 - lib/terraspace_plugin_google/clients.rb
 - lib/terraspace_plugin_google/interfaces/backend.rb
 - lib/terraspace_plugin_google/interfaces/config.rb
 - lib/terraspace_plugin_google/interfaces/expander.rb
+- lib/terraspace_plugin_google/interfaces/helper.rb
+- lib/terraspace_plugin_google/interfaces/helper/secret.rb
 - lib/terraspace_plugin_google/interfaces/layer.rb
 - lib/terraspace_plugin_google/interfaces/summary.rb
+- lib/terraspace_plugin_google/logging.rb
 - lib/terraspace_plugin_google/version.rb
 - terraspace_plugin_google.gemspec
 homepage: https://github.com/boltops-tools/terraspace_plugin_google
@@ -138,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: Terraspace Google Cloud Plugin