terraspace_plugin_google 0.1.0 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5cf0133e608b9d6aad667aa5f4c1ea70c77f98a6b8d52a56396f47153fc26e75
4
- data.tar.gz: 8956a3a1461da92d9d250971e170df0ac66ea637e6f1ac89d4200bd894c7d8b4
3
+ metadata.gz: 1e63e836f63ed2b6731dbdf64bdd6a7635bacea437bb0e6430f5723552f83899
4
+ data.tar.gz: b7c5eb01564d29cae316d07bf52310bd4c110500d869392135a26275b196068f
5
5
  SHA512:
6
- metadata.gz: 22eb1640abc543c3812c35873353e360cb70df65f3c39da53b6083cbe9b03707b0697aeadf93a7e4852321be184fd3c9ac16cc1e3ba95fc8e0b13f57a0bf8eb9
7
- data.tar.gz: f3ae41ed56e36b351d101f2b4931c7270b3dd5df3de6841e88f174df02359d4a7e80e0b789e5c0971413b5f4603a6ffc32cc160b4bc600fb24899f5731ff7f29
6
+ metadata.gz: dbc69e11cc8e24f636ea4fe3d9996d13d4d373dd7678018d2bf078e0a971762e55be7b61ec2cc0b39bfe321ffa9b0113715bc0075aa6110cf071c98774b39d11
7
+ data.tar.gz: 3aa893e192eb8004641bb0131da7ee2fffcb97b07d58ca09674ad5d5935806d7103e892538aae9896457a35b5241a73822bc59045cfdfc7d8506c49d08fc8308
@@ -3,5 +3,22 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
5
5
 
6
+ ## [0.3.0] - 2020-11-15
7
+ - [#5](https://github.com/boltops-tools/terraspace_provider_google/pull/5) helper and secrets support
8
+ - google secret
9
+
10
+ ## [0.2.2]
11
+ - #4 fix test template: folder rename to stacks
12
+
13
+ ## [0.2.1]
14
+ - #3 update starter example template: bucket_policy_only deprecated for uniform_bucket_level_access
15
+ - edge case: graceful error when bucket doesnt exist yet
16
+
17
+ ## [0.2.0]
18
+ - #2 include layer interface, update template to use expansion method
19
+
20
+ ## [0.1.1]
21
+ - summary command: fix edge case when files are deleted mid-loop
22
+
6
23
  ## [0.1.0]
7
24
  - Initial release
@@ -1,4 +1,4 @@
1
1
  resource "google_storage_bucket" "this" {
2
- name = var.name
3
- bucket_policy_only = var.bucket_policy_only
2
+ name = var.name
3
+ uniform_bucket_level_access = var.uniform_bucket_level_access
4
4
  }
@@ -3,8 +3,8 @@ variable "name" {
3
3
  type = string
4
4
  }
5
5
 
6
- variable "bucket_policy_only" {
7
- description = "bucket_policy_only"
6
+ variable "uniform_bucket_level_access" {
7
+ description = "uniform_bucket_level_access"
8
8
  type = bool
9
9
  default = false
10
10
  }
@@ -1,6 +1,6 @@
1
1
  terraform {
2
2
  backend "gcs" {
3
- bucket = "<%%= backend_expand('gcs', 'terraform-state-:PROJECT-:REGION-:ENV') %>" # expanded by terraspace IE: terraform-state-project-us-central1-dev
4
- prefix = "<%%= backend_expand('gcs', ':REGION/:ENV/:BUILD_DIR') %>" # expanded by terraspace IE: us-central1/dev/modules/vm
3
+ bucket = "<%%= expansion('terraform-state-:PROJECT-:REGION-:ENV') %>"
4
+ prefix = "<%%= expansion(':REGION/:ENV/:BUILD_DIR') %>"
5
5
  }
6
6
  }
@@ -5,6 +5,6 @@ resource "random_pet" "this" {
5
5
  module "bucket" {
6
6
  source = "../../modules/example"
7
7
 
8
- name = "bucket-${random_pet.this.id}"
9
- bucket_policy_only = var.bucket_policy_only
8
+ name = "bucket-${random_pet.this.id}"
9
+ uniform_bucket_level_access = var.uniform_bucket_level_access
10
10
  }
@@ -1,5 +1,5 @@
1
- variable "bucket_policy_only" {
2
- description = "bucket_policy_only"
1
+ variable "uniform_bucket_level_access" {
2
+ description = "uniform_bucket_level_access"
3
3
  type = bool
4
4
  default = false
5
5
  }
@@ -1,4 +1,4 @@
1
1
  resource("google_storage_bucket", "this",
2
- name: var.name,
3
- bucket_policy_only:var.bucket_policy_only,
2
+ name: var.name,
3
+ uniform_bucket_level_access: var.uniform_bucket_level_access,
4
4
  )
@@ -3,8 +3,8 @@ variable("name",
3
3
  type: "string",
4
4
  )
5
5
 
6
- variable("bucket_policy_only",
7
- description: "bucket_policy_only",
6
+ variable("uniform_bucket_level_access",
7
+ description: "uniform_bucket_level_access",
8
8
  type: "bool",
9
9
  default: false,
10
10
  )
@@ -1,5 +1,5 @@
1
- variable("bucket_policy_only",
2
- description: "bucket_policy_only",
1
+ variable("uniform_bucket_level_access",
2
+ description: "uniform_bucket_level_access",
3
3
  type: "bool",
4
4
  default: false,
5
5
  )
@@ -5,6 +5,6 @@ resource "random_pet" "this" {
5
5
  module "bucket" {
6
6
  source = "../../modules/example"
7
7
 
8
- name = "bucket-${random_pet.this.id}"
9
- bucket_policy_only = var.bucket_policy_only
8
+ name = "bucket-${random_pet.this.id}"
9
+ uniform_bucket_level_access = var.uniform_bucket_level_access
10
10
  }
@@ -1,5 +1,5 @@
1
- variable "bucket_policy_only" {
2
- description = "bucket_policy_only"
1
+ variable "uniform_bucket_level_access" {
2
+ description = "uniform_bucket_level_access"
3
3
  type = bool
4
4
  default = false
5
5
  }
@@ -22,12 +22,22 @@ module TerraspacePluginGoogle
22
22
  Interfaces::Config.instance.config
23
23
  end
24
24
 
25
+ @@logger = nil
26
+ def logger
27
+ @@logger ||= Terraspace.logger
28
+ end
29
+
30
+ def logger=(v)
31
+ @@logger = v
32
+ end
33
+
25
34
  extend self
26
35
  end
27
36
 
28
37
  Terraspace::Plugin.register("google",
29
38
  backend: "gcs",
30
39
  config_class: TerraspacePluginGoogle::Interfaces::Config,
40
+ helper_class: TerraspacePluginGoogle::Interfaces::Helper,
31
41
  layer_class: TerraspacePluginGoogle::Interfaces::Layer,
32
42
  root: File.dirname(__dir__),
33
43
  )
@@ -1,9 +1,15 @@
1
+ require "google-cloud-secret_manager"
1
2
  require "google/cloud/storage"
2
3
 
3
4
  module TerraspacePluginGoogle
4
5
  module Clients
5
6
  extend Memoist
6
7
 
8
+ def secret_manager_service
9
+ Google::Cloud::SecretManager.secret_manager_service
10
+ end
11
+ memoize :secret_manager_service
12
+
7
13
  def storage
8
14
  Google::Cloud::Storage.new
9
15
  end
@@ -0,0 +1,10 @@
1
+ module TerraspacePluginGoogle::Interfaces
2
+ module Helper
3
+ include Terraspace::Plugin::Helper::Interface
4
+
5
+ def google_secret(name, options={})
6
+ Secret.new(options).fetch(name)
7
+ end
8
+ cache_helper :google_secret
9
+ end
10
+ end
@@ -0,0 +1,43 @@
1
+ require "base64"
2
+
3
+ module TerraspacePluginGoogle::Interfaces::Helper
4
+ class Secret
5
+ include TerraspacePluginGoogle::Clients
6
+ include TerraspacePluginGoogle::Logging
7
+
8
+ def initialize(options={})
9
+ @options = options
10
+ @base64 = options[:base64]
11
+ @project_id = options[:google_project] || ENV['GOOGLE_PROJECT'] || raise("GOOGLE_PROJECT env variable is not set. It's required.")
12
+ end
13
+
14
+ def fetch(short_name, version: "latest")
15
+ value = fetch_value(short_name, version)
16
+ value = Base64.strict_encode64(value).strip if @base64
17
+ value
18
+ end
19
+
20
+ def fetch_value(short_name, version="latest")
21
+ name = "projects/#{project_number}/secrets/#{short_name}/versions/#{version}"
22
+ version = secret_manager_service.access_secret_version(name: name)
23
+ version.payload.data
24
+ rescue Google::Cloud::NotFoundError => e
25
+ logger.info "WARN: secret #{name} not found".color(:yellow)
26
+ logger.info e.message
27
+ "NOT FOUND #{name}" # simple string so Kubernetes YAML is valid
28
+ end
29
+
30
+ # TODO: Get the project from the list project api instead. Unsure where the docs are for this.
31
+ # If someone knows, let me know.
32
+ # Right now grabbing the first secret to then be able to get the google project number
33
+ @@project_number = nil
34
+ def project_number
35
+ return @@project_number if @@project_number
36
+
37
+ parent = "projects/#{@project_id}"
38
+ resp = secret_manager_service.list_secrets(parent: parent) # note: page_size doesnt seem to get respected
39
+ name = resp.first.name # IE: projects/111111111111/secrets/demo-dev-db_host
40
+ @@project_number = name.split('/')[1]
41
+ end
42
+ end
43
+ end
@@ -2,6 +2,7 @@ require "gcp_data"
2
2
 
3
3
  module TerraspacePluginGoogle::Interfaces
4
4
  class Layer
5
+ include Terraspace::Plugin::Layer::Interface
5
6
  extend Memoist
6
7
 
7
8
  # interface method
@@ -13,10 +14,5 @@ module TerraspacePluginGoogle::Interfaces
13
14
  def region
14
15
  GcpData.region
15
16
  end
16
-
17
- # interface method
18
- def provider
19
- "google"
20
- end
21
17
  end
22
18
  end
@@ -11,8 +11,13 @@ module TerraspacePluginGoogle::Interfaces
11
11
  # interface method
12
12
  def download
13
13
  bucket = storage.bucket(@bucket)
14
+ unless bucket
15
+ logger.error "ERROR: bucket #{@bucket} does not exist".color(:red)
16
+ exit 1
17
+ end
14
18
  bucket.files(prefix: @folder).all do |f|
15
19
  file = bucket.file(f.name)
20
+ next if file.nil? # in case file has been removed since .files
16
21
  # Note the f.name already includes the folder
17
22
  local_path = "#{@dest}/#{f.name}"
18
23
  FileUtils.mkdir_p(File.dirname(local_path))
@@ -0,0 +1,7 @@
1
+ module TerraspacePluginGoogle
2
+ module Logging
3
+ def logger
4
+ Terraspace.logger
5
+ end
6
+ end
7
+ end
@@ -1,3 +1,3 @@
1
1
  module TerraspacePluginGoogle
2
- VERSION = "0.1.0"
2
+ VERSION = "0.3.0"
3
3
  end
@@ -24,6 +24,7 @@ Gem::Specification.new do |spec|
24
24
 
25
25
  spec.add_dependency "gcp_data"
26
26
  spec.add_dependency "google-cloud-storage"
27
+ spec.add_dependency "google-cloud-secret_manager"
27
28
  spec.add_dependency "memoist"
28
29
  spec.add_dependency "zeitwerk"
29
30
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: terraspace_plugin_google
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tung Nguyen
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-07-23 00:00:00.000000000 Z
11
+ date: 2020-11-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gcp_data
@@ -38,6 +38,20 @@ dependencies:
38
38
  - - ">="
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: google-cloud-secret_manager
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
41
55
  - !ruby/object:Gem::Dependency
42
56
  name: memoist
43
57
  requirement: !ruby/object:Gem::Requirement
@@ -107,15 +121,18 @@ files:
107
121
  - lib/templates/test/rspec/module/test/spec/main_spec.rb.tt
108
122
  - lib/templates/test/rspec/module/test/spec/spec_helper.rb
109
123
  - lib/templates/test/rspec/project/spec/fixtures/tfvars/demo.tfvars
110
- - lib/templates/test/rspec/project/spec/stack/demo/main_spec.rb
124
+ - lib/templates/test/rspec/project/spec/stacks/demo/main_spec.rb
111
125
  - lib/terraspace_plugin_google.rb
112
126
  - lib/terraspace_plugin_google/autoloader.rb
113
127
  - lib/terraspace_plugin_google/clients.rb
114
128
  - lib/terraspace_plugin_google/interfaces/backend.rb
115
129
  - lib/terraspace_plugin_google/interfaces/config.rb
116
130
  - lib/terraspace_plugin_google/interfaces/expander.rb
131
+ - lib/terraspace_plugin_google/interfaces/helper.rb
132
+ - lib/terraspace_plugin_google/interfaces/helper/secret.rb
117
133
  - lib/terraspace_plugin_google/interfaces/layer.rb
118
134
  - lib/terraspace_plugin_google/interfaces/summary.rb
135
+ - lib/terraspace_plugin_google/logging.rb
119
136
  - lib/terraspace_plugin_google/version.rb
120
137
  - terraspace_plugin_google.gemspec
121
138
  homepage: https://github.com/boltops-tools/terraspace_plugin_google
@@ -138,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
138
155
  - !ruby/object:Gem::Version
139
156
  version: '0'
140
157
  requirements: []
141
- rubygems_version: 3.1.2
158
+ rubygems_version: 3.1.4
142
159
  signing_key:
143
160
  specification_version: 4
144
161
  summary: Terraspace Google Cloud Plugin