terraspace_plugin_google 0.2.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 60aa63a18ee7e8e607a58f0e00534bf68158a117070c1cbddd7c13eb9ed2d148
-  data.tar.gz: 969b365d1168cc6a5b3d4ed5a03d88699d701ec54e2490162f00f89d5b511ee5
+  metadata.gz: 628fdc35ca018bb08c245ade973b52cb1791ae4cae8858dac9cc787312c81be6
+  data.tar.gz: 73c858a9d4452668896b68c58aa51f0b23f6dcbb5d2f07cce9c3df1b4273cebb
 SHA512:
-  metadata.gz: 06ce418b5be6190d68246b9f7066045cd40781c4d75db40c4f04792b1004aeeb7306644dafd843fe732fe3e39d175d63bec42fb4aafae433332f1c1fa4a28b81
-  data.tar.gz: 78398add7a43d881056f85910873ebf283c287fd0f139ba864e0ad45dcb22059800fc9cfb4756bcf395ac8294091cc1e4ed952bd7c996cd9d0a8a9d1f69f771d
+  metadata.gz: a157213a221b74251896316d3bd879496e25a68dced1d44a294958e51c0ba3e830959fe07cd869f115cd73ea220660a20128484349c3328eadd87bbd2ca2ed5e
+  data.tar.gz: 24297c26f98c24ad85f689fc82c1e14acf64583e909da9b566524bd263b0e48cdb8fd6281753702dbc5595f010fddb47578f8432530e91af78ec30fa1324a1c7

data/CHANGELOG.md

@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
 
+## [0.3.1] - 2021-11-13
+- [#7](https://github.com/boltops-tools/terraspace_provider_google/pull/7) get google project number via api
+
+## [0.3.0] - 2020-11-15
+- [#5](https://github.com/boltops-tools/terraspace_provider_google/pull/5) helper and secrets support
+- google secret
+
+## [0.2.2]
+- #4 fix test template: folder rename to stacks
+
+## [0.2.1]
+- #3 update starter example template: bucket_policy_only deprecated for uniform_bucket_level_access
+- edge case: graceful error when bucket doesnt exist yet
+
 ## [0.2.0]
 - #2 include layer interface, update template to use expansion method
 

data/lib/templates/hcl/module/main.tf

@@ -1,4 +1,4 @@
 resource "google_storage_bucket" "this" {
-  name               = var.name
-  bucket_policy_only = var.bucket_policy_only
+  name                        = var.name
+  uniform_bucket_level_access = var.uniform_bucket_level_access
 }

data/lib/templates/hcl/module/variables.tf

@@ -3,8 +3,8 @@ variable "name" {
   type        = string
 }
 
-variable "bucket_policy_only" {
-  description = "bucket_policy_only"
+variable "uniform_bucket_level_access" {
+  description = "uniform_bucket_level_access"
   type        = bool
   default     = false
 }

data/lib/templates/hcl/project/config/terraform/backend.tf.tt

@@ -1,6 +1,6 @@
 terraform {
   backend "gcs" {
-    bucket = "<%%= expansion('terraform-state-:PROJECT-:REGION-:ENV') %>" # expanded by terraspace IE: terraform-state-project-us-central1-dev
-    prefix = "<%%= expansion(':REGION/:ENV/:BUILD_DIR') %>" # expanded by terraspace IE: us-central1/dev/modules/vm
+    bucket = "<%%= expansion('terraform-state-:PROJECT-:REGION-:ENV') %>"
+    prefix = "<%%= expansion(':REGION/:ENV/:BUILD_DIR') %>"
   }
 }

data/lib/templates/hcl/stack/main.tf

@@ -5,6 +5,6 @@ resource "random_pet" "this" {
 module "bucket" {
   source = "../../modules/example"
 
-  name               = "bucket-${random_pet.this.id}"
-  bucket_policy_only = var.bucket_policy_only
+  name                        = "bucket-${random_pet.this.id}"
+  uniform_bucket_level_access = var.uniform_bucket_level_access
 }

data/lib/templates/hcl/stack/variables.tf

@@ -1,5 +1,5 @@
-variable "bucket_policy_only" {
-  description = "bucket_policy_only"
+variable "uniform_bucket_level_access" {
+  description = "uniform_bucket_level_access"
   type        = bool
   default     = false
 }

data/lib/templates/ruby/module/main.rb

@@ -1,4 +1,4 @@
 resource("google_storage_bucket", "this",
-  name:              var.name,
-  bucket_policy_only:var.bucket_policy_only,
+  name:                         var.name,
+  uniform_bucket_level_access: var.uniform_bucket_level_access,
 )

data/lib/templates/ruby/module/variables.rb

@@ -3,8 +3,8 @@ variable("name",
   type:        "string",
 )
 
-variable("bucket_policy_only",
-  description: "bucket_policy_only",
+variable("uniform_bucket_level_access",
+  description: "uniform_bucket_level_access",
   type:        "bool",
   default:     false,
 )

data/lib/templates/ruby/stack/variables.rb

@@ -1,5 +1,5 @@
-variable("bucket_policy_only",
-  description: "bucket_policy_only",
+variable("uniform_bucket_level_access",
+  description: "uniform_bucket_level_access",
   type:        "bool",
   default:     false,
 )

data/lib/templates/test/rspec/module/test/spec/fixtures/stack/main.tf

@@ -5,6 +5,6 @@ resource "random_pet" "this" {
 module "bucket" {
   source = "../../modules/example"
 
-  name               = "bucket-${random_pet.this.id}"
-  bucket_policy_only = var.bucket_policy_only
+  name                        = "bucket-${random_pet.this.id}"
+  uniform_bucket_level_access = var.uniform_bucket_level_access
 }

data/lib/templates/test/rspec/module/test/spec/fixtures/stack/variables.tf

@@ -1,5 +1,5 @@
-variable "bucket_policy_only" {
-  description = "bucket_policy_only"
+variable "uniform_bucket_level_access" {
+  description = "uniform_bucket_level_access"
   type        = bool
   default     = false
 }

data/lib/terraspace_plugin_google/clients.rb

@@ -1,12 +1,24 @@
+require "google-cloud-resource_manager"
+require "google-cloud-secret_manager"
 require "google/cloud/storage"
 
 module TerraspacePluginGoogle
   module Clients
     extend Memoist
 
+    def secret_manager_service
+      Google::Cloud::SecretManager.secret_manager_service
+    end
+    memoize :secret_manager_service
+
     def storage
       Google::Cloud::Storage.new
     end
     memoize :storage
+
+    def resource_manager
+      Google::Cloud.new.resource_manager
+    end
+    memoize :resource_manager
   end
 end

data/lib/terraspace_plugin_google/interfaces/helper/secret.rb

@@ -0,0 +1,38 @@
+require "base64"
+
+module TerraspacePluginGoogle::Interfaces::Helper
+  class Secret
+    include TerraspacePluginGoogle::Clients
+    include TerraspacePluginGoogle::Logging
+
+    def initialize(options={})
+      @options = options
+      @base64 = options[:base64]
+      @project_id = options[:google_project] || ENV['GOOGLE_PROJECT'] || raise("GOOGLE_PROJECT env variable is not set. It's required.")
+    end
+
+    def fetch(short_name, version: "latest")
+      value = fetch_value(short_name, version)
+      value = Base64.strict_encode64(value).strip if @base64
+      value
+    end
+
+    def fetch_value(short_name, version="latest")
+      name = "projects/#{project_number}/secrets/#{short_name}/versions/#{version}"
+      version = secret_manager_service.access_secret_version(name: name)
+      version.payload.data
+    rescue Google::Cloud::NotFoundError => e
+      logger.info "WARN: secret #{name} not found".color(:yellow)
+      logger.info e.message
+      "NOT FOUND #{name}" # simple string so Kubernetes YAML is valid
+    end
+
+  private
+    @@project_number = nil
+    def project_number
+      return @@project_number if @@project_number
+      project = resource_manager.project(@project_id)
+      @@project_number = project.project_number
+    end
+  end
+end

data/lib/terraspace_plugin_google/interfaces/helper.rb

@@ -0,0 +1,10 @@
+module TerraspacePluginGoogle::Interfaces
+  module Helper
+    include Terraspace::Plugin::Helper::Interface
+
+    def google_secret(name, options={})
+      Secret.new(options).fetch(name)
+    end
+    cache_helper :google_secret
+  end
+end

data/lib/terraspace_plugin_google/interfaces/summary.rb

@@ -11,6 +11,10 @@ module TerraspacePluginGoogle::Interfaces
     # interface method
     def download
       bucket = storage.bucket(@bucket)
+      unless bucket
+        logger.error "ERROR: bucket #{@bucket} does not exist".color(:red)
+        exit 1
+      end
       bucket.files(prefix: @folder).all do |f|
         file = bucket.file(f.name)
         next if file.nil? # in case file has been removed since .files

data/lib/terraspace_plugin_google/logging.rb

@@ -0,0 +1,7 @@
+module TerraspacePluginGoogle
+  module Logging
+    def logger
+      Terraspace.logger
+    end
+  end
+end

data/lib/terraspace_plugin_google/version.rb

@@ -1,3 +1,3 @@
 module TerraspacePluginGoogle
-  VERSION = "0.2.0"
+  VERSION = "0.3.1"
 end

data/lib/terraspace_plugin_google.rb

@@ -22,12 +22,22 @@ module TerraspacePluginGoogle
     Interfaces::Config.instance.config
   end
 
+  @@logger = nil
+  def logger
+    @@logger ||= Terraspace.logger
+  end
+
+  def logger=(v)
+    @@logger = v
+  end
+
   extend self
 end
 
 Terraspace::Plugin.register("google",
   backend: "gcs",
   config_class: TerraspacePluginGoogle::Interfaces::Config,
+  helper_class: TerraspacePluginGoogle::Interfaces::Helper,
   layer_class: TerraspacePluginGoogle::Interfaces::Layer,
   root: File.dirname(__dir__),
 )

data/terraspace_plugin_google.gemspec

@@ -24,6 +24,8 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency "gcp_data"
   spec.add_dependency "google-cloud-storage"
+  spec.add_dependency "google-cloud-resource_manager"
+  spec.add_dependency "google-cloud-secret_manager"
   spec.add_dependency "memoist"
   spec.add_dependency "zeitwerk"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: terraspace_plugin_google
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Tung Nguyen
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-08-20 00:00:00.000000000 Z
+date: 2021-11-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gcp_data
@@ -38,6 +38,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: google-cloud-resource_manager
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: google-cloud-secret_manager
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: memoist
   requirement: !ruby/object:Gem::Requirement
@@ -107,15 +135,18 @@ files:
 - lib/templates/test/rspec/module/test/spec/main_spec.rb.tt
 - lib/templates/test/rspec/module/test/spec/spec_helper.rb
 - lib/templates/test/rspec/project/spec/fixtures/tfvars/demo.tfvars
-- lib/templates/test/rspec/project/spec/stack/demo/main_spec.rb
+- lib/templates/test/rspec/project/spec/stacks/demo/main_spec.rb
 - lib/terraspace_plugin_google.rb
 - lib/terraspace_plugin_google/autoloader.rb
 - lib/terraspace_plugin_google/clients.rb
 - lib/terraspace_plugin_google/interfaces/backend.rb
 - lib/terraspace_plugin_google/interfaces/config.rb
 - lib/terraspace_plugin_google/interfaces/expander.rb
+- lib/terraspace_plugin_google/interfaces/helper.rb
+- lib/terraspace_plugin_google/interfaces/helper/secret.rb
 - lib/terraspace_plugin_google/interfaces/layer.rb
 - lib/terraspace_plugin_google/interfaces/summary.rb
+- lib/terraspace_plugin_google/logging.rb
 - lib/terraspace_plugin_google/version.rb
 - terraspace_plugin_google.gemspec
 homepage: https://github.com/boltops-tools/terraspace_plugin_google
@@ -138,7 +169,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Terraspace Google Cloud Plugin