tfctl 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +16 -15
- data/CHANGELOG.adoc +8 -2
- data/Guardfile +7 -0
- data/Makefile +5 -1
- data/bin/tfctl +2 -5
- data/examples/control_tower/conf/example.yaml +3 -2
- data/lib/tfctl/config.rb +4 -0
- data/lib/tfctl/executor.rb +8 -1
- data/lib/tfctl/generator.rb +8 -15
- data/lib/tfctl/version.rb +1 -1
- data/tfctl.gemspec +3 -2
- metadata +17 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c01c64c623610d77abd88401c0bbea5d56eb4963b58d7ad3178a777d5d297ead
|
|
4
|
+
data.tar.gz: f6bbe78e0bc1f504105bcfa3362ce90368e5cd79b4b075a92e57b8adadbce1c1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2eb1394b05e67619f9a2498348f4a1f96b2eb4bf0afd7252c74d822c3f35e08a6bc953c7eae95388ab2a5e34f5c8c7dbde91db9f59f0f02cbba51e23030542e2
|
|
7
|
+
data.tar.gz: a17c9e00867b95243e47ddc495a662a2464dcc251148fb7bfd51e8c380de6845235a4b7411fd5c833cbcdb5c3f582ff2bbbafc21f5c7bb2bb707c3955cfd9381
|
data/.travis.yml
CHANGED
|
@@ -1,17 +1,18 @@
|
|
|
1
1
|
rvm:
|
|
2
|
-
- 2.3
|
|
3
|
-
- 2.6
|
|
4
|
-
|
|
2
|
+
- 2.3
|
|
3
|
+
- 2.6
|
|
4
|
+
os: linux
|
|
5
|
+
language: ruby
|
|
5
6
|
script: make test
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
7
|
+
jobs:
|
|
8
|
+
include:
|
|
9
|
+
- stage: Gem release
|
|
10
|
+
rvm: 2.6
|
|
11
|
+
deploy:
|
|
12
|
+
provider: rubygems
|
|
13
|
+
api_key:
|
|
14
|
+
secure: FKAONS7x6koN7oiEULr4ViwjlDBzbE0bCgqhXRP4DfTtlRyEymeqgrfSIqkVH7unjd0muIGrMBnFuaQVSx7648RS1Ss0QAJo32SVnzoYl1P03cijqNmbbaf1jRdA3IGmh0gV5vsXrmlHiP8gfAuC9PqQ550OzxzWUvEI8vXgSTibmKd/PoQinv5g/dq0gBFjlhSMt/k3Z9WlMmkEsAro/r/Ie2M7mItHPT65f0ga5q5SeujPQQ3Sd/l3mznh37bmnw5RZpFDYdA7jL2p0Y58XJPBU8soa3ZC5GeHyxCYVoGh6EDGAFb83ERRT6rQ7ywkOufTv1o497P7a/prSbvT6fzc+DcugXPEaglT+dUXMe36OoF907Xva4vq3xIHV2N/yrxbDM85hmMk22wEU+9wpDDzFNQnfsXNbaHG9F7gLgy0eoTRrSuJf6cPDlE8pwvn7b8cjieeqWc//ZNhSYnHYZGER4LFINWVxs68Eofmmqp2IESTcUpJ8oB4bV+bzzyobJMRobOXu2hvgCrTdr6r/PnckpAfZE/l4nVQa14f1FU//8bU3DwvNun6TX1Ujp+XNiRDUlvP2KnkBU4s5rsIkL3lCHW7r6GipSk6SOvGMTz5eySMsoWvZQBdAzk/OxcIteeWH9pdo1Hbu5x2/bwyuTRCQ9E79CKWDKlIQwCgUY0=
|
|
15
|
+
gem: tfctl
|
|
16
|
+
on:
|
|
17
|
+
tags: true
|
|
18
|
+
repo: scalefactory/tfctl
|
data/CHANGELOG.adoc
CHANGED
|
@@ -1,12 +1,18 @@
|
|
|
1
1
|
= Changelog
|
|
2
2
|
|
|
3
|
+
== 0.2.0
|
|
4
|
+
|
|
5
|
+
* feat: configurable Terraform and AWS provider version requirements
|
|
6
|
+
* fix: use provider region from config file
|
|
7
|
+
* fix: fail when terraform command is missing
|
|
8
|
+
|
|
3
9
|
== 0.1.0
|
|
4
10
|
|
|
5
|
-
*
|
|
11
|
+
* feat: Added `-l` switch to list discovered accounts.
|
|
6
12
|
|
|
7
13
|
== 0.0.2
|
|
8
14
|
|
|
9
|
-
*
|
|
15
|
+
* fix: Fixed an exception when `exclude_accounts` is not set.
|
|
10
16
|
|
|
11
17
|
== 0.0.1
|
|
12
18
|
|
data/Guardfile
ADDED
data/Makefile
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
.PHONY: clean install test rubocop spec
|
|
1
|
+
.PHONY: clean install test rubocop spec guard
|
|
2
2
|
|
|
3
3
|
vendor:
|
|
4
4
|
$(info => Installing Ruby dependencies)
|
|
@@ -6,6 +6,10 @@ vendor:
|
|
|
6
6
|
|
|
7
7
|
test: vendor rubocop spec
|
|
8
8
|
|
|
9
|
+
guard: vendor
|
|
10
|
+
$(info => Starting guard)
|
|
11
|
+
@bundle exec guard
|
|
12
|
+
|
|
9
13
|
rubocop:
|
|
10
14
|
$(info => Running rubocop)
|
|
11
15
|
@vendor/bin/rubocop
|
data/bin/tfctl
CHANGED
|
@@ -118,11 +118,8 @@ def run_account(config, account, options, tf_argv, log)
|
|
|
118
118
|
# executed from.
|
|
119
119
|
log.info "#{account[:name]}: Generating Terraform run directory"
|
|
120
120
|
Tfctl::Generator.make(
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
account_name: account[:name],
|
|
124
|
-
profiles: account[:profiles],
|
|
125
|
-
execution_role: account[:tf_execution_role],
|
|
121
|
+
account: account,
|
|
122
|
+
config: config,
|
|
126
123
|
)
|
|
127
124
|
|
|
128
125
|
log.info "#{account[:name]}: Executing Terraform #{tf_argv[0]}"
|
|
@@ -19,7 +19,8 @@ tf_state_dynamodb_table: 'terraform-lock'
|
|
|
19
19
|
tf_state_region: 'eu-west-1'
|
|
20
20
|
# Role for accessing state resources
|
|
21
21
|
tf_state_role_arn: 'arn:aws:iam::SHARED_SERVICES_ACCOUNT_ID:role/TerraformStateRole'
|
|
22
|
-
|
|
22
|
+
tf_required_version: '>= 0.12.0'
|
|
23
|
+
aws_provider_version: '>= 2.14'
|
|
23
24
|
# Role used by tfctl to retrieve data from AWS Organizations
|
|
24
25
|
# Has to be set up in the primary org account
|
|
25
26
|
tfctl_role_arn: 'arn:aws:iam::PRIMARY_ACCOUNT_ID:role/TfctlRole'
|
|
@@ -61,7 +62,7 @@ organization_units:
|
|
|
61
62
|
# Configuration to apply to individual accounts
|
|
62
63
|
account_overrides:
|
|
63
64
|
test-example1:
|
|
64
|
-
# Override the bucket name in specific account
|
|
65
|
+
# Override the bucket name in a specific account
|
|
65
66
|
example_bucket_name: 'tfctl-account-override-example'
|
|
66
67
|
|
|
67
68
|
|
data/lib/tfctl/config.rb
CHANGED
data/lib/tfctl/executor.rb
CHANGED
|
@@ -12,11 +12,18 @@ module Tfctl
|
|
|
12
12
|
# Execute terraform command
|
|
13
13
|
def run(account_name:, config_name:, log:, cmd: nil, argv: [], unbuffered: true)
|
|
14
14
|
|
|
15
|
+
# Use bin/terraform from a project dir if available
|
|
16
|
+
# Otherwise rely on PATH.
|
|
15
17
|
if cmd.nil?
|
|
16
|
-
# use project terraform binary if available
|
|
17
18
|
cmd = File.exist?("#{PROJECT_ROOT}/bin/terraform") ? "#{PROJECT_ROOT}/bin/terraform" : 'terraform'
|
|
18
19
|
end
|
|
19
20
|
|
|
21
|
+
# Fail if there are no arguments for terraform and show terraform -help
|
|
22
|
+
if argv.empty?
|
|
23
|
+
help = `#{cmd} -help`.lines.to_a[1..-1].join
|
|
24
|
+
raise Tfctl::Error, "Missing terraform command.\n #{help}"
|
|
25
|
+
end
|
|
26
|
+
|
|
20
27
|
path = "#{PROJECT_ROOT}/.tfctl/#{config_name}/#{account_name}"
|
|
21
28
|
cwd = FileUtils.pwd
|
|
22
29
|
plan_file = "#{path}/tfplan"
|
data/lib/tfctl/generator.rb
CHANGED
|
@@ -14,17 +14,10 @@ module Tfctl
|
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
|
|
17
|
-
def make(
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
profiles:,
|
|
22
|
-
config:,
|
|
23
|
-
region: 'eu-west-1',
|
|
24
|
-
tf_version: '>= 0.12.0',
|
|
25
|
-
aws_provider_version: '~> 2.14',
|
|
26
|
-
target_dir: "#{PROJECT_ROOT}/.tfctl/#{config[:config_name]}/#{account_name}"
|
|
27
|
-
)
|
|
17
|
+
def make(account:, config:)
|
|
18
|
+
target_dir = "#{PROJECT_ROOT}/.tfctl/#{config[:config_name]}/#{account[:name]}"
|
|
19
|
+
tf_version = config.fetch(:tf_required_version, '>= 0.12.0')
|
|
20
|
+
aws_provider_version = config.fetch(:aws_provider_version, '>= 2.14')
|
|
28
21
|
|
|
29
22
|
FileUtils.mkdir_p target_dir
|
|
30
23
|
|
|
@@ -34,7 +27,7 @@ module Tfctl
|
|
|
34
27
|
'backend' => {
|
|
35
28
|
's3' => {
|
|
36
29
|
'bucket' => config[:tf_state_bucket],
|
|
37
|
-
'key' => "#{
|
|
30
|
+
'key' => "#{account[:name]}/tfstate",
|
|
38
31
|
'region' => config[:tf_state_region],
|
|
39
32
|
'role_arn' => config[:tf_state_role_arn],
|
|
40
33
|
'dynamodb_table' => config[:tf_state_dynamodb_table],
|
|
@@ -49,9 +42,9 @@ module Tfctl
|
|
|
49
42
|
'provider' => {
|
|
50
43
|
'aws' => {
|
|
51
44
|
'version' => aws_provider_version,
|
|
52
|
-
'region' => region,
|
|
45
|
+
'region' => account[:region],
|
|
53
46
|
'assume_role' => {
|
|
54
|
-
'role_arn' => "arn:aws:iam::#{
|
|
47
|
+
'role_arn' => "arn:aws:iam::#{account[:id]}:role/#{account[:tf_execution_role]}",
|
|
55
48
|
},
|
|
56
49
|
},
|
|
57
50
|
},
|
|
@@ -74,7 +67,7 @@ module Tfctl
|
|
|
74
67
|
|
|
75
68
|
FileUtils.rm Dir.glob("#{target_dir}/profile_*.tf.json")
|
|
76
69
|
|
|
77
|
-
profiles.each do |profile|
|
|
70
|
+
account[:profiles].each do |profile|
|
|
78
71
|
profile_block = {
|
|
79
72
|
'module' => {
|
|
80
73
|
profile => {
|
data/lib/tfctl/version.rb
CHANGED
data/tfctl.gemspec
CHANGED
|
@@ -29,6 +29,7 @@ Gem::Specification.new do |spec|
|
|
|
29
29
|
spec.add_dependency 'parallel', '~> 1.17'
|
|
30
30
|
spec.add_dependency 'terminal-table', '~> 1.8'
|
|
31
31
|
|
|
32
|
-
spec.add_development_dependency 'rspec', '~>
|
|
33
|
-
spec.add_development_dependency '
|
|
32
|
+
spec.add_development_dependency 'guard-rspec', '~> 4.7'
|
|
33
|
+
spec.add_development_dependency 'rspec', '~> 3.8'
|
|
34
|
+
spec.add_development_dependency 'rubocop', '~> 0.76'
|
|
34
35
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tfctl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Wasilczuk
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-11-
|
|
11
|
+
date: 2019-11-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-organizations
|
|
@@ -52,6 +52,20 @@ dependencies:
|
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
54
|
version: '1.8'
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: guard-rspec
|
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
|
58
|
+
requirements:
|
|
59
|
+
- - "~>"
|
|
60
|
+
- !ruby/object:Gem::Version
|
|
61
|
+
version: '4.7'
|
|
62
|
+
type: :development
|
|
63
|
+
prerelease: false
|
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
+
requirements:
|
|
66
|
+
- - "~>"
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: '4.7'
|
|
55
69
|
- !ruby/object:Gem::Dependency
|
|
56
70
|
name: rspec
|
|
57
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -94,6 +108,7 @@ files:
|
|
|
94
108
|
- ".travis.yml"
|
|
95
109
|
- CHANGELOG.adoc
|
|
96
110
|
- Gemfile
|
|
111
|
+
- Guardfile
|
|
97
112
|
- LICENSE
|
|
98
113
|
- Makefile
|
|
99
114
|
- README.adoc
|