tfctl 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6d47682cf9949db840c18d07b6f06907a9d36e2a75d0a5255b4c57f3603c0dbf
-  data.tar.gz: d5a81e877943fff53e903a104249e1147a827c593430bc91c0b78d5cc467fc4b
+  metadata.gz: d6f58a8ef8569aaec8cc41ad269adf690caca7d13472a26ed65ed846c835273c
+  data.tar.gz: '013649daccb576adbe4c0c95c8fe64347b641dcb07ad2f0d3e5ca1420188489c'
 SHA512:
-  metadata.gz: 03b7d69b7a7bbf296b0b1ab3aa8794d8b91e51559a1e2ee1d450396615aeba495b63993f84866c6fe5997d34c760da143cb66ca0cabc2a1a5a1266b701676bac
-  data.tar.gz: f9ebdae72fd58473c3a8cc5015fd2d2e32092488218b52efa79e2d625802ccdf4447298e45497d4ec0e03583b0edbd3a31b51e92f76a5981a5f3819f9cee1e4a
+  metadata.gz: 2a65943659c0dabe88c40d76d46a99ed23f1ef335486c719729ca599e10e60b2abc0bc81577f2490ca7bbbe64e479ab641b0197a1160b7a1e061f274f224419b
+  data.tar.gz: 8c0cebbab4bc2738357979d1fa013bbf485ea398a3c5ecfdbb4ab9bf670060660a890b900cfca8425764c1387d4ffe5c0d0c50d3a59a10f16ba4f20f3687a303

data/.rubocop.yml

@@ -6,7 +6,7 @@ AllCops:
 Layout/IndentationWidth:
   Width: 4
 
-Layout/IndentHeredoc:
+Layout/HeredocIndentation:
   Enabled: false
 
 Layout/EmptyLines:
@@ -15,7 +15,7 @@ Layout/EmptyLines:
 Layout/EmptyLinesAroundMethodBody:
   Enabled: false
 
-Layout/AlignHash:
+Layout/HashAlignment:
   EnforcedHashRocketStyle:
     - table
   EnforcedColonStyle:

data/.travis.yml

@@ -1,18 +1,18 @@
 rvm:
-  - 2.3
-  - 2.6
+- 2.3
+- 2.6
 os: linux
 language: ruby
 script: make test
 jobs:
   include:
-    - stage: Gem release
-      rvm: 2.6
-      deploy:
-        provider: rubygems
-        api_key:
-          secure: FKAONS7x6koN7oiEULr4ViwjlDBzbE0bCgqhXRP4DfTtlRyEymeqgrfSIqkVH7unjd0muIGrMBnFuaQVSx7648RS1Ss0QAJo32SVnzoYl1P03cijqNmbbaf1jRdA3IGmh0gV5vsXrmlHiP8gfAuC9PqQ550OzxzWUvEI8vXgSTibmKd/PoQinv5g/dq0gBFjlhSMt/k3Z9WlMmkEsAro/r/Ie2M7mItHPT65f0ga5q5SeujPQQ3Sd/l3mznh37bmnw5RZpFDYdA7jL2p0Y58XJPBU8soa3ZC5GeHyxCYVoGh6EDGAFb83ERRT6rQ7ywkOufTv1o497P7a/prSbvT6fzc+DcugXPEaglT+dUXMe36OoF907Xva4vq3xIHV2N/yrxbDM85hmMk22wEU+9wpDDzFNQnfsXNbaHG9F7gLgy0eoTRrSuJf6cPDlE8pwvn7b8cjieeqWc//ZNhSYnHYZGER4LFINWVxs68Eofmmqp2IESTcUpJ8oB4bV+bzzyobJMRobOXu2hvgCrTdr6r/PnckpAfZE/l4nVQa14f1FU//8bU3DwvNun6TX1Ujp+XNiRDUlvP2KnkBU4s5rsIkL3lCHW7r6GipSk6SOvGMTz5eySMsoWvZQBdAzk/OxcIteeWH9pdo1Hbu5x2/bwyuTRCQ9E79CKWDKlIQwCgUY0=
-        gem: tfctl
-        on:
-          tags: true
-          repo: scalefactory/tfctl
+  - stage: Gem release
+    rvm: 2.6
+    deploy:
+      provider: rubygems
+      api_key:
+        secure: LAVcdER+LtQ2TSUrVOY7Be1BC7GXJRD0QBt386vRM5Nld5QaD9Ow9gtN6FprzkzloI4R8BkPWqZbAT6YjC+C0AFB5HK6iPwD2bLsiF9w3ccDD+yrW99RHxiErpmYMun2PqZv0WkJ/pkEplPCKMRFv7SM7W9DMRlU7dsXc1v6IVyIb5u3A04jErS2jXXKY0ijlCDJYVo8zzYL6yUmUcXhc//3CIVnu2Miu6Qr8h7e6jMXNUWfMkwEXsFP9id4TsCz7hRY+39PkiBAknHTN5UqjjJiEOknZnHeTBcVPvi2h2xv+fFLSzVTxlxaRsVoMCShQp5D12qzhQObRJsRVQFs8Yyg9IYMyPdxssFYyUZFaAy5taWDm57uM3HTHylm/Dq3LmXTgGNxWUUkf2oh1g7R6cYZpBUQwiEPzhZQ7CoBQbGUAJmH9ZU9m+cr8kuAOUipd6BNEDvn/fIH4WJsRCNP72JGX16JBpuICvpkuNhskZT91xFlYk1pTXHOxNpbTcxUTgMHhrTqspeRXPmf6DiYGvjMb2S6kaoGqCIRIcwl0TGKuMsOMqR9SqF8gubkqHMVbSl1E7mwBn4ke8/7IGoMkWOGwUpVxqVOLBHi6zSR09RTVSbKl4oiFV3ZwmVPSxDncq54MptyJ2WCZ7dD6ht2l+VA8iGwYeIoqOpwGWxyuNI=
+      gem: tfctl
+      on:
+        tags: true
+        repo: scalefactory/tfctl

data/CHANGELOG.adoc

@@ -1,5 +1,9 @@
 = Changelog
 
+== 1.1.0
+
+* feat: look for configuration in `tfctl.yaml` by default.
+
 == 1.0.0
 
 * feat(config): JSON schema config validation

data/README.adoc

@@ -94,7 +94,8 @@ Anatomy of a tfctl command:
 tfctl -c CONFIG_FILE TARGET_OPTIONS -- TERRAFORM_COMMAND
 ----
 
-* `-c` specifies which tfctl config file to use (usually in `conf/`)
+* `-c` specifies which tfctl config file to use (defaults to `tfctl.yaml` in
+ current working directory if not set)
 * `TARGET_OPTIONS` specifies which accounts to target.  This could be an individual
   account, a group of accounts in an organizational unit or all accounts.
 * `TERRAFORM_COMMAND` will be passed to `terraform` along with any
@@ -116,13 +117,13 @@ tfctl -h
 Show merged configuration:
 
 ----
-tfctl -c conf/example.yaml -s
+tfctl -s
 ----
 
 List all discovered accounts:
 
 ----
-tfctl -c conf/example.yaml --all -l
+tfctl --all -l
 ----
 
 TIP: This can be narrowed down using targeting options and is a good way to
@@ -131,44 +132,44 @@ test what accounts match.
 Run Terraform init across all accounts:
 
 ----
-tfctl -c conf/example.yaml --all -- init
+tfctl --all -- init
 ----
 
 Run plan in `test` OU accounts:
 
 ----
-tfctl -c conf/example.yaml -o test -- plan
+tfctl -o test -- plan
 ----
 
 Run plan in `live` accounts assuming that `live` is a child OU in multiple
 organization units:
 
 ----
-tfctl -c conf/example.yaml -o '.*/live' -- plan
+tfctl -o '.*/live' -- plan
 ----
 
 Run plan in an individual account:
 
 ----
-tfctl -c conf/example.yaml -a example-account - plan
+tfctl -a example-account - plan
 ----
 
 Run apply in all accounts:
 
 ----
-tfctl -c conf/example.yaml --all -- apply
+tfctl --all -- apply
 ----
 
 Run destroy in `test` OU accounts:
 
 ----
-tfctl -c conf/example.yaml -o test -- destroy -auto-approve
+tfctl -o test -- destroy -auto-approve
 ----
 
 Don't buffer the output:
 
 ----
-tfctl -c conf/example.yaml -a example-account -u -- plan
+tfctl -a example-account -u -- plan
 ----
 
 This will show output in real time.  Usually output is buffered and displayed

data/bin/tfctl

@@ -22,7 +22,7 @@ options = {
     ou:          nil,
     all:         nil,
     show_config: false,
-    config_file: nil,
+    config_file: 'tfctl.yaml',
     unbuffered:  false,
     debug:       false,
     use_cache:   false,
@@ -68,10 +68,6 @@ begin
 
     # Validate CLI arguments
 
-    if options[:config_file].nil?
-        raise OptionParser::MissingArgument, '--config-file'
-    end
-
     unless File.exist? options[:config_file]
         raise OptionParser::InvalidOption,
               "Config file not found in: #{options[:config_file]}"
@@ -104,7 +100,7 @@ end
 
 
 
-# Generates configuration and runs Terraform commands for a target account.
+# Execute terraform in target accounts
 def run_account(config, account, options, tf_argv, log)
 
     # Skip excluded accounts
@@ -145,6 +141,7 @@ begin
     log.info 'tfctl running'
 
     config_name = File.basename(options[:config_file]).chomp('.yaml')
+    config_name = 'default' if config_name == 'tfctl'
     log.info "Using config: #{config_name}"
 
     log.info 'Working out AWS account topology'

data/docs/configuration.adoc

@@ -25,7 +25,7 @@ toc::[]
 == Overview
 
 Tfctl retrieves initial account configuration from AWS Organizations and merges
-it with configuration specified in a yaml file.
+it with configuration specified in a yaml file (`tfctl.yaml` by default).
 
 The configuration is merged in the following order:
 
@@ -68,9 +68,9 @@ organization_units:
 
 This will result in all three profiles deployed to accounts in `team` OU.
 
-TIP: You can display the fully merged configuration by running `tfctl -c
-conf/CONFIG_FILE.yaml -s`.  It's safe to run as it doesn't make any changes to
-AWS resources.  It's a good way to test your configuration.
+TIP: You can display the fully merged configuration by running `tfctl -s`.
+It's safe to run as it doesn't make any changes to AWS resources.  It's a good
+way to test your configuration.
 
 == Defining arbitrary data
 
@@ -87,3 +87,11 @@ No secrets should be committed into Terraform or tfctl configuration.  Use AWS
 Secrets Manager instead and retrieve in Terraform profiles using
 https://www.terraform.io/docs/providers/aws/d/secretsmanager_secret.html[secrets
 manager data source]
+
+== Configuration Schema
+
+Config file is validated using https://json-schema.org/[JSON Schema].
+
+The schema is defined in
+https://github.com/scalefactory/tfctl/blob/master/lib/tfctl/schema.rb[lib/tfctl/schema.rb]
+and is a good place to look up all available options.

data/docs/control_tower.adoc

@@ -151,7 +151,7 @@ NOTE: Successful status should read: `CREATE_COMPLETE`.
 == Configure tfctl
 
 Copy the example project directory `examples/control_tower` somewhere convenient
-and edit `conf/example.yaml`.
+and edit `tfctl.yaml`.
 
 You need to modify the following parameters:
 
@@ -172,7 +172,7 @@ NOTE: Run tfctl commands from the root of you project directory.
 First dump the configuration to verify everything works:
 
 ----
-tfctl -c conf/example.yaml -s
+tfctl -s
 ----
 
 This will not make any changes but will print out a yaml containing the final,
@@ -182,7 +182,7 @@ their configuration.
 Initialise terraform for all discovered accounts:
 
 ----
-tfctl -c conf/example.yaml --all -- init
+tfctl --all -- init
 ----
 
 Tfctl will run Terraform against all accounts in parallel.
@@ -190,19 +190,19 @@ Tfctl will run Terraform against all accounts in parallel.
 Run plan:
 
 ----
-tfctl -c conf/example.yaml --all -- plan
+tfctl --all -- plan
 ----
 
 and apply:
 
 ----
-tfctl -c conf/example.yaml --all -- apply
+tfctl --all -- apply
 ----
 
 To destroy created resources run:
 
 ----
-tfctl -c conf/example.yaml --all -- destroy -auto-approve
+tfctl --all -- destroy -auto-approve
 ----
 
 That's it! You can now execute terraform across your Control Tower estate.

data/docs/creating_a_profile.adoc

@@ -81,7 +81,7 @@ profile.  Tfctl configuration can be accessed using this variable. This It
 includes an array of all discovered accounts as well their parameters from
 tfctl config file.
 
-TIP: You can run `tfctl -c conf/CONFIG_FILE.yaml -s` to show the config data in
+TIP: You can run `tfctl -s` to show the config data in
 yaml format.  This exact data is available in the `config` variable in your
 profile.
 
@@ -124,7 +124,7 @@ You have few options here:
 For the sake of this example we're going to deploy our bucket to all accounts
 in `test` OU.
 
-In tfctl config file add the profile to the `test` OU:
+In `tfctl.yaml` add the profile to the `test` OU:
 
 [source, yaml]
 ----
@@ -140,8 +140,8 @@ organization_units:
 To see what would happen when the change is applied run:
 
 ----
-tfctl -c conf/example.yaml -o test -- init
-tfctl -c conf/example.yaml -o test -- plan
+tfctl -o test -- init
+tfctl -o test -- plan
 ----
 
 This will run `terraform init` to initialise terraform and then `terraform
@@ -187,5 +187,5 @@ next step.
 
 Once you're happy with the plan, apply it.
 ----
-tfctl -c conf/example.yaml -o test -- apply
+tfctl -o test -- apply
 ----

data/docs/project_layout.adoc

@@ -23,8 +23,7 @@ endif::[]
 Example project structure
 ----
 project_dir/
-├── conf
-│   └── example.yaml
+├── tfctl.conf
 ├── modules
 │   └── s3-bucket
 │       ├── main.tf
@@ -51,6 +50,11 @@ The configuration data is exposed to terraform via a profile `config` variable.
 It also defines Terraform and tfctl configuration such as state tracking and
 what IAM roles to use.
 
+By default tfctl will use `tfctl.yaml` in it's current working directory.  You
+can specify a different file using `-c`.  Multiple configurations are supported
+in the same project directory and generated data will be stored separately for
+each config file in `.tfctl/`.
+
 == profiles
 
 Profiles are re-usable collections of resources which can be applied to

data/lib/tfctl/config.rb

@@ -48,7 +48,7 @@ module Tfctl
             @config.to_json
         end
 
-        # Filters accounts by account property
+        # Filters accounts by an account property
         def find_accounts(property_name, property_value)
             output =[]
             @config[:accounts].each do |account|
@@ -88,7 +88,6 @@ module Tfctl
 
         # Retrieves AWS Organizations data and merges it with data from yaml config.
         def load_config(config_name, yaml_config, aws_org_config)
-
             # AWS Organizations data
             config = aws_org_config
             # Merge organization sections from yaml file

data/lib/tfctl/schema.rb

@@ -29,7 +29,7 @@ module Tfctl
             def main_schema
                 iam_arn_pattern = 'arn:aws:iam:[a-z\-0-9]*:[0-9]{12}:[a-zA-Z\/+@=.,]*'
 
-                # rubocop:disable Layout/AlignHash
+                # rubocop:disable Layout/HashAlignment
                 {
                     'type'       => 'object',
                     'properties' => {
@@ -61,7 +61,7 @@ module Tfctl
                     ],
                     'additionalProperties' => false,
                 }
-                # rubocop:enable Layout/AlignHash
+                # rubocop:enable Layout/HashAlignment
             end
 
             def org_schema

data/lib/tfctl/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Tfctl
-    VERSION = '1.0.0'
+    VERSION = '1.1.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tfctl
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Andrew Wasilczuk
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-14 00:00:00.000000000 Z
+date: 2020-01-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-organizations
@@ -135,12 +135,12 @@ files:
 - examples/bootstrap/terraform-exec-role.template
 - examples/bootstrap/terraform-state.template
 - examples/bootstrap/tfctl-org-access.template
-- examples/control_tower/conf/example.yaml
 - examples/control_tower/modules/s3-bucket/main.tf
 - examples/control_tower/modules/s3-bucket/variables.tf
 - examples/control_tower/profiles/example-profile/data.tf
 - examples/control_tower/profiles/example-profile/main.tf
 - examples/control_tower/profiles/example-profile/variables.tf
+- examples/control_tower/tfctl.yaml
 - lib/hash.rb
 - lib/tfctl.rb
 - lib/tfctl/aws_org.rb