tfctl 1.2.2 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.bundle/config +3 -0
- data/.github/dependabot.yml +7 -0
- data/.gitignore +0 -1
- data/.rubocop.yml +1 -0
- data/CHANGELOG.adoc +8 -1
- data/Makefile +4 -3
- data/README.adoc +19 -2
- data/RELEASING.adoc +13 -0
- data/bin/tfctl +3 -3
- data/examples/control_tower/profiles/example-profile/main.tf +1 -1
- data/examples/control_tower/profiles/example-profile/variables.tf +1 -1
- data/examples/control_tower/tfctl.yaml +2 -2
- data/lib/hash.rb +2 -1
- data/lib/tfctl.rb +8 -8
- data/lib/tfctl/aws_org.rb +1 -1
- data/lib/tfctl/config.rb +4 -2
- data/lib/tfctl/executor.rb +1 -1
- data/lib/tfctl/generator.rb +12 -10
- data/lib/tfctl/logger.rb +1 -1
- data/lib/tfctl/schema.rb +1 -1
- data/lib/tfctl/version.rb +1 -1
- data/tfctl.gemspec +5 -4
- metadata +29 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5fe79c7d1c05d536eabd439037d74996bf35af1b72e359e34a0f52f32067fecf
|
4
|
+
data.tar.gz: 67c20fd6e27f58ce119e9c050923c80499b0054991716515f41dbbd2c4156336
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 693f29d4f7ddea34dfe9dbb747cf976452bdc8ff423bf63d41bc2f77f2ae05fb58ddb8b6d9a2d4c1f151749899a325b7326384e5e4128eda076d51c7c54bd8ca
|
7
|
+
data.tar.gz: a71acfa057e8a80923b7ec9c48ab2654af1fd6d73e4fa0259949d3bded769773dd3127590475266586fe48e3f5549a7f8725c111429a6ceb850389bb7fc63c01
|
data/.bundle/config
ADDED
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
data/CHANGELOG.adoc
CHANGED
@@ -1,6 +1,13 @@
|
|
1
1
|
= Changelog
|
2
2
|
|
3
|
-
==
|
3
|
+
== 1.3.0
|
4
|
+
|
5
|
+
* feat: support new Terraform provider syntax
|
6
|
+
|
7
|
+
BREAKING CHANGE: The minimum supported Terraform version has been bumped to
|
8
|
+
0.12.29. If you are running an older version of Terraform you will need to
|
9
|
+
update to the latest Terraform in 0.12.x series before updating tfctl. Once
|
10
|
+
tfctl is updated you can upgrade Terraform to further versions.
|
4
11
|
|
5
12
|
== 1.2.2
|
6
13
|
* chore: reverted PR #11 - not necessary and introduced regression. See PR #13 for details.
|
data/Makefile
CHANGED
@@ -2,7 +2,8 @@
|
|
2
2
|
|
3
3
|
vendor:
|
4
4
|
$(info => Installing Ruby dependencies)
|
5
|
-
@bundle install
|
5
|
+
@bundle install
|
6
|
+
@bundle binstubs --all --path vendor/bin
|
6
7
|
|
7
8
|
test: vendor rubocop spec
|
8
9
|
|
@@ -10,11 +11,11 @@ guard: vendor
|
|
10
11
|
$(info => Starting guard)
|
11
12
|
@bundle exec guard
|
12
13
|
|
13
|
-
rubocop:
|
14
|
+
rubocop: vendor
|
14
15
|
$(info => Running rubocop)
|
15
16
|
@vendor/bin/rubocop
|
16
17
|
|
17
|
-
spec:
|
18
|
+
spec: vendor
|
18
19
|
$(info => Running spec tests)
|
19
20
|
@vendor/bin/rspec
|
20
21
|
|
data/README.adoc
CHANGED
@@ -42,6 +42,23 @@ https://aws.amazon.com/solutions/aws-landing-zone/[AWS Landing Zone] and
|
|
42
42
|
https://aws.amazon.com/controltower/[Control Tower] but should work with most
|
43
43
|
other ways of managing accounts in AWS Organizations.
|
44
44
|
|
45
|
+
== Project status
|
46
|
+
|
47
|
+
`tfctl` is an open source project published by The Scale Factory.
|
48
|
+
|
49
|
+
We currently consider this project to be maintained but we don't actively
|
50
|
+
develop new features. We keep it security patched and ready for use in
|
51
|
+
production environments.
|
52
|
+
|
53
|
+
We’ll take a look at any issues or PRs you open and get back to you as soon as
|
54
|
+
we can. We don’t offer any formal SLA, but we’ll be checking on this project
|
55
|
+
periodically.
|
56
|
+
|
57
|
+
If your issue is urgent, you can flag it as such, and we’ll attempt to triage
|
58
|
+
appropriately, but we have paying customers who also have demands on our time.
|
59
|
+
If your business depends on this project and you have an urgent problem, then
|
60
|
+
you can talk to our sales team about paying us to support you.
|
61
|
+
|
45
62
|
== Features
|
46
63
|
|
47
64
|
* Discovers AWS accounts automatically.
|
@@ -57,8 +74,8 @@ other ways of managing accounts in AWS Organizations.
|
|
57
74
|
|
58
75
|
== Requirements
|
59
76
|
|
60
|
-
* Terraform >= 0.12
|
61
|
-
* Ruby >= 2.
|
77
|
+
* Terraform >= 0.12.29
|
78
|
+
* Ruby >= 2.5
|
62
79
|
* Accounts managed in AWS Organizations (by Landing Zone, Control Tower, some
|
63
80
|
other means)
|
64
81
|
|
data/RELEASING.adoc
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
= Releasing
|
2
|
+
|
3
|
+
This document is aimed at `tfctl` maintainers and describes the process of
|
4
|
+
releasing a new gem version.
|
5
|
+
|
6
|
+
== Process
|
7
|
+
|
8
|
+
* Smoke test in SF test accounts: https://github.com/scalefactory/tfctl-test
|
9
|
+
* Bump version in `lib/tfctl/version.rb`
|
10
|
+
* Update `CHANGELOG.adoc`
|
11
|
+
* Commit
|
12
|
+
* Create a new GitHub release and version tag using format: vX.X.X
|
13
|
+
* TravisCI will build and release the gem automatically: https://travis-ci.org/github/scalefactory/tfctl
|
data/bin/tfctl
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
-
if File.directory?(File.dirname(__FILE__)
|
4
|
+
if File.directory?("#{File.dirname(__FILE__)}/../vendor")
|
5
5
|
require 'bundler/setup'
|
6
6
|
end
|
7
7
|
require 'optparse'
|
@@ -81,8 +81,8 @@ begin
|
|
81
81
|
targetting_opts = %i[account ou all]
|
82
82
|
targets_set = []
|
83
83
|
options.each do |k, v|
|
84
|
-
if targetting_opts.include?(k)
|
85
|
-
targets_set << k.to_s
|
84
|
+
if targetting_opts.include?(k) and !v.nil?
|
85
|
+
targets_set << k.to_s
|
86
86
|
end
|
87
87
|
end
|
88
88
|
if targets_set.length > 1
|
@@ -7,6 +7,6 @@ variable "config" {
|
|
7
7
|
locals {
|
8
8
|
config = jsondecode(var.config)
|
9
9
|
account_id = "${data.aws_caller_identity.current.account_id}"
|
10
|
-
# get
|
10
|
+
# get account configuration from tfctl config
|
11
11
|
account = [ for account in local.config["accounts"]: account if account["id"] == local.account_id ][0]
|
12
12
|
}
|
@@ -5,7 +5,7 @@
|
|
5
5
|
# create final configuration used by tfctl. You can view the merged
|
6
6
|
# configuration by running:
|
7
7
|
#
|
8
|
-
# tfctl -c conf/
|
8
|
+
# tfctl -c conf/tfctl.yaml -s
|
9
9
|
#
|
10
10
|
|
11
11
|
#
|
@@ -17,7 +17,7 @@ tf_state_dynamodb_table: 'terraform-lock'
|
|
17
17
|
tf_state_region: 'eu-west-1'
|
18
18
|
# Role for accessing state resources
|
19
19
|
tf_state_role_arn: 'arn:aws:iam::SHARED_SERVICES_ACCOUNT_ID:role/TerraformStateRole'
|
20
|
-
tf_required_version: '>= 0.12.
|
20
|
+
tf_required_version: '>= 0.12.29'
|
21
21
|
aws_provider_version: '>= 2.14'
|
22
22
|
# Role used by tfctl to retrieve data from AWS Organizations
|
23
23
|
# Has to be set up in the primary org account
|
data/lib/hash.rb
CHANGED
@@ -18,13 +18,14 @@ class Hash
|
|
18
18
|
merge(second.to_h, &merger)
|
19
19
|
end
|
20
20
|
|
21
|
-
# Copied from ruby 2.6 Psych for 2.3 compatibility.
|
22
21
|
def symbolize_names!(result = self)
|
23
22
|
case result
|
24
23
|
when Hash
|
24
|
+
# rubocop:disable Style/HashEachMethods
|
25
25
|
result.keys.each do |key|
|
26
26
|
result[key.to_sym] = symbolize_names!(result.delete(key))
|
27
27
|
end
|
28
|
+
# rubocop:enable Style/HashEachMethods
|
28
29
|
when Array
|
29
30
|
result.map! { |r| symbolize_names!(r) }
|
30
31
|
end
|
data/lib/tfctl.rb
CHANGED
@@ -1,10 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require_relative 'tfctl/aws_org
|
4
|
-
require_relative 'tfctl/config
|
5
|
-
require_relative 'tfctl/error
|
6
|
-
require_relative 'tfctl/executor
|
7
|
-
require_relative 'tfctl/generator
|
8
|
-
require_relative 'tfctl/logger
|
9
|
-
require_relative 'tfctl/schema
|
10
|
-
require_relative 'tfctl/version
|
3
|
+
require_relative 'tfctl/aws_org'
|
4
|
+
require_relative 'tfctl/config'
|
5
|
+
require_relative 'tfctl/error'
|
6
|
+
require_relative 'tfctl/executor'
|
7
|
+
require_relative 'tfctl/generator'
|
8
|
+
require_relative 'tfctl/logger'
|
9
|
+
require_relative 'tfctl/schema'
|
10
|
+
require_relative 'tfctl/version'
|
data/lib/tfctl/aws_org.rb
CHANGED
data/lib/tfctl/config.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require_relative '../hash
|
4
|
-
require_relative 'error
|
3
|
+
require_relative '../hash'
|
4
|
+
require_relative 'error'
|
5
5
|
require 'yaml'
|
6
6
|
require 'json'
|
7
7
|
|
@@ -121,7 +121,9 @@ module Tfctl
|
|
121
121
|
return config unless config.key?(:exclude_accounts)
|
122
122
|
|
123
123
|
config[:accounts].each_with_index do |account, idx|
|
124
|
+
# rubocop:disable Style/IfWithBooleanLiteralBranches
|
124
125
|
config[:accounts][idx][:excluded] = config[:exclude_accounts].include?(account[:name]) ? true : false
|
126
|
+
# rubocop:enable Style/IfWithBooleanLiteralBranches
|
125
127
|
end
|
126
128
|
|
127
129
|
config
|
data/lib/tfctl/executor.rb
CHANGED
data/lib/tfctl/generator.rb
CHANGED
@@ -10,21 +10,27 @@ module Tfctl
|
|
10
10
|
|
11
11
|
def write_json_block(path, block)
|
12
12
|
File.open(path, 'w') do |f|
|
13
|
-
f.write(JSON.pretty_generate(block)
|
13
|
+
f.write("#{JSON.pretty_generate(block)}\n")
|
14
14
|
end
|
15
15
|
end
|
16
16
|
|
17
17
|
def make(account:, config:)
|
18
18
|
target_dir = "#{PROJECT_ROOT}/.tfctl/#{config[:config_name]}/#{account[:name]}"
|
19
|
-
tf_version = config.fetch(:tf_required_version, '>= 0.12.
|
19
|
+
tf_version = config.fetch(:tf_required_version, '>= 0.12.29')
|
20
20
|
aws_provider_version = config.fetch(:aws_provider_version, '>= 2.14')
|
21
21
|
|
22
22
|
FileUtils.mkdir_p target_dir
|
23
23
|
|
24
24
|
terraform_block = {
|
25
25
|
'terraform' => {
|
26
|
-
'required_version'
|
27
|
-
'
|
26
|
+
'required_version' => tf_version,
|
27
|
+
'required_providers' => {
|
28
|
+
'aws' => {
|
29
|
+
'source' => 'hashicorp/aws',
|
30
|
+
'version' => aws_provider_version,
|
31
|
+
},
|
32
|
+
},
|
33
|
+
'backend' => {
|
28
34
|
's3' => {
|
29
35
|
'bucket' => config[:tf_state_bucket],
|
30
36
|
'key' => "#{account[:name]}/tfstate",
|
@@ -41,7 +47,6 @@ module Tfctl
|
|
41
47
|
provider_block = {
|
42
48
|
'provider' => {
|
43
49
|
'aws' => {
|
44
|
-
'version' => aws_provider_version,
|
45
50
|
'region' => account[:region],
|
46
51
|
'assume_role' => {
|
47
52
|
'role_arn' => "arn:aws:iam::#{account[:id]}:role/#{account[:tf_execution_role]}",
|
@@ -71,11 +76,8 @@ module Tfctl
|
|
71
76
|
profile_block = {
|
72
77
|
'module' => {
|
73
78
|
profile => {
|
74
|
-
'source'
|
75
|
-
'config'
|
76
|
-
'providers' => {
|
77
|
-
'aws' => 'aws',
|
78
|
-
},
|
79
|
+
'source' => "../../../profiles/#{profile}",
|
80
|
+
'config' => '${var.config}',
|
79
81
|
},
|
80
82
|
},
|
81
83
|
}
|
data/lib/tfctl/logger.rb
CHANGED
data/lib/tfctl/schema.rb
CHANGED
data/lib/tfctl/version.rb
CHANGED
data/tfctl.gemspec
CHANGED
@@ -30,9 +30,10 @@ Gem::Specification.new do |spec|
|
|
30
30
|
spec.add_dependency 'aws-sdk-organizations', '~> 1.40'
|
31
31
|
spec.add_dependency 'json_schemer', '~> 0.2'
|
32
32
|
spec.add_dependency 'parallel', '~> 1.19'
|
33
|
-
spec.add_dependency 'terminal-table', '
|
33
|
+
spec.add_dependency 'terminal-table', '>= 1.8', '< 4.0'
|
34
34
|
|
35
|
-
spec.add_development_dependency 'guard-rspec',
|
36
|
-
spec.add_development_dependency 'rspec',
|
37
|
-
spec.add_development_dependency 'rubocop',
|
35
|
+
spec.add_development_dependency 'guard-rspec', '~> 4.7'
|
36
|
+
spec.add_development_dependency 'rspec', '~> 3.9'
|
37
|
+
spec.add_development_dependency 'rubocop', '~> 1.3'
|
38
|
+
spec.add_development_dependency 'rubocop-rspec', '~> 2.2'
|
38
39
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tfctl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Wasilczuk
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-05-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-organizations
|
@@ -56,16 +56,22 @@ dependencies:
|
|
56
56
|
name: terminal-table
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
|
-
- - "
|
59
|
+
- - ">="
|
60
60
|
- !ruby/object:Gem::Version
|
61
61
|
version: '1.8'
|
62
|
+
- - "<"
|
63
|
+
- !ruby/object:Gem::Version
|
64
|
+
version: '4.0'
|
62
65
|
type: :runtime
|
63
66
|
prerelease: false
|
64
67
|
version_requirements: !ruby/object:Gem::Requirement
|
65
68
|
requirements:
|
66
|
-
- - "
|
69
|
+
- - ">="
|
67
70
|
- !ruby/object:Gem::Version
|
68
71
|
version: '1.8'
|
72
|
+
- - "<"
|
73
|
+
- !ruby/object:Gem::Version
|
74
|
+
version: '4.0'
|
69
75
|
- !ruby/object:Gem::Dependency
|
70
76
|
name: guard-rspec
|
71
77
|
requirement: !ruby/object:Gem::Requirement
|
@@ -100,14 +106,28 @@ dependencies:
|
|
100
106
|
requirements:
|
101
107
|
- - "~>"
|
102
108
|
- !ruby/object:Gem::Version
|
103
|
-
version: '
|
109
|
+
version: '1.3'
|
110
|
+
type: :development
|
111
|
+
prerelease: false
|
112
|
+
version_requirements: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - "~>"
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: '1.3'
|
117
|
+
- !ruby/object:Gem::Dependency
|
118
|
+
name: rubocop-rspec
|
119
|
+
requirement: !ruby/object:Gem::Requirement
|
120
|
+
requirements:
|
121
|
+
- - "~>"
|
122
|
+
- !ruby/object:Gem::Version
|
123
|
+
version: '2.2'
|
104
124
|
type: :development
|
105
125
|
prerelease: false
|
106
126
|
version_requirements: !ruby/object:Gem::Requirement
|
107
127
|
requirements:
|
108
128
|
- - "~>"
|
109
129
|
- !ruby/object:Gem::Version
|
110
|
-
version: '
|
130
|
+
version: '2.2'
|
111
131
|
description:
|
112
132
|
email:
|
113
133
|
- akw@scalefactory.com
|
@@ -116,6 +136,8 @@ executables:
|
|
116
136
|
extensions: []
|
117
137
|
extra_rdoc_files: []
|
118
138
|
files:
|
139
|
+
- ".bundle/config"
|
140
|
+
- ".github/dependabot.yml"
|
119
141
|
- ".gitignore"
|
120
142
|
- ".rspec"
|
121
143
|
- ".rubocop.yml"
|
@@ -126,6 +148,7 @@ files:
|
|
126
148
|
- LICENSE
|
127
149
|
- Makefile
|
128
150
|
- README.adoc
|
151
|
+
- RELEASING.adoc
|
129
152
|
- bin/tfctl
|
130
153
|
- docs/configuration.adoc
|
131
154
|
- docs/control_tower.adoc
|