tfctl 1.2.2 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (24) hide show
  1. checksums.yaml +4 -4
  2. data/.bundle/config +3 -0
  3. data/.github/dependabot.yml +7 -0
  4. data/.gitignore +0 -1
  5. data/.rubocop.yml +1 -0
  6. data/CHANGELOG.adoc +8 -1
  7. data/Makefile +4 -3
  8. data/README.adoc +19 -2
  9. data/RELEASING.adoc +13 -0
  10. data/bin/tfctl +3 -3
  11. data/examples/control_tower/profiles/example-profile/main.tf +1 -1
  12. data/examples/control_tower/profiles/example-profile/variables.tf +1 -1
  13. data/examples/control_tower/tfctl.yaml +2 -2
  14. data/lib/hash.rb +2 -1
  15. data/lib/tfctl.rb +8 -8
  16. data/lib/tfctl/aws_org.rb +1 -1
  17. data/lib/tfctl/config.rb +4 -2
  18. data/lib/tfctl/executor.rb +1 -1
  19. data/lib/tfctl/generator.rb +12 -10
  20. data/lib/tfctl/logger.rb +1 -1
  21. data/lib/tfctl/schema.rb +1 -1
  22. data/lib/tfctl/version.rb +1 -1
  23. data/tfctl.gemspec +5 -4
  24. metadata +29 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b1825dfe2e3683c1ef8444460e5cd7baedde7424ec60de056a7a3351e69ad380
4
- data.tar.gz: db929e7c2323d42c99719610e18bf5ef17277521ff69985b668e6f26ca71feea
3
+ metadata.gz: 5fe79c7d1c05d536eabd439037d74996bf35af1b72e359e34a0f52f32067fecf
4
+ data.tar.gz: 67c20fd6e27f58ce119e9c050923c80499b0054991716515f41dbbd2c4156336
5
5
  SHA512:
6
- metadata.gz: 7288eadc3e15802584060d055a2dd51fa34aae5fe0fba8d4eefd69d3e654fa0bcdef3c05b9a410891f31b4b3f9564301350d6298f7fcdbdf175deef9ac236a74
7
- data.tar.gz: c9515472d66fb6d6f423aaf2d01504901a2e42acf47aa6d59919d7737dc37f2817436e5364241afca523cd70cccf2082d0e791573aabb9ff55b3da42fcd760c2
6
+ metadata.gz: 693f29d4f7ddea34dfe9dbb747cf976452bdc8ff423bf63d41bc2f77f2ae05fb58ddb8b6d9a2d4c1f151749899a325b7326384e5e4128eda076d51c7c54bd8ca
7
+ data.tar.gz: a71acfa057e8a80923b7ec9c48ab2654af1fd6d73e4fa0259949d3bded769773dd3127590475266586fe48e3f5549a7f8725c111429a6ceb850389bb7fc63c01
data/.bundle/config ADDED
@@ -0,0 +1,3 @@
1
+ ---
2
+ BUNDLE_WITH: "developement"
3
+ BUNDLE_BIN: "vendor/bin"
data/.github/dependabot.yml ADDED
@@ -0,0 +1,7 @@
1
+ version: 2
2
+ updates:
3
+ - package-ecosystem: bundler
4
+ directory: "/"
5
+ schedule:
6
+ interval: daily
7
+ open-pull-requests-limit: 10
data/.gitignore CHANGED
@@ -4,7 +4,6 @@
4
4
  pkg/
5
5
  *.gem
6
6
  vendor/
7
- .bundle
8
7
  bin/bundle
9
8
  bin/htmldiff
10
9
  bin/ldiff
data/.rubocop.yml CHANGED
@@ -2,6 +2,7 @@
2
2
  AllCops:
3
3
  TargetRubyVersion: 2.5
4
4
  DisplayCopNames: true
5
+ NewCops: enable
5
6
 
6
7
  Layout/IndentationWidth:
7
8
  Width: 4
data/CHANGELOG.adoc CHANGED
@@ -1,6 +1,13 @@
1
1
  = Changelog
2
2
 
3
- == Upcoming
3
+ == 1.3.0
4
+
5
+ * feat: support new Terraform provider syntax
6
+
7
+ BREAKING CHANGE: The minimum supported Terraform version has been bumped to
8
+ 0.12.29. If you are running an older version of Terraform you will need to
9
+ update to the latest Terraform in 0.12.x series before updating tfctl. Once
10
+ tfctl is updated you can upgrade Terraform to further versions.
4
11
 
5
12
  == 1.2.2
6
13
  * chore: reverted PR #11 - not necessary and introduced regression. See PR #13 for details.
data/Makefile CHANGED
@@ -2,7 +2,8 @@
2
2
 
3
3
  vendor:
4
4
  $(info => Installing Ruby dependencies)
5
- @bundle install --path vendor --with developement --binstubs=vendor/bin
5
+ @bundle install
6
+ @bundle binstubs --all --path vendor/bin
6
7
 
7
8
  test: vendor rubocop spec
8
9
 
@@ -10,11 +11,11 @@ guard: vendor
10
11
  $(info => Starting guard)
11
12
  @bundle exec guard
12
13
 
13
- rubocop:
14
+ rubocop: vendor
14
15
  $(info => Running rubocop)
15
16
  @vendor/bin/rubocop
16
17
 
17
- spec:
18
+ spec: vendor
18
19
  $(info => Running spec tests)
19
20
  @vendor/bin/rspec
20
21
 
data/README.adoc CHANGED
@@ -42,6 +42,23 @@ https://aws.amazon.com/solutions/aws-landing-zone/[AWS Landing Zone] and
42
42
  https://aws.amazon.com/controltower/[Control Tower] but should work with most
43
43
  other ways of managing accounts in AWS Organizations.
44
44
 
45
+ == Project status
46
+
47
+ `tfctl` is an open source project published by The Scale Factory.
48
+
49
+ We currently consider this project to be maintained but we don't actively
50
+ develop new features. We keep it security patched and ready for use in
51
+ production environments.
52
+
53
+ We’ll take a look at any issues or PRs you open and get back to you as soon as
54
+ we can. We don’t offer any formal SLA, but we’ll be checking on this project
55
+ periodically.
56
+
57
+ If your issue is urgent, you can flag it as such, and we’ll attempt to triage
58
+ appropriately, but we have paying customers who also have demands on our time.
59
+ If your business depends on this project and you have an urgent problem, then
60
+ you can talk to our sales team about paying us to support you.
61
+
45
62
  == Features
46
63
 
47
64
  * Discovers AWS accounts automatically.
@@ -57,8 +74,8 @@ other ways of managing accounts in AWS Organizations.
57
74
 
58
75
  == Requirements
59
76
 
60
- * Terraform >= 0.12
61
- * Ruby >= 2.4
77
+ * Terraform >= 0.12.29
78
+ * Ruby >= 2.5
62
79
  * Accounts managed in AWS Organizations (by Landing Zone, Control Tower, some
63
80
  other means)
64
81
 
data/RELEASING.adoc ADDED
@@ -0,0 +1,13 @@
1
+ = Releasing
2
+
3
+ This document is aimed at `tfctl` maintainers and describes the process of
4
+ releasing a new gem version.
5
+
6
+ == Process
7
+
8
+ * Smoke test in SF test accounts: https://github.com/scalefactory/tfctl-test
9
+ * Bump version in `lib/tfctl/version.rb`
10
+ * Update `CHANGELOG.adoc`
11
+ * Commit
12
+ * Create a new GitHub release and version tag using format: vX.X.X
13
+ * TravisCI will build and release the gem automatically: https://travis-ci.org/github/scalefactory/tfctl
data/bin/tfctl CHANGED
@@ -1,7 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: true
3
3
 
4
- if File.directory?(File.dirname(__FILE__) + '/../vendor')
4
+ if File.directory?("#{File.dirname(__FILE__)}/../vendor")
5
5
  require 'bundler/setup'
6
6
  end
7
7
  require 'optparse'
@@ -81,8 +81,8 @@ begin
81
81
  targetting_opts = %i[account ou all]
82
82
  targets_set = []
83
83
  options.each do |k, v|
84
- if targetting_opts.include?(k)
85
- targets_set << k.to_s unless v.nil?
84
+ if targetting_opts.include?(k) and !v.nil?
85
+ targets_set << k.to_s
86
86
  end
87
87
  end
88
88
  if targets_set.length > 1
data/examples/control_tower/profiles/example-profile/main.tf CHANGED
@@ -1,4 +1,4 @@
1
1
  module "bucket" {
2
2
  source = "../../modules/s3-bucket"
3
- name = "${local.account_id}-${local.account["example_bucket_name"]}"
3
+ name = "${local.account_id}-${local.account["data"]["example_bucket_name"]}"
4
4
  }
data/examples/control_tower/profiles/example-profile/variables.tf CHANGED
@@ -7,6 +7,6 @@ variable "config" {
7
7
  locals {
8
8
  config = jsondecode(var.config)
9
9
  account_id = "${data.aws_caller_identity.current.account_id}"
10
- # get current account configuration from tfctl config
10
+ # get account configuration from tfctl config
11
11
  account = [ for account in local.config["accounts"]: account if account["id"] == local.account_id ][0]
12
12
  }
data/examples/control_tower/tfctl.yaml CHANGED
@@ -5,7 +5,7 @@
5
5
  # create final configuration used by tfctl. You can view the merged
6
6
  # configuration by running:
7
7
  #
8
- # tfctl -c conf/example.yaml -s
8
+ # tfctl -c conf/tfctl.yaml -s
9
9
  #
10
10
 
11
11
  #
@@ -17,7 +17,7 @@ tf_state_dynamodb_table: 'terraform-lock'
17
17
  tf_state_region: 'eu-west-1'
18
18
  # Role for accessing state resources
19
19
  tf_state_role_arn: 'arn:aws:iam::SHARED_SERVICES_ACCOUNT_ID:role/TerraformStateRole'
20
- tf_required_version: '>= 0.12.0'
20
+ tf_required_version: '>= 0.12.29'
21
21
  aws_provider_version: '>= 2.14'
22
22
  # Role used by tfctl to retrieve data from AWS Organizations
23
23
  # Has to be set up in the primary org account
data/lib/hash.rb CHANGED
@@ -18,13 +18,14 @@ class Hash
18
18
  merge(second.to_h, &merger)
19
19
  end
20
20
 
21
- # Copied from ruby 2.6 Psych for 2.3 compatibility.
22
21
  def symbolize_names!(result = self)
23
22
  case result
24
23
  when Hash
24
+ # rubocop:disable Style/HashEachMethods
25
25
  result.keys.each do |key|
26
26
  result[key.to_sym] = symbolize_names!(result.delete(key))
27
27
  end
28
+ # rubocop:enable Style/HashEachMethods
28
29
  when Array
29
30
  result.map! { |r| symbolize_names!(r) }
30
31
  end
data/lib/tfctl.rb CHANGED
@@ -1,10 +1,10 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require_relative 'tfctl/aws_org.rb'
4
- require_relative 'tfctl/config.rb'
5
- require_relative 'tfctl/error.rb'
6
- require_relative 'tfctl/executor.rb'
7
- require_relative 'tfctl/generator.rb'
8
- require_relative 'tfctl/logger.rb'
9
- require_relative 'tfctl/schema.rb'
10
- require_relative 'tfctl/version.rb'
3
+ require_relative 'tfctl/aws_org'
4
+ require_relative 'tfctl/config'
5
+ require_relative 'tfctl/error'
6
+ require_relative 'tfctl/executor'
7
+ require_relative 'tfctl/generator'
8
+ require_relative 'tfctl/logger'
9
+ require_relative 'tfctl/schema'
10
+ require_relative 'tfctl/version'
data/lib/tfctl/aws_org.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require_relative 'error.rb'
3
+ require_relative 'error'
4
4
  require 'aws-sdk-organizations'
5
5
 
6
6
  module Tfctl
data/lib/tfctl/config.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require_relative '../hash.rb'
4
- require_relative 'error.rb'
3
+ require_relative '../hash'
4
+ require_relative 'error'
5
5
  require 'yaml'
6
6
  require 'json'
7
7
 
@@ -121,7 +121,9 @@ module Tfctl
121
121
  return config unless config.key?(:exclude_accounts)
122
122
 
123
123
  config[:accounts].each_with_index do |account, idx|
124
+ # rubocop:disable Style/IfWithBooleanLiteralBranches
124
125
  config[:accounts][idx][:excluded] = config[:exclude_accounts].include?(account[:name]) ? true : false
126
+ # rubocop:enable Style/IfWithBooleanLiteralBranches
125
127
  end
126
128
 
127
129
  config
data/lib/tfctl/executor.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  require 'open3'
4
4
  require 'fileutils'
5
5
  require 'shellwords'
6
- require_relative 'error.rb'
6
+ require_relative 'error'
7
7
 
8
8
  module Tfctl
9
9
  module Executor
data/lib/tfctl/generator.rb CHANGED
@@ -10,21 +10,27 @@ module Tfctl
10
10
 
11
11
  def write_json_block(path, block)
12
12
  File.open(path, 'w') do |f|
13
- f.write(JSON.pretty_generate(block) + "\n")
13
+ f.write("#{JSON.pretty_generate(block)}\n")
14
14
  end
15
15
  end
16
16
 
17
17
  def make(account:, config:)
18
18
  target_dir = "#{PROJECT_ROOT}/.tfctl/#{config[:config_name]}/#{account[:name]}"
19
- tf_version = config.fetch(:tf_required_version, '>= 0.12.0')
19
+ tf_version = config.fetch(:tf_required_version, '>= 0.12.29')
20
20
  aws_provider_version = config.fetch(:aws_provider_version, '>= 2.14')
21
21
 
22
22
  FileUtils.mkdir_p target_dir
23
23
 
24
24
  terraform_block = {
25
25
  'terraform' => {
26
- 'required_version' => tf_version,
27
- 'backend' => {
26
+ 'required_version' => tf_version,
27
+ 'required_providers' => {
28
+ 'aws' => {
29
+ 'source' => 'hashicorp/aws',
30
+ 'version' => aws_provider_version,
31
+ },
32
+ },
33
+ 'backend' => {
28
34
  's3' => {
29
35
  'bucket' => config[:tf_state_bucket],
30
36
  'key' => "#{account[:name]}/tfstate",
@@ -41,7 +47,6 @@ module Tfctl
41
47
  provider_block = {
42
48
  'provider' => {
43
49
  'aws' => {
44
- 'version' => aws_provider_version,
45
50
  'region' => account[:region],
46
51
  'assume_role' => {
47
52
  'role_arn' => "arn:aws:iam::#{account[:id]}:role/#{account[:tf_execution_role]}",
@@ -71,11 +76,8 @@ module Tfctl
71
76
  profile_block = {
72
77
  'module' => {
73
78
  profile => {
74
- 'source' => "../../../profiles/#{profile}",
75
- 'config' => '${var.config}',
76
- 'providers' => {
77
- 'aws' => 'aws',
78
- },
79
+ 'source' => "../../../profiles/#{profile}",
80
+ 'config' => '${var.config}',
79
81
  },
80
82
  },
81
83
  }
data/lib/tfctl/logger.rb CHANGED
@@ -6,7 +6,7 @@ module Tfctl
6
6
  class Logger
7
7
 
8
8
  def initialize(log_level)
9
- @outlog = ::Logger.new(STDOUT)
9
+ @outlog = ::Logger.new($stdout)
10
10
 
11
11
  self.level = log_level
12
12
 
data/lib/tfctl/schema.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require 'json_schemer'
4
- require_relative 'error.rb'
4
+ require_relative 'error'
5
5
 
6
6
  # Config validator using JSON schema
7
7
 
data/lib/tfctl/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Tfctl
4
- VERSION = '1.2.2'
4
+ VERSION = '1.3.0'
5
5
  end
data/tfctl.gemspec CHANGED
@@ -30,9 +30,10 @@ Gem::Specification.new do |spec|
30
30
  spec.add_dependency 'aws-sdk-organizations', '~> 1.40'
31
31
  spec.add_dependency 'json_schemer', '~> 0.2'
32
32
  spec.add_dependency 'parallel', '~> 1.19'
33
- spec.add_dependency 'terminal-table', '~> 1.8'
33
+ spec.add_dependency 'terminal-table', '>= 1.8', '< 4.0'
34
34
 
35
- spec.add_development_dependency 'guard-rspec', '~> 4.7'
36
- spec.add_development_dependency 'rspec', '~> 3.9'
37
- spec.add_development_dependency 'rubocop', '~> 0.84'
35
+ spec.add_development_dependency 'guard-rspec', '~> 4.7'
36
+ spec.add_development_dependency 'rspec', '~> 3.9'
37
+ spec.add_development_dependency 'rubocop', '~> 1.3'
38
+ spec.add_development_dependency 'rubocop-rspec', '~> 2.2'
38
39
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tfctl
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.2
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Wasilczuk
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-01 00:00:00.000000000 Z
11
+ date: 2021-05-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-organizations
@@ -56,16 +56,22 @@ dependencies:
56
56
  name: terminal-table
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - "~>"
59
+ - - ">="
60
60
  - !ruby/object:Gem::Version
61
61
  version: '1.8'
62
+ - - "<"
63
+ - !ruby/object:Gem::Version
64
+ version: '4.0'
62
65
  type: :runtime
63
66
  prerelease: false
64
67
  version_requirements: !ruby/object:Gem::Requirement
65
68
  requirements:
66
- - - "~>"
69
+ - - ">="
67
70
  - !ruby/object:Gem::Version
68
71
  version: '1.8'
72
+ - - "<"
73
+ - !ruby/object:Gem::Version
74
+ version: '4.0'
69
75
  - !ruby/object:Gem::Dependency
70
76
  name: guard-rspec
71
77
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +106,28 @@ dependencies:
100
106
  requirements:
101
107
  - - "~>"
102
108
  - !ruby/object:Gem::Version
103
- version: '0.84'
109
+ version: '1.3'
110
+ type: :development
111
+ prerelease: false
112
+ version_requirements: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - "~>"
115
+ - !ruby/object:Gem::Version
116
+ version: '1.3'
117
+ - !ruby/object:Gem::Dependency
118
+ name: rubocop-rspec
119
+ requirement: !ruby/object:Gem::Requirement
120
+ requirements:
121
+ - - "~>"
122
+ - !ruby/object:Gem::Version
123
+ version: '2.2'
104
124
  type: :development
105
125
  prerelease: false
106
126
  version_requirements: !ruby/object:Gem::Requirement
107
127
  requirements:
108
128
  - - "~>"
109
129
  - !ruby/object:Gem::Version
110
- version: '0.84'
130
+ version: '2.2'
111
131
  description:
112
132
  email:
113
133
  - akw@scalefactory.com
@@ -116,6 +136,8 @@ executables:
116
136
  extensions: []
117
137
  extra_rdoc_files: []
118
138
  files:
139
+ - ".bundle/config"
140
+ - ".github/dependabot.yml"
119
141
  - ".gitignore"
120
142
  - ".rspec"
121
143
  - ".rubocop.yml"
@@ -126,6 +148,7 @@ files:
126
148
  - LICENSE
127
149
  - Makefile
128
150
  - README.adoc
151
+ - RELEASING.adoc
129
152
  - bin/tfctl
130
153
  - docs/configuration.adoc
131
154
  - docs/control_tower.adoc