tfctl 1.6.0 → 1.6.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.adoc +4 -0
- data/README.adoc +19 -20
- data/lib/tfctl/aws_org.rb +17 -14
- data/lib/tfctl/config.rb +1 -1
- data/lib/tfctl/executor.rb +8 -2
- data/lib/tfctl/generator.rb +1 -3
- data/lib/tfctl/version.rb +1 -1
- data/tfctl.gemspec +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0a21de0b7977bcd56a7055e677dc1689e07b7e62e89d29319fb5e432100f434f
|
4
|
+
data.tar.gz: ac7a0f930a88e683692e5863fcbf2aecb7b0cfe918aa891fe5f6f3df656b901f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a266d7e164849d1d31be19ffc37572e591c74f4b33fece71de1db510088f3221b6dcf454b5173ffc0cbdae5f2fdc2bf54fc92dab82862cf34cb188fff37953ee
|
7
|
+
data.tar.gz: 6e9f97dbf88dc5a759545b88a3031b9cf2dcb72ab3d5120ba11c9a89c6d15a3fb381d8ed834dac18cd2f4e8f64f0d5862b6eaf57025c1e5541cfe621192f4de5
|
data/CHANGELOG.adoc
CHANGED
data/README.adoc
CHANGED
@@ -34,32 +34,14 @@ infrastructures where new accounts may be created dynamically and on-demand.
|
|
34
34
|
|
35
35
|
It discovers accounts by reading the AWS Organizations API, and can assign
|
36
36
|
Terraform resources to multiple accounts based on the organization hierarchy.
|
37
|
-
Resources can be assigned globally, based on organization unit or to individual
|
38
|
-
accounts. It supports hierarchies of nested
|
39
|
-
and helps keep your Terraform DRY.
|
37
|
+
Resources can be assigned globally, based on organization unit (OU) or to individual
|
38
|
+
accounts. It supports hierarchies of nested OUs, and helps keep your Terraform DRY.
|
40
39
|
|
41
40
|
The Scale Factory originally created tfctl to integrate Terraform with
|
42
41
|
https://aws.amazon.com/solutions/aws-landing-zone/[AWS Landing Zone] and
|
43
42
|
https://aws.amazon.com/controltower/[Control Tower] but should work with most
|
44
43
|
other ways of managing accounts in AWS Organizations.
|
45
44
|
|
46
|
-
== Project status
|
47
|
-
|
48
|
-
`tfctl` is an open source project published by The Scale Factory.
|
49
|
-
|
50
|
-
We currently consider this project to be maintained but we don't actively
|
51
|
-
develop new features. We keep it security patched and ready for use in
|
52
|
-
production environments.
|
53
|
-
|
54
|
-
We’ll take a look at any issues or PRs you open and get back to you as soon as
|
55
|
-
we can. We don’t offer any formal SLA, but we’ll be checking on this project
|
56
|
-
periodically.
|
57
|
-
|
58
|
-
If your issue is urgent, you can flag it as such, and we’ll attempt to triage
|
59
|
-
appropriately, but we have paying customers who also have demands on our time.
|
60
|
-
If your business depends on this project and you have an urgent problem, then
|
61
|
-
you can talk to our sales team about paying us to support you.
|
62
|
-
|
63
45
|
== Features
|
64
46
|
|
65
47
|
* Discovers AWS accounts automatically.
|
@@ -207,3 +189,20 @@ tfctl -a example-account -u -- plan
|
|
207
189
|
This will show output in real time. Usually output is buffered and displayed
|
208
190
|
after the Terraform command finishes, to make it more readable when running
|
209
191
|
across multiple accounts in parallel.
|
192
|
+
|
193
|
+
== Project status
|
194
|
+
|
195
|
+
`tfctl` is an open source project published by The Scale Factory.
|
196
|
+
|
197
|
+
We currently consider this project to be maintained but we don't actively
|
198
|
+
develop new features. We keep it security patched and ready for use in
|
199
|
+
production environments.
|
200
|
+
|
201
|
+
We’ll take a look at any issues or PRs you open and get back to you as soon as
|
202
|
+
we can. We don’t offer any formal SLA, but we’ll be checking on this project
|
203
|
+
periodically.
|
204
|
+
|
205
|
+
If your issue is urgent, you can flag it as such, and we’ll attempt to triage
|
206
|
+
appropriately, but we have paying customers who also have demands on our time.
|
207
|
+
If your business depends on this project and you have an urgent problem, then
|
208
|
+
you can talk to our sales team about paying us to support you.
|
data/lib/tfctl/aws_org.rb
CHANGED
@@ -25,19 +25,22 @@ module Tfctl
|
|
25
25
|
|
26
26
|
parent_id = aws_ou_ids[ou_path]
|
27
27
|
|
28
|
-
@aws_org_client.list_accounts_for_parent(parent_id: parent_id).
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
28
|
+
@aws_org_client.list_accounts_for_parent(parent_id: parent_id).each do |response|
|
29
|
+
response.accounts.each do |account|
|
30
|
+
next unless account.status == 'ACTIVE'
|
31
|
+
|
32
|
+
output[:accounts] << {
|
33
|
+
name: account.name,
|
34
|
+
id: account.id,
|
35
|
+
arn: account.arn,
|
36
|
+
email: account.email,
|
37
|
+
ou_path: ou_path.to_s,
|
38
|
+
ou_parents: ou_path.to_s.split('/'),
|
39
|
+
profiles: [],
|
40
|
+
}
|
41
|
+
end
|
40
42
|
end
|
43
|
+
|
41
44
|
end
|
42
45
|
output
|
43
46
|
end
|
@@ -71,8 +74,8 @@ module Tfctl
|
|
71
74
|
@aws_org_client.list_children(
|
72
75
|
child_type: 'ORGANIZATIONAL_UNIT',
|
73
76
|
parent_id: parent_id,
|
74
|
-
).each do |
|
75
|
-
|
77
|
+
).each do |response|
|
78
|
+
response.children.each do |child|
|
76
79
|
|
77
80
|
begin
|
78
81
|
ou = @aws_org_client.describe_organizational_unit(
|
data/lib/tfctl/config.rb
CHANGED
data/lib/tfctl/executor.rb
CHANGED
@@ -41,6 +41,12 @@ module Tfctl
|
|
41
41
|
# Create the command
|
42
42
|
exec = [cmd] + [subcmd] + args
|
43
43
|
|
44
|
+
runcmd = if Gem.win_platform?
|
45
|
+
exec.join(' ')
|
46
|
+
else
|
47
|
+
exec.shelljoin
|
48
|
+
end
|
49
|
+
|
44
50
|
# Set environment variables for Terraform
|
45
51
|
env = {
|
46
52
|
'TF_INPUT' => '0',
|
@@ -49,10 +55,10 @@ module Tfctl
|
|
49
55
|
# 'TF_LOG' => 'TRACE'
|
50
56
|
}
|
51
57
|
|
52
|
-
log.debug "#{account_name}: Executing: #{
|
58
|
+
log.debug "#{account_name}: Executing: #{runcmd}"
|
53
59
|
|
54
60
|
FileUtils.cd path
|
55
|
-
Open3.popen3(env,
|
61
|
+
Open3.popen3(env, runcmd) do |stdin, stdout, stderr, wait_thr|
|
56
62
|
stdin.close_write
|
57
63
|
|
58
64
|
# capture stdout and stderr in separate threads to prevent deadlocks
|
data/lib/tfctl/generator.rb
CHANGED
data/lib/tfctl/version.rb
CHANGED
data/tfctl.gemspec
CHANGED
@@ -20,7 +20,6 @@ Gem::Specification.new do |spec|
|
|
20
20
|
end
|
21
21
|
spec.bindir = 'bin'
|
22
22
|
spec.executables = spec.files.grep(%r{^bin/tfctl}) { |f| File.basename(f) }
|
23
|
-
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
24
23
|
spec.require_paths = ['lib']
|
25
24
|
|
26
25
|
spec.required_ruby_version = '>= 2.5.0'
|
@@ -36,4 +35,5 @@ Gem::Specification.new do |spec|
|
|
36
35
|
spec.add_development_dependency 'rspec', '~> 3.9'
|
37
36
|
spec.add_development_dependency 'rubocop', '~> 1.3'
|
38
37
|
spec.add_development_dependency 'rubocop-rspec', '~> 2.2'
|
38
|
+
spec.metadata['rubygems_mfa_required'] = 'true'
|
39
39
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tfctl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.6.
|
4
|
+
version: 1.6.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Wasilczuk
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-08-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-organizations
|
@@ -181,7 +181,8 @@ files:
|
|
181
181
|
homepage: https://github.com/scalefactory/tfctl
|
182
182
|
licenses:
|
183
183
|
- MIT
|
184
|
-
metadata:
|
184
|
+
metadata:
|
185
|
+
rubygems_mfa_required: 'true'
|
185
186
|
post_install_message:
|
186
187
|
rdoc_options: []
|
187
188
|
require_paths:
|