RubyGems - trusted-advisor-status - Versions diffs - 0.0.1 - Mend

trusted-advisor-status 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +7 -0
data/bin/trusted-advisor-status +15 -0
data/bin/wipe-trusted-advisor-history +9 -0
data/lib/hash_util.rb +23 -0
data/lib/results_dao.rb +84 -0
data/lib/results_differencer.rb +69 -0
data/lib/trusted_advisor_status.rb +135 -0
metadata +80 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 629b80755ac7f3bb7ddf9f9a28495c274a0ecd14
+  data.tar.gz: f8335b6cc73fe74e0e45c556fdf9f3d4751d18e9
+SHA512:
+  metadata.gz: 1337b5c13fa5ce08df3638123367a1473489df23cf53828327bba5fcad2519415c89018a088c315369a22a48063189906e2a537d22d9347d2aec40cdb45c7916
+  data.tar.gz: ae6ca68c5c3305b2b2a3e1e7c86ecae36e198ee1b35d004196ad5b4adc44671ab195ccb0e738134b0602370a8119034613c29653904776413f4b49c7b1d897de

data/bin/trusted-advisor-status ADDED Viewed

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+require 'trollop'
+require 'trusted_advisor_status'
+opts = Trollop::options do
+  opt :categories, '', type: :strings, required: false, default: %w(security performance)
+  opt :fail_on_warn, '', type: :boolean, required: false, default: false, conflicts: :fail_on_error
+  opt :fail_on_error, '', type: :boolean, required: false, default: false, conflicts: :fail_on_warn
+  opt :delta_name, 'Given a name here, the results will be the delta of results already stored against the name', type: :string, required: false
+end
+exit TrustedAdvisorStatus.new.check_status categories: opts[:categories],
+                                           fail_on_warn: opts[:fail_on_warn],
+                                           fail_on_error: opts[:fail_on_error],
+                                           delta_name: opts[:delta_name]

data/bin/wipe-trusted-advisor-history ADDED Viewed

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+require 'trollop'
+require 'results_dao'
+opts = Trollop::options do
+  opt :delta_name, 'Given a name here, the results will be the delta of results already stored against the name', type: :string, required: true
+end
+ResultsDAO.new.nuke_results opts[:delta_name]

data/lib/hash_util.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module HashUtil
+  def self.stringify_keys(hash)
+    new_hash = {}
+    hash.each do |k,v|
+      if v.is_a? Hash
+        new_hash[k.to_s] = stringify_keys(v)
+      elsif v.is_a? Array
+        new_array = v.map do |element|
+          if element.is_a? Hash
+            stringify_keys(element)
+          else
+            element
+          end
+        end
+        new_hash[k.to_s] = new_array
+      else
+        new_hash[k.to_s] = v
+      end
+    end
+    new_hash
+  end
+end

data/lib/results_dao.rb ADDED Viewed

@@ -0,0 +1,84 @@
+require 'aws-sdk'
+class ResultsDAO
+  def nuke_results(delta_name)
+    table = dynamo_db.table(delta_name)
+    table.delete
+    client.wait_until(:table_not_exists, table_name: delta_name)
+  end
+  def retrieve_prior_results(delta_name:)
+    if table_exists? delta_name
+      table = dynamo_db.table(delta_name)
+      item_response = table.get_item key: {
+                                            'result_label' => 'previous_result'
+                                          }
+      unless item_response.item.nil?
+        item = item_response.item['result']
+        if item.nil?
+          raise "Result key must have value in prior results: #{item_response.item}"
+        else
+          item
+        end
+      end
+    else
+      nil
+    end
+  end
+  def update_prior_result(delta_name:, results:)
+    conditionally_create_table table_name: delta_name
+    table = dynamo_db.table(delta_name)
+    result_item = {
+      'result_label' => 'previous_result',
+      'result' => results
+    }
+    table.put_item item: result_item
+  end
+  private
+  def conditionally_create_table(table_name:)
+    unless table_exists? table_name
+      dynamo_db.create_table attribute_definitions: [
+                               {
+                                 attribute_name: 'result_label',
+                                 attribute_type: 'S'
+                               }
+                             ],
+                             table_name: table_name,
+                             key_schema: [
+                               {
+                                 attribute_name: 'result_label',
+                                 key_type: 'HASH'
+                               }
+                             ],
+                             provisioned_throughput: {
+                               read_capacity_units: 1,
+                               write_capacity_units: 1
+                             }
+      client.wait_until(:table_exists, table_name: table_name)
+    end
+  end
+  def table_exists?(table_name)
+    found_table = dynamo_db.tables.find { |table| table.name == table_name }
+    not found_table.nil?
+  end
+  def client
+    Aws::DynamoDB::Client.new
+  end
+  def dynamo_db
+    Aws::DynamoDB::Resource.new(client: client)
+  end
+end

data/lib/results_differencer.rb ADDED Viewed

@@ -0,0 +1,69 @@
+require 'set'
+class ResultsDifferencer
+  def fixed(prior:,
+            current:)
+    prior_hash = {}
+    prior.each { |result| prior_hash[result['check_id']] = result }
+    current_hash = {}
+    current.each { |result| current_hash[result['check_id']] = result }
+    prior_ids = prior.map { |result| result['check_id'] }
+    current_ids = current.map { |result| result['check_id'] }
+    fixed_check_ids = prior_ids - current_ids
+    same_check_ids = prior_ids - fixed_check_ids
+    delta = []
+    same_check_ids.each do |check_id|
+      fixed_resources = prior_hash[check_id]['flagged_resources'] - current_hash[check_id]['flagged_resources']
+      if fixed_resources != []
+        delta_result = prior_hash[check_id].dup
+        delta_result['flagged_resources'] = fixed_resources
+        delta << delta_result
+      else
+      end
+    end
+    fixed_check_ids.each { |check_id| delta << prior_hash[check_id] }
+    delta
+  end
+  def new_violations(prior:,
+                     current:)
+    prior_hash = {}
+    prior.each { |result| prior_hash[result['check_id']] = result }
+    current_hash = {}
+    current.each { |result| current_hash[result['check_id']] = result }
+    prior_ids = prior.map { |result| result['check_id'] }
+    current_ids = current.map { |result| result['check_id'] }
+    new_check_ids = current_ids - prior_ids
+    same_check_ids = current_ids - new_check_ids
+    delta = []
+    same_check_ids.each do |check_id|
+      new_resources = current_hash[check_id]['flagged_resources'] - prior_hash[check_id]['flagged_resources']
+      if new_resources != []
+        delta_result = current_hash[check_id].dup
+        delta_result['flagged_resources'] = new_resources
+        delta << delta_result
+      end
+    end
+    new_check_ids.each { |check_id| delta << current_hash[check_id] }
+    delta
+  end
+end

data/lib/trusted_advisor_status.rb ADDED Viewed

@@ -0,0 +1,135 @@
+require 'aws-sdk'
+require 'json'
+require_relative 'results_dao'
+require_relative 'results_differencer'
+require_relative 'hash_util'
+class TrustedAdvisorStatus
+  def check_status(categories: %w(security performance),
+                   fail_on_warn: false,
+                   fail_on_error: false,
+                   delta_name: nil)
+    results = discover_results(categories: categories,
+                               delta_name: delta_name)
+    render_results(results)
+    if results.is_a? Array
+      new_violations = results
+    elsif results.is_a? Hash
+      new_violations = results['new_violation']
+    end
+    if fail_on_error
+      error_found = new_violations.find { |result| result['status'] == 'error' }
+      error_found.nil? ? 0 : 1
+    elsif fail_on_warn
+      warning_fond = new_violations.find { |result| result['status'] == 'error' or result['status'] == 'warning' }
+      warning_fond.nil? ? 0 : 1
+    else
+      0
+    end
+  end
+  def discover_results(categories:, delta_name:)
+    results_dao = ResultsDAO.new
+    full_results = not_ok_check_results(categories: categories)
+    if delta_name.nil?
+      full_results
+    else
+      prior_results = results_dao.retrieve_prior_results delta_name: delta_name
+      if prior_results.nil?
+        delta_results = full_results
+      else
+        diff = ResultsDifferencer.new
+        new_violations = diff.new_violations(prior: prior_results,
+                                             current: full_results)
+        fixes = diff.fixed(prior: prior_results,
+                           current: full_results)
+        delta_results = {
+          'new_violation' => new_violations,
+          'fixes' => fixes
+        }
+      end
+      results_dao.update_prior_result(delta_name: delta_name, results: full_results)
+      delta_results
+    end
+  end
+  private
+  # resp.result.check_id #=> String
+  # resp.result.timestamp #=> String
+  # resp.result.status #=> String
+  # resp.result.resources_summary.resources_processed #=> Integer
+  # resp.result.resources_summary.resources_flagged #=> Integer
+  # resp.result.resources_summary.resources_ignored #=> Integer
+  # resp.result.resources_summary.resources_suppressed #=> Integer
+  # resp.result.flagged_resources #=> Array
+  # resp.result.flagged_resources[0].status #=> String
+  # resp.result.flagged_resources[0].region #=> String
+  # resp.result.flagged_resources[0].resource_id #=> String
+  # resp.result.flagged_resources[0].is_suppressed #=> true/false
+  # resp.result.flagged_resources[0].metadata #=> Array
+  # resp.result.flagged_resources[0].metadata[0] #=> String
+  def not_ok_check_results(categories:)
+    # the region is on purpose - support intfc is global, but can't find endpoint outside of us-east-1
+    support = Aws::Support::Client.new region: 'us-east-1'
+    describe_trusted_advisor_checks_response = support.describe_trusted_advisor_checks language: 'en'
+    if categories.nil?
+      checks = describe_trusted_advisor_checks_response.checks
+    else
+      checks = describe_trusted_advisor_checks_response.checks.select { |check| categories.include? check.category }
+    end
+    checks.reduce([]) do |aggregate, check|
+      describe_trusted_advisor_check_result_response = support.describe_trusted_advisor_check_result check_id: check.id,
+                                                                                                     language: 'en'
+      if describe_trusted_advisor_check_result_response.result.status != 'ok'
+        aggregate << convert_check_result_into_hash(check.name,
+                                                    describe_trusted_advisor_check_result_response.result)
+      end
+      aggregate
+    end
+  end
+  def convert_check_result_into_hash(check_name, check_result)
+    hash_result = check_result.to_h
+    hash_result.delete :timestamp
+    hash_result.delete :resources_summary
+    hash_result.delete :category_specific_summary
+    hash_result[:description] = check_name
+    unless hash_result[:flagged_resources].nil?
+      hash_result[:flagged_resources] = hash_result[:flagged_resources].reject do |flagged_resource|
+        is_suppressed = flagged_resource[:is_suppressed]
+        flagged_resource.delete :resource_id
+        flagged_resource.delete :is_suppressed
+        is_suppressed
+      end
+    end
+    HashUtil::stringify_keys(hash_result)
+  end
+  def render_results(results)
+    puts JSON.pretty_generate(results)
+  end
+end

metadata ADDED Viewed

@@ -0,0 +1,80 @@
+--- !ruby/object:Gem::Specification
+name: trusted-advisor-status
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- someguy
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2016-03-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: aws-sdk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.2.17
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.2.17
+- !ruby/object:Gem::Dependency
+  name: trollop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.1.2
+description: Some scripting around the AWS Trusted Advisor interface for convenience
+  in calling from pipeline
+email:
+executables:
+- trusted-advisor-status
+- wipe-trusted-advisor-history
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/trusted-advisor-status
+- bin/wipe-trusted-advisor-history
+- lib/hash_util.rb
+- lib/results_dao.rb
+- lib/results_differencer.rb
+- lib/trusted_advisor_status.rb
+homepage: https://github.com/stelligent/trusted-advisor-status
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.1.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.6.0
+signing_key:
+specification_version: 4
+summary: ''
+test_files: []