ufo 3.5.7 → 4.0.0

data/lib/ufo/stack/status.rb

@@ -0,0 +1,195 @@
+require 'time'
+
+# CloudFormation status codes, full list:
+#   https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-describing-stacks.html
+#
+#   CREATE_COMPLETE
+#   ROLLBACK_COMPLETE
+#   DELETE_COMPLETE
+#   UPDATE_COMPLETE
+#   UPDATE_ROLLBACK_COMPLETE
+#
+#   CREATE_FAILED
+#   DELETE_FAILED
+#   ROLLBACK_FAILED
+#   UPDATE_ROLLBACK_FAILED
+#
+#   CREATE_IN_PROGRESS
+#   DELETE_IN_PROGRESS
+#   REVIEW_IN_PROGRESS
+#   ROLLBACK_IN_PROGRESS
+#   UPDATE_COMPLETE_CLEANUP_IN_PROGRESS
+#   UPDATE_IN_PROGRESS
+#   UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS
+#   UPDATE_ROLLBACK_IN_PROGRESS
+#
+class Ufo::Stack
+  class Status
+    include Ufo::AwsService
+    include Ufo::Util
+
+    attr_reader :events
+    def initialize(stack_name)
+      @stack_name = stack_name
+      reset
+    end
+
+    def reset
+      @events = [] # constantly replaced with recent events
+      @last_shown_event_id = nil
+      @stack_deletion_completed = nil
+    end
+
+    # check for /(_COMPLETE|_FAILED)$/ status
+    def wait
+      start_time = Time.now
+
+      refresh_events
+      until completed || @stack_deletion_completed
+        show_events
+      end
+      show_events(true) # show the final event
+
+      if @stack_deletion_completed
+        puts "Stack #{@stack_name} deleted."
+        return
+      end
+
+      if last_event_status =~ /_FAILED/
+        puts "Stack failed: #{last_event_status}".colorize(:red)
+        puts "Stack reason #{@events[0]["resource_status_reason"]}".colorize(:red)
+      elsif last_event_status =~ /_ROLLBACK_/
+        puts "Stack rolled back: #{last_event_status}".colorize(:red)
+      else # success
+        puts "Stack success status: #{last_event_status}".colorize(:green)
+      end
+
+      took = Time.now - start_time
+      puts "Time took for stack deployment: #{pretty_time(took).green}."
+    end
+
+    def completed
+      last_event_status =~ /(_COMPLETE|_FAILED)$/ &&
+      @events[0]["resource_type"] == "AWS::CloudFormation::Stack"
+    end
+
+    def last_event_status
+      @events[0]["resource_status"]
+    end
+
+    # Only shows new events
+    def show_events(final=false)
+      if @last_shown_event_id.nil?
+        i = find_index(:start)
+        print_events(i)
+      else
+        i = find_index(:last_shown)
+        # puts "last_shown index #{i}"
+        print_events(i-1) unless i == 0
+      end
+
+      return if final
+      sleep 5 unless ENV['TEST']
+      refresh_events
+    end
+
+    def print_events(i)
+      @events[0..i].reverse.each do |e|
+        print_event(e)
+      end
+      @last_shown_event_id = @events[0]["event_id"]
+      # puts "@last_shown_event_id #{@last_shown_event_id.inspect}"
+    end
+
+    def print_event(e)
+      message = [
+        event_time(e["timestamp"]),
+        e["resource_status"],
+        e["resource_type"],
+        e["logical_resource_id"],
+        e["resource_status_reason"]
+      ].join(" ")
+      message = message.colorize(:red) if e["resource_status"] =~ /_FAILED/
+      puts message
+    end
+
+    # https://stackoverflow.com/questions/18000432/rails-12-hour-am-pm-range-for-a-day
+    def event_time(timestamp)
+      Time.parse(timestamp.to_s).localtime.strftime("%I:%M:%S%p")
+    end
+
+    # refreshes the loaded events in memory
+    def refresh_events
+      resp = cloudformation.describe_stack_events(stack_name: @stack_name)
+      @events = resp["stack_events"]
+    rescue Aws::CloudFormation::Errors::ValidationError => e
+      if e.message =~ /Stack .* does not exis/
+        @stack_deletion_completed = true
+      else
+        raise
+      end
+    end
+
+    def find_index(name)
+      send("#{name}_index")
+    end
+
+    def start_index
+      @events.find_index do |event|
+        event["resource_type"] == "AWS::CloudFormation::Stack" &&
+        event["resource_status_reason"] == "User Initiated"
+      end
+    end
+
+    def last_shown_index
+      @events.find_index do |event|
+        event["event_id"] == @last_shown_event_id
+      end
+    end
+
+    def success?
+      resource_status = @events[0]["resource_status"]
+      %w[CREATE_COMPLETE UPDATE_COMPLETE].include?(resource_status)
+    end
+
+    def update_rollback?
+      @events[0]["resource_status"] == "UPDATE_ROLLBACK_COMPLETE"
+    end
+
+    def find_update_failed_event
+      i = @events.find_index do |event|
+        event["resource_type"] == "AWS::CloudFormation::Stack" &&
+        event["resource_status_reason"] == "User Initiated"
+      end
+
+      @events[0..i].reverse.find do |e|
+        e["resource_status"] == "UPDATE_FAILED"
+      end
+    end
+
+    def rollback_error_message
+      return unless update_rollback?
+
+      event = find_update_failed_event
+      return unless event
+
+      reason = event["resource_status_reason"]
+      messages_map.each do |pattern, message|
+        if reason =~ pattern
+          return message
+        end
+      end
+
+      reason # default message is original reason if not found in messages map
+    end
+
+    def messages_map
+      {
+        /CloudFormation cannot update a stack when a custom-named resource requires replacing/ => "A workaround is to run ufo again with STATIC_NAME=0 and to switch to dynamic names for resources. Then run ufo again with STATIC_NAME=1 to get back to statically name resources. Note, there are caveats with the workaround.",
+        /cannot be associated with more than one load balancer/ => "There's was an issue updating the stack. Target groups can only be associated with one load balancer at a time. The workaround for this is to use UFO_FORCE_TARGET_GROUP=1 and run the command again. This will force the recreation of the target group resource.",
+        /SetSubnets is not supported for load balancers of type/ => "Changing subnets for Network Load Balancers is currently not supported. You can try workarouding this with UFO_FORCE_ELB=1 and run the command again. This will force the recreation of the elb resource."
+      }
+    end
+
+  end
+end

data/lib/ufo/stop.rb

@@ -0,0 +1,47 @@
+module Ufo
+  class Stop < Base
+    def run
+      info = Info.new(@service, @options)
+      service = info.service
+      @deployments = service.deployments
+      if @deployments.size > 1
+        stop_old_tasks(service.service_name)
+      end
+    end
+
+    def stop_old_tasks(service_name)
+      # json = JSON.pretty_generate(deployments.map(&:to_h))
+      # IO.write("/tmp/deployments.json", json)
+      tasks = service_tasks(@cluster, service_name)
+      reason = "Ufo #{Ufo::VERSION} has deployed new code and stopping old tasks."
+      tasks.each do |task|
+        next if task["task_definition_arn"] == latest_deployed_arn
+        log "Stopping task #{task["task_arn"]}"
+        ecs.stop_task(cluster: @cluster, task: task["task_arn"], reason: reason)
+      end
+    end
+
+    # latest deployment task definition arn
+    def latest_deployed_arn
+      latest = @deployments.sort_by do |deployment|
+        Time.parse(deployment["created_at"].to_s)
+      end.last
+      latest["task_definition"]
+    end
+
+    def service_tasks(cluster, service_name)
+      all_task_arns = ecs.list_tasks(cluster: cluster, service_name: service_name).task_arns
+      return [] if all_task_arns.empty?
+      ecs.describe_tasks(cluster: cluster, tasks: all_task_arns).tasks
+    end
+
+    def log(text)
+      path = "#{Ufo.root}/.ufo/log/stop.log"
+      FileUtils.mkdir_p(File.dirname(path))
+      File.open(path, 'a') do |f|
+        f.puts("#{Time.now} #{text}")
+      end
+      puts text unless @options[:mute]
+    end
+  end
+end

data/lib/ufo/task.rb

@@ -1,7 +1,5 @@
-require 'memoist'
-
 module Ufo
-  class Task
+  class Task < Base
     extend Memoist
 
     include Util
@@ -21,7 +19,9 @@ module Ufo
         cluster: @cluster,
         task_definition: @task_definition
       }
-      task_options = task_options.merge(default_params[:run_task] || {})
+      task_options = adjust_fargate_options(task_options)
+      task_options = task_options.merge(user_params[:run_task] || {})
+      task_options = adjust_security_groups(task_options)
 
       if @options[:command]
         task_options.merge!(overrides: overrides)
@@ -35,6 +35,7 @@ module Ufo
       end
 
       resp = run_task(task_options)
+      exit_if_failures!(resp)
       unless @options[:mute]
         task_arn = resp.tasks[0].task_arn
         puts "Task ARN: #{task_arn}"
@@ -43,6 +44,25 @@ module Ufo
       end
     end
 
+    # Pretty hard to produce this edge case.  Happens when:
+    #   launch_type: EC2
+    #   network_mode: awsvpc
+    #   assign_public_ip: DISABLED
+    def exit_if_failures!(resp)
+      return if resp[:failures].nil? || resp[:failures].empty?
+
+      puts "There was a failure running the ECS task.".colorize(:red)
+      puts "This might be happen if you have a network_mode of awsvpc and have assigned_public_ip to DISABLED."
+      puts "This cryptic error also shows up if the network settings have security groups and subnets that are not in the same vpc as the ECS cluster container instances.  Please double check that."
+      puts "You can use this command to quickly reconfigure the network settings:"
+      puts "  ufo network init --vpc-id XXX."
+      puts "More details on the can be found under the 'Task Networking Considerations' section at: "
+      puts "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html"
+      puts "Original response with failures:"
+      pp resp
+      exit 1
+    end
+
     def run_task(options)
       puts "Equivalent aws cli command:"
       puts "  aws ecs run-task --cluster #{@cluster} --task-definition #{options[:task_definition]}".colorize(:green)
@@ -55,12 +75,66 @@ module Ufo
       else
         raise
       end
+    rescue Aws::ECS::Errors::InvalidParameterException => e
+      if e.message =~ /Network Configuration must be provided when networkMode 'awsvpc' is specified/
+        puts "ERROR: #{e.class} #{e.message}".colorize(:red)
+        puts "Please double check .ufo/params.yml and make sure that network_configuration is set."
+        puts "Or run change the task definition template in .ufo/templates so it does not use vpcmode."
+        exit 1
+      else
+        raise
+      end
     end
 
   private
+    # adjust network_configuration based on fargate and network mode of awsvpc
+    def adjust_fargate_options(options)
+      task_def = recent_task_definition
+      return options unless task_def[:network_mode] == "awsvpc"
+
+      awsvpc_conf = { subnets: network[:ecs_subnets] }
+      if task_def[:requires_compatibilities] == ["FARGATE"]
+        awsvpc_conf[:assign_public_ip] = "ENABLED"
+        options[:launch_type] = "FARGATE"
+      end
+
+      options[:network_configuration] = { awsvpc_configuration: awsvpc_conf }
+      options
+    end
+
+    # Ensures at least 1 security group is assigned if awsvpc_configuration
+    # is provided.
+    def adjust_security_groups(options)
+      return options unless options[:network_configuration] &&
+                     options[:network_configuration][:awsvpc_configuration]
+
+      awsvpc_conf = options[:network_configuration][:awsvpc_configuration]
+
+      security_groups = awsvpc_conf[:security_groups]
+      if [nil, '', 'nil'].include?(security_groups)
+        security_groups = []
+      end
+      if security_groups.empty?
+        fetch = Network::Fetch.new(network[:vpc])
+        sg = fetch.security_group_id
+        security_groups << sg
+        security_groups.uniq!
+      end
+
+      # override security groups
+      options[:network_configuration][:awsvpc_configuration][:security_groups] = security_groups
+      options
+    end
+
+    def network
+      settings = Ufo.settings
+      Setting::Profile.new(:network, settings[:network_profile]).data
+    end
+    memoize :network
+
     def cloudwatch_info(task_arn)
-      config = original_container_definition[:log_configuration]
-      container_name = original_container_definition[:name]
+      config = container_definition[:log_configuration]
+      container_name = container_definition[:name]
 
       return unless config && config[:log_driver] == "awslogs"
 
@@ -79,7 +153,6 @@ module Ufo
     # only using the overrides to override the container command
     def overrides
       command = @options[:command] # Thor parser ensure this is always an array
-      container_definition = original_container_definition
       {
         container_overrides: [
           {
@@ -91,17 +164,25 @@ module Ufo
       }
     end
 
-    def original_container_definition
-      resp = ecs.list_task_definitions(
-        family_prefix: @task_definition,
-        sort: "DESC"
-      )
+    # Usually most recent task definition.
+    # If user has specified task_definition with specific version like
+    #   demo-web:8
+    # Then it'll be that exact task definnition.
+    def recent_task_definition
+      arns = task_definition_arns(@task_definition)
       # "arn:aws:ecs:us-east-1:<aws_account_id>:task-definition/wordpress:6",
-      last_definition_arn = resp.task_definition_arns.first
+      last_definition_arn = arns.first
+      puts "last_definition_arn #{last_definition_arn}"
       task_name = last_definition_arn.split("/").last
       resp = ecs.describe_task_definition(task_definition: task_name)
-      container_definition = resp.task_definition.container_definitions[0].to_h
+
+      resp.task_definition
+    end
+    memoize :recent_task_definition
+
+    # container definition from the most recent task definition
+    def container_definition
+      recent_task_definition.container_definitions[0].to_h
     end
-    memoize :original_container_definition
   end
 end

data/lib/ufo/tasks/register.rb

@@ -20,7 +20,7 @@ module Ufo
       @options = options
     end
 
-    # aws ecs register-task-definition --cli-input-json file://.ufo/output/hi-web-prod.json
+    # aws ecs register-task-definition --cli-input-json file://.ufo/output/demo-web-prod.json
     def register
       data = JSON.parse(IO.read(@template_definition_path))
       data = rubyize_format(data)

data/lib/ufo/template_scope.rb

@@ -1,5 +1,7 @@
 module Ufo
   class TemplateScope
+    extend Memoist
+
     attr_reader :helper
     attr_reader :task_definition_name
     def initialize(helper=nil, task_definition_name=nil)
@@ -35,14 +37,86 @@ module Ufo
       instance_eval(IO.read(path), path) if File.exist?(path)
     end
 
-    def assign_instance_variables
-      # copy over the instance variables to make available in RenderMePretty's scope
-      hash = {}
-      instance_variables.each do |var|
-        key = var.to_s.sub('@','') # rid of the leading @
-        hash[key.to_sym] = instance_variable_get(var)
+    # Add additional instance variables to template_scope
+    def assign_instance_variables(vars)
+      vars.each do |k,v|
+        instance_variable_set("@#{k}".to_sym, v)
+      end
+    end
+
+    def network
+      Ufo::Setting::Profile.new(:network, settings[:network_profile]).data
+    end
+    memoize :network
+
+    def cfn
+      Ufo::Setting::Profile.new(:cfn, settings[:cfn_profile]).data
+    end
+    memoize :cfn
+
+    def settings
+      Ufo.settings
+    end
+
+    def custom_properties(resource)
+      resource = resource.to_s.underscore
+      properties = cfn[resource.to_sym]
+      return unless properties
+
+      # transform keys: camelize
+      properties = properties.deep_stringify_keys.deep_transform_keys do |key|
+        if key == key.upcase # trying to generalize special rule for dns.TTL
+          key # leave key alone if key is already in all upcase
+        else
+          key.camelize
+        end
+      end
+
+      substitute_variables!(properties)
+
+      yaml = YAML.dump(properties)
+      # add spaces in front on each line
+      yaml.split("\n")[1..-1].map do |line|
+        "      #{line}"
+      end.join("\n") + "\n"
+    end
+
+    # Substitute special variables that cannot be baked into the template
+    # because they are dynamically assigned. Only one special variable:
+    #
+    #   {stack_name}
+    def substitute_variables!(properties)
+      # transform values and substitute for special values
+      # https://stackoverflow.com/questions/34595142/process-nested-hash-to-convert-all-values-to-strings
+      #
+      # Examples:
+      #   "{stack_name}.stag.boltops.com." => development-demo-web.stag.boltops.com.
+      #   "{stack_name}.stag.boltops.com." => dev-demo-web-2.stag.boltops.com.
+      properties.deep_merge(properties) do |_,_,v|
+        if v.is_a?(String)
+          v.sub!('{stack_name}', @stack_name) # unsure why need shebang, but it works
+        else
+          v
+        end
+      end
+      properties
+    end
+
+    def default_target_group_protocol
+      default_elb_protocol
+    end
+
+    def default_elb_protocol
+      @elb_type == "application" ? "HTTP" : "TCP"
+    end
+
+    def pretty_name?
+      # env variable takes highest precedence
+      if ENV["STATIC_NAME"]
+        ENV["STATIC_NAME"] != "0"
+      else
+        settings[:pretty_name]
       end
-      hash
     end
   end
 end