ufo 4.6.3 → 5.0.4

data/docs/_includes/footer.html

@@ -6,11 +6,12 @@
                     <div class="footer-col col-md-4">
                         <h3>More Tools</h3>
                         <ul class="list-unstyled tools">
-                            <li><a href="http://rubyonjets.com">Jets</a></li>
-                            <li><a href="http://lono.cloud">Lono</a></li>
-                            <li><a href="http://sonic-screwdriver.cloud">Sonic</a></li>
-                            <li><a href="http://jack-eb.com">Jack</a></li>
-                            <li><a href="https://boltops.com/toolbelt">Toolbelt</a></li>
+                            <li><a href="https://terraspace.cloud">Terraspace</a></li>
+                            <li><a href="https://kubes.guru">Kubes</a></li>
+                            <li><a href="https://rubyonjets.com">Jets</a></li>
+                            <li><a href="https://lono.cloud">Lono</a></li>
+                            <li><a href="https://sonic-screwdriver.cloud">Sonic</a></li>
+                            <li><a href="https://jack-eb.com">Jack</a></li>
                         </ul>
                     </div>
                     <div class="footer-col col-md-4">

data/docs/_includes/subnav.html

@@ -25,6 +25,8 @@
                 </li>
                 <li><a href="{% link _docs/variables.md %}">Shared Variables</a></li>
                 <li><a href="{% link _docs/helpers.md %}">Helpers</a></li>
+                <li><a href="{% link _docs/secrets.md %}">Secrets</a></li>
+                <li><a href="{% link _docs/iam-roles.md %}">IAM Roles</a></li>
                 <li><a href="{% link _docs/conventions.md %}">Conventions</a></li>
                 <li><a href="{% link _docs/ufo-logs.md %}">Ufo Logs</a></li>
                 <li><a href="{% link _docs/ufo-env.md %}">Ufo Env</a></li>
@@ -44,6 +46,7 @@
                 <li><a href="{% link _docs/extras/minimal-deploy-iam.md %}">Minimal Deploy IAM</a></li>
                 <li><a href="{% link _docs/extras/codebuild-iam-role.md %}">CodeBuild IAM Role</a></li>
                 <li><a href="{% link _docs/extras/dockerfile-erb.md %}">Dockerfile.erb</a></li>
+                <li><a href="{% link _docs/extras/notification-arns.md %}">Notification Arns</a></li>
             </ul>
         </li>
         <li><a href="{% link _docs/upgrading.md %}">Upgrading</a>

data/docs/_reference/ufo-deploy.md

@@ -58,13 +58,12 @@ A more detailed post is available here: [How to Create Unlimited Extra Environme
 [--elb=ELB]                                  # Decides to create elb, not create elb or use existing target group.
 [--elb-eip-ids=one two three]                # EIP Allocation ids to use for network load balancer.
 [--elb-type=ELB_TYPE]                        # ELB type: application or network. Keep current deployed elb type when not specified.
-[--pretty], [--no-pretty]                    # Pretty format the json for the task definitions
-                                             # Default: true
 [--scheduling-strategy=SCHEDULING_STRATEGY]  # Scheduling strategy to use for the service. IE: replica, daemon
 [--stop-old-tasks], [--no-stop-old-tasks]    # Stop old tasks as part of deployment to speed it up
 [--task=TASK]                                # ECS task name, to override the task name convention.
 [--wait], [--no-wait]                        # Wait for deployment to complete
                                              # Default: true
+[--image-override=IMAGE_OVERRIDE]            # Override image in task definition for quick testing
 [--register], [--no-register]                # Register task definition
                                              # Default: true
 [--build], [--no-build]                      # Build task definition

data/docs/_reference/ufo-init.md

@@ -107,20 +107,19 @@ If you would like to use a local template that is not on GitHub, then created a
 ## Options
 
 ```
-[--force]                                  # Bypass overwrite are you sure prompt for existing files.
---image=IMAGE                              # Docker image name without the tag. Example: tongueroo/demo-ufo. Configures ufo/settings.yml
-[--app=APP]                                # App name. Preferably one word. Used in the generated ufo/task_definitions.rb.  If not specified then the app name is inferred as the folder name.
-[--launch-type=LAUNCH_TYPE]                # ec2 or fargate.
-                                           # Default: ec2
-[--execution-role-arn=EXECUTION_ROLE_ARN]  # execution role arn used by tasks, required for fargate.
-[--template=TEMPLATE]                      # Custom template to use.
-[--template-mode=TEMPLATE_MODE]            # Template mode: replace or additive.
-[--vpc-id=VPC_ID]                          # Vpc id. For settings/network/default.yml.
-[--ecs-subnets=one two three]              # Subnets for ECS tasks, defaults to --elb-subnets set to. For settings/network/default.yml
-[--elb-subnets=one two three]              # Subnets for ELB. For settings/network/default.yml
-[--verbose], [--no-verbose]                
-[--mute], [--no-mute]                      
-[--noop], [--no-noop]                      
-[--cluster=CLUSTER]                        # Cluster.  Overrides .ufo/settings.yml.
+[--force]                        # Bypass overwrite are you sure prompt for existing files.
+--image=IMAGE                    # Docker image name without the tag. Example: tongueroo/demo-ufo. Configures ufo/settings.yml
+[--app=APP]                      # App name. Preferably one word. Used in the generated ufo/task_definitions.rb.  If not specified then the app name is inferred as the folder name.
+[--launch-type=LAUNCH_TYPE]      # ec2 or fargate.
+                                 # Default: ec2
+[--template=TEMPLATE]            # Custom template to use.
+[--template-mode=TEMPLATE_MODE]  # Template mode: replace or additive.
+[--vpc-id=VPC_ID]                # Vpc id. For settings/network/default.yml.
+[--ecs-subnets=one two three]    # Subnets for ECS tasks, defaults to --elb-subnets set to. For settings/network/default.yml
+[--elb-subnets=one two three]    # Subnets for ELB. For settings/network/default.yml
+[--verbose], [--no-verbose]      
+[--mute], [--no-mute]            
+[--noop], [--no-noop]            
+[--cluster=CLUSTER]              # Cluster.  Overrides .ufo/settings.yml.
 ```
 

data/docs/_reference/ufo-logs.md

@@ -30,7 +30,7 @@ If you have a current service name set.
                                    # Default: true
 [--since=SINCE]                    # From what time to begin displaying logs.  By default, logs will be displayed starting from 1 minutes in the past. The value provided can be an ISO 8601 timestamp or a relative time.
 [--format=FORMAT]                  # The format to display the logs. IE: detailed or short.  With detailed, the log stream name is also shown.
-                                   # Default: simple
+                                   # Default: detailed
 [--filter-pattern=FILTER_PATTERN]  # The filter pattern to use. If not provided, all the events are matched
 [--verbose], [--no-verbose]        
 [--mute], [--no-mute]              

data/docs/_reference/ufo-rollback.md

@@ -51,6 +51,8 @@ You only need to specify enough for a match to be found.  Ufo searches the 30 mo
 ## Options
 
 ```
+[--wait], [--no-wait]        # Wait for deployment to complete
+                             # Default: true
 [--verbose], [--no-verbose]  
 [--mute], [--no-mute]        
 [--noop], [--no-noop]        

data/docs/_reference/ufo-ship.md

@@ -115,13 +115,12 @@ You can change the scheduling strategy by explicitly specifying it.  Otherwise,
 [--elb=ELB]                                  # Decides to create elb, not create elb or use existing target group.
 [--elb-eip-ids=one two three]                # EIP Allocation ids to use for network load balancer.
 [--elb-type=ELB_TYPE]                        # ELB type: application or network. Keep current deployed elb type when not specified.
-[--pretty], [--no-pretty]                    # Pretty format the json for the task definitions
-                                             # Default: true
 [--scheduling-strategy=SCHEDULING_STRATEGY]  # Scheduling strategy to use for the service. IE: replica, daemon
 [--stop-old-tasks], [--no-stop-old-tasks]    # Stop old tasks as part of deployment to speed it up
 [--task=TASK]                                # ECS task name, to override the task name convention.
 [--wait], [--no-wait]                        # Wait for deployment to complete
                                              # Default: true
+[--image-override=IMAGE_OVERRIDE]            # Override image in task definition for quick testing
 [--verbose], [--no-verbose]                  
 [--mute], [--no-mute]                        
 [--noop], [--no-noop]                        

data/docs/_reference/ufo-ships.md

@@ -55,12 +55,11 @@ Note: The `--task` option is not used with the `ufo ships` command.
 [--elb=ELB]                                  # Decides to create elb, not create elb or use existing target group.
 [--elb-eip-ids=one two three]                # EIP Allocation ids to use for network load balancer.
 [--elb-type=ELB_TYPE]                        # ELB type: application or network. Keep current deployed elb type when not specified.
-[--pretty], [--no-pretty]                    # Pretty format the json for the task definitions
-                                             # Default: true
 [--scheduling-strategy=SCHEDULING_STRATEGY]  # Scheduling strategy to use for the service. IE: replica, daemon
 [--stop-old-tasks], [--no-stop-old-tasks]    # Stop old tasks as part of deployment to speed it up
 [--task=TASK]                                # ECS task name, to override the task name convention.
 [--wait], [--no-wait]                        # Wait for deployment to complete
+[--image-override=IMAGE_OVERRIDE]            # Override image in task definition for quick testing
 [--verbose], [--no-verbose]                  
 [--mute], [--no-mute]                        
 [--noop], [--no-noop]                        

data/docs/_reference/ufo-tasks-build.md

@@ -173,7 +173,6 @@ If you need to modify the task definition template to suite your own needs it is
 ## Options
 
 ```
-[--pretty], [--no-pretty]  # Pretty format the json for the task definitions
-                           # Default: true
+[--image-override=IMAGE_OVERRIDE]  # Override image in task definition for quick testing
 ```
 

data/docs/articles.md

@@ -1,6 +1,6 @@
 ---
 title: Articles
-nav_order: 46
+nav_order: 51
 ---
 
 * [How to Create Unlimited Extra Environments

data/lib/template/.secrets

@@ -0,0 +1,5 @@
+# Example starter secrets file. Be sure that the SSM parameters or Secrets exist.
+# Docs: https://ufoships.com/docs/secrets/
+#
+# NAME1=SSM:parameter_name
+# NAME2=SECRETSMANAGER:secret_name-AbCdEf

data/lib/template/.ufo/iam_roles/execution_role.rb

@@ -0,0 +1,7 @@
+# Example starter execution role. Add the iam role permissions that the host needs here:
+#
+# More docs: https://ufoships.com/docs/iam-roles/
+#
+managed_iam_policy("AmazonSSMReadOnlyAccess")
+managed_iam_policy("SecretsManagerReadWrite")
+managed_iam_policy("service-role/AmazonECSTaskExecutionRolePolicy")

data/lib/template/.ufo/iam_roles/task_role.rb

@@ -0,0 +1,21 @@
+# Example starter task role. Add the iam role permissions that the container needs here:
+#
+# More docs: https://ufoships.com/docs/iam-roles/
+#
+# Examples:
+#
+# iam_policy("AmazonS3ReadOnlyAccess",
+#   Action: [
+#     "s3:Get*",
+#     "s3:List*"
+#   ],
+#   Effect: "Allow",
+#   Resource: "*"
+# )
+# iam_policy("CloudwatchWrite",
+#   Action: [
+#     "cloudwatch:PutMetricData",
+#   ],
+#   Effect: "Allow",
+#   Resource: "*"
+# )

data/lib/template/.ufo/settings.yml.tt

@@ -13,6 +13,7 @@ base:
   # replacment might not work. For example, adding and removing a load balancer.
   # In these cases, you must delete the entire ecs service and recreate it.
   stack_naming: append_env
+  auto_camelize: false # new default setting in ufo v5
 
 development:
   # cluster: development

data/lib/template/.ufo/settings/cfn/default.yml.tt

@@ -3,38 +3,38 @@
 # CloudFormation. These options are inserting into the generated template.
 # More info: https://ufoships.com/docs/customize-cloudformation
 
-elb:
-  scheme: internet-facing
+Elb:
+  Scheme: internet-facing
 
 # https://docs.aws.amazon.com/fr_fr/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html
 #
 # When using SSL with network elb, the target group protocol is usually http still
 # unless you also handle SSL termination at the app level.
-target_group:
-  port: 80 # only used with ECS if awsvpc mode
-  # protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP
+TargetGroup:
+  Port: 80 # only used with ECS if awsvpc mode
+  # Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP
                   # ufo sets defaults in cloudformation template
                   #   application elb: HTTP
                   #   network elb: TCP
                   # so we can keep this commented out, unless we need HTTPS at the app level
   # Health check settings are supported by application load balancer only:
-  # health_check_path: /up # health check
-  health_check_interval_seconds: 10 # default: 30. Network ELB can only take 10 or 30
-  healthy_threshold_count: 2
-  unhealthy_threshold_count: 2 # default: 10
-  # health_check_protocol: HTTP # HTTP or HTTPS
-  # health_check_port: traffic-port
-  target_group_attributes:
-  - key: deregistration_delay.timeout_seconds
-    value: 10
+  # HealthCheckPath: /up # health check
+  HealthCheckIntervalSeconds: 10 # default: 30. Network ELB can only take 10 or 30
+  HealthyThresholdCount: 2
+  UnhealthyThresholdCount: 2 # default: 10
+  # HealthCheckProtocol: HTTP # HTTP or HTTPS
+  # HealthCheckPort: traffic-port
+  TargetGroupAttributes:
+  - Key: deregistration_delay.timeout_seconds
+    Value: 10
 
 # https://docs.aws.amazon.com/fr_fr/elasticloadbalancing/latest/APIReference/API_CreateListener.html
 #
 # This is the default listener and normally should listen to port 80.
-listener:
-  port: 80
+Listener:
+  Port: 80
   # For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocol is TCP.
-  # protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
+  # Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
                   # ufo sets these defaults:
                   #   application elb: HTTP  # unless port is 443
                   #   application elb: HTTPS # if port is 443
@@ -43,8 +43,8 @@ listener:
                   # Can keep protocol commented out,
                   # unless need to override the defaults.
   # If using the listener to handle SSL
-  # certificates:
-  # - certificate_arn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
+  # Certificates:
+  # - CertificateArn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
 
 # An optional second listener can be created.
 # If HTTPS and SSL is required then the listener_ssl config is what you should use.
@@ -53,11 +53,11 @@ listener:
 #   to handle SSL termination.
 #
 # ufo creates an ssl listener when listener_ssl is set.
-# listener_ssl:
-#   port: 443
-#   # certificates:
-#   # - certificate_arn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
-#   # protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
+# ListenerSsl:
+#   Port: 443
+#   # Certificates:
+#   # - CertificateArn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
+#   # Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
 #                   # ufo handles setting the defaults:
 #                   #   application elb: HTTPS
 #                   #   network elb: TLS
@@ -66,7 +66,7 @@ listener:
 # Note, the route53 record set for the domain name must already exist.
 # The {stack_name} variable gets replaced with the name of the CloudFormation stack name.
 # Example: {stack_name} => demo-web
-# dns:
-#   name: "{stack_name}.yourdomain."
-#   hosted_zone_name: yourdomain. # dont forget the trailing period
+# Dns:
+#   Name: "{stack_name}.yourdomain."
+#   HostedZoneName: yourdomain. # dont forget the trailing period
 #   TTL: '60' # ttl has special upcase casing

data/lib/template/.ufo/settings/network/default.yml.tt

@@ -15,3 +15,12 @@ elb_subnets: # defaults to same subnets as ecs_subnets when not set
 # ecs_security_groups:
 #   - sg-bbb
 #   - sg-ccc
+
+# Also supports extra security groups specific to each ECS service
+# ecs_security_groups:
+#   demo-web:
+#   - sg-bbb
+#   - sg-ccc
+#   demo-worker:
+#   - sg-bbb
+#   - sg-ccc

data/lib/template/.ufo/templates/fargate.json.erb

@@ -2,7 +2,6 @@
   "family": "<%= @family %>",
   "requiresCompatibilities": ["FARGATE"],
   "networkMode": "awsvpc",
-  "executionRoleArn": "<%= @execution_role_arn || raise("@execution_role_arn needs to be set") %>",
   "cpu": "<%= @cpu %>",
   "memory": "<%= @memory %>",
   "containerDefinitions": [
@@ -21,6 +20,9 @@
       <% if @environment %>
       "environment": <%= @environment.to_json %>,
       <% end %>
+      <% if @secrets %>
+      "secrets": <%= @secrets.to_json %>,
+      <% end %>
       <% if @awslogs_group %>
       "logConfiguration": {
         "logDriver": "awslogs",

data/lib/template/.ufo/templates/main.json.erb

@@ -24,6 +24,9 @@
       <% if @environment %>
       "environment": <%= @environment.to_json %>,
       <% end %>
+      <% if @secrets %>
+      "secrets": <%= @secrets.to_json %>,
+      <% end %>
       <% if @awslogs_group %>
       "logConfiguration": {
         "logDriver": "awslogs",

data/lib/template/.ufo/variables/base.rb.tt

@@ -2,6 +2,7 @@
 # More info on how variables work: http://ufoships.com/docs/variables/
 @image = helper.full_image_name # includes the git sha tongueroo/demo-ufo:ufo-[sha].
 @environment = helper.env_file(".env")
+@secrets = helper.secrets_file(".secrets")
 <% if @options[:launch_type] == "fargate" -%>
 # Ensure that the cpu and memory values are a supported combination by Fargate.
 # More info: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html"

data/lib/ufo.rb

@@ -1,7 +1,8 @@
 $stdout.sync = true unless ENV["UFO_STDOUT_SYNC"] == "0"
 
 $:.unshift(File.expand_path('../', __FILE__))
-require 'deep_merge'
+require 'active_support/core_ext/class'
+require 'deep_merge/rails_compat'
 require 'fileutils'
 require 'memoist'
 require 'rainbow/ext/string'

data/lib/ufo/autoloader.rb

@@ -14,8 +14,17 @@ module Ufo
         loader = Zeitwerk::Loader.new
         loader.inflector = Inflector.new
         loader.push_dir(File.dirname(__dir__)) # lib
+
+        helpers = "#{ufo_root}/.ufo/helpers"
+        loader.push_dir(helpers) if File.exist?(helpers) # project helpers
+
         loader.setup
       end
+
+      # Autoloader runs so early that Ufo.root is not available, so we must declare it here
+      def ufo_root
+        ENV['UFO_ROOT'] || '.'
+      end
     end
   end
 end

data/lib/ufo/cli.rb

@@ -37,11 +37,11 @@ module Ufo
       option :elb, desc: "Decides to create elb, not create elb or use existing target group."
       option :elb_eip_ids, type: :array, desc: "EIP Allocation ids to use for network load balancer."
       option :elb_type, desc: "ELB type: application or network. Keep current deployed elb type when not specified."
-      option :pretty, type: :boolean, default: true, desc: "Pretty format the json for the task definitions"
       option :scheduling_strategy, desc: "Scheduling strategy to use for the service. IE: replica, daemon"
       option :stop_old_tasks, type: :boolean, default: false, desc: "Stop old tasks as part of deployment to speed it up"
       option :task, desc: "ECS task name, to override the task name convention."
       option :wait, type: :boolean, desc: "Wait for deployment to complete", default: true
+      option :image_override, desc: "Override image in task definition for quick testing"
     end
 
     desc "deploy SERVICE", "Deploy task definition to ECS service without re-building the definition."
@@ -75,6 +75,7 @@ module Ufo
 
     desc "rollback SERVICE VERSION", "Rolls back to older task definition."
     long_desc Help.text(:rollback)
+    option :wait, type: :boolean, desc: "Wait for deployment to complete", default: true
     def rollback(service=:current, version)
       service = service == :current ? Current.service! : service
       rollback = Rollback.new(service, options.merge(version: version))
@@ -191,7 +192,7 @@ module Ufo
     long_desc Help.text(:logs)
     option :follow, default: true, type: :boolean, desc: " Whether to continuously poll for new logs. To exit from this mode, use Control-C."
     option :since, desc: "From what time to begin displaying logs.  By default, logs will be displayed starting from 1 minutes in the past. The value provided can be an ISO 8601 timestamp or a relative time."
-    option :format, default: "simple", desc: "The format to display the logs. IE: detailed or short.  With detailed, the log stream name is also shown."
+    option :format, default: "detailed", desc: "The format to display the logs. IE: detailed or short.  With detailed, the log stream name is also shown."
     option :filter_pattern, desc: "The filter pattern to use. If not provided, all the events are matched"
     def logs(service=:current)
       Logs.new(service, options).run

data/lib/ufo/core.rb

@@ -4,6 +4,7 @@ require 'yaml'
 module Ufo
   module Core
     extend Memoist
+    include Ufo::Settings
 
     def check_task_definition!(task_definition)
       task_definition_path = "#{Ufo.root}/.ufo/output/#{task_definition}.json"
@@ -49,15 +50,6 @@ module Ufo
       end
     end
 
-    def settings
-      Setting.new.data
-    end
-    memoize :settings
-
-    def cfn_profile
-      settings[:cfn_profile] || "default"
-    end
-
     def check_ufo_project!
       check_path = "#{Ufo.root}/.ufo/settings.yml"
       unless File.exist?(check_path)

data/lib/ufo/docker/cleaner.rb

@@ -21,7 +21,7 @@ module Ufo
     end
 
     def delete_list
-      return [] if ENV['TEST']
+      return [] if ENV['TEST'] || @options[:noop]
       return @delete_list if @delete_list
 
       out = execute("docker images") # live to override the noop cli options

data/lib/ufo/dsl.rb

@@ -2,6 +2,8 @@ require 'ostruct'
 
 module Ufo
   class DSL
+    extend Memoist
+
     def initialize(template_definitions_path, options={})
       @template_definitions_path = template_definitions_path
       @options = options
@@ -85,7 +87,10 @@ module Ufo
     end
 
     def helper
-      Helper.new
+      helper = Helper.new
+      helper.add_project_helpers
+      helper
     end
+    memoize :helper
   end
 end