ufo 6.3.1 → 6.3.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f1f60f15e2492a5d8e40c1b0a507e5eac51427963a2d29139235e1eb70d37c24
4
- data.tar.gz: e6bc8a65ac678cddcccc000c9b829dfebd94aa91dd664129f7aed7f40310e271
3
+ metadata.gz: ee25a6ee92c06422088b489aa3f9d27d8fb0dfd229b7bb6e0b0eb2241a4d3902
4
+ data.tar.gz: f4a8043b8ab3bbb33794d3002d58890d8aa4753ffe3ac4b029432599195e5289
5
5
  SHA512:
6
- metadata.gz: e90f778cc345554a7ef971268297fd5b5e1969538056384f1bd1b3248aaa1519682f84d6a37b65c59ee70586494ff7111dacc3a8bf72a6bec62251aec63a338a
7
- data.tar.gz: 2e0fd1b9d37604c15027f898b74e706e18304362fde5577b05db90190e0b747038a89068819ba9b213a403d3f20e051c4cab0bd7d11887142756b538460e8db5
6
+ metadata.gz: 76beccace3016451330c40b589fa7c3f95680eff187a667f520eed80c7d4cd90b91667dd06d58288cabf4c5d5acb699cf53ecc6c296dcb48e66504a0c02147ad
7
+ data.tar.gz: 22700e11a6de03b489deacf6fbde1e7b5652b4048b078b1d3750dfc0f1b083e5e3bbc417057f04d9fe73e48ac609139aea92bc526ae4c33cfdee16253f341db8
data/CHANGELOG.md CHANGED
@@ -3,6 +3,11 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
5
5
 
6
+ ## [6.3.2] - 2022-03-26
7
+ - [#164](https://github.com/tongueroo/ufo/pull/164) existing elb target group support
8
+ - [#165](https://github.com/tongueroo/ufo/pull/165) improve secrets support
9
+ - [#166](https://github.com/tongueroo/ufo/pull/166) infer elb dns name from target group when possible
10
+
6
11
  ## [6.3.1] - 2022-03-25
7
12
  - ufo init: improve vars base.rb
8
13
 
@@ -0,0 +1,2 @@
1
+ # Docs: https://ufoships.com/docs/features/env_files/env/
2
+ KEY=value
@@ -0,0 +1,5 @@
1
+ # Docs: https://ufoships.com/docs/features/env_files/secrets/
2
+ DATABASE_URL # conventional
3
+ # explicit
4
+ USER=ssm:demo/<%= Ufo.env %>/USER
5
+ PASS=ssm:demo/<%= Ufo.env %>/PASS
File without changes
File without changes
@@ -35,6 +35,5 @@ Ufo.configure do |config|
35
35
  # config.logs.filter_pattern = '- "HealthChecker"'
36
36
 
37
37
  # Docs: https://ufoships.com/docs/config/reference/
38
- # You may want to set to false if your docker build and push process takes a while
39
- # config.ship.docker.quiet = false # default is true.
38
+ # config.ship.docker.quiet = true # default is false
40
39
  end
@@ -7,8 +7,8 @@
7
7
  @name = role # IE: web worker clock
8
8
  @image = docker_image # includes the git sha org/repo:ufo-[sha].
9
9
  # Docs: https://ufoships.com/docs/helpers/builtin/secrets/
10
- # @environment = env_file
11
- # @secrets = secrets_file
10
+ @environment = env_file
11
+ @secrets = secrets_file
12
12
  @cpu = 256
13
13
  @memory = 256
14
14
  @memory_reservation = 256
@@ -8,7 +8,7 @@ class Ufo::Cfn::Stack::Builder::Resources
8
8
  Comment: dns.comment,
9
9
  Type: dns.type, # CNAME
10
10
  TTL: dns.ttl, # 60 ttl has special casing
11
- ResourceRecords: [{"Fn::GetAtt": "Elb.DNSName"}]
11
+ ResourceRecords: [resource_record]
12
12
  }
13
13
  # HostedZoneName: yourdomain. # dont forget the trailing period
14
14
  props[:HostedZoneName] = hosted_zone_name if hosted_zone_name
@@ -21,6 +21,43 @@ class Ufo::Cfn::Stack::Builder::Resources
21
21
  end
22
22
 
23
23
  private
24
+ def resource_record
25
+ existing = Ufo.config.elb.existing
26
+ if existing.target_group
27
+ existing_dns_name
28
+ else
29
+ {"Fn::GetAtt": "Elb.DNSName"}
30
+ end
31
+ end
32
+
33
+ def existing_dns_name
34
+ existing = Ufo.config.elb.existing
35
+ resp = elb.describe_target_groups(target_group_arns: [existing.target_group])
36
+ target_group = resp.target_groups.first
37
+ load_balancer_arns = target_group.load_balancer_arns
38
+ if load_balancer_arns.size == 1
39
+ resp = elb.describe_load_balancers(load_balancer_arns: load_balancer_arns)
40
+ load_balancer = resp.load_balancers.first
41
+ load_balancer.dns_name
42
+ else
43
+ return existing.dns_name if existing.dns_name
44
+ logger.error "ERROR: config.existing.dns_name must to be set".color(:red)
45
+ logger.error <<~EOL
46
+ This target group is associated with multiple load balancers.
47
+ UFO cannot infer the dns name in this case. You must set:
48
+
49
+ config.existing.dns_name
50
+
51
+ Info:
52
+
53
+ target group: #{existing.target_group}
54
+ load balancers: #{load_balancer_arns}
55
+
56
+ EOL
57
+ exit 1
58
+ end
59
+ end
60
+
24
61
  def dns_name
25
62
  return unless dns.domain || dns.name
26
63
  name = dns.name # my.domain.com
@@ -55,8 +55,8 @@ class Ufo::Cfn::Stack::Builder::Resources
55
55
  TargetGroupArn: {
56
56
  "Fn::If": [
57
57
  "ElbTargetGroupIsBlank",
58
- {Ref: "TargetGroup"},
59
- {Ref: "ElbTargetGroup"}
58
+ {Ref: "TargetGroup"}, # UFO managed
59
+ {Ref: "ElbTargetGroup"} # Managed by user outside of UFO
60
60
  ]
61
61
  }
62
62
  }
@@ -9,10 +9,11 @@ class Ufo::Cfn::Stack
9
9
  container: container,
10
10
  create_elb: create_elb?, # helps set Ecs DependsOn
11
11
  create_listener_ssl: create_listener_ssl?,
12
- create_route53: create_elb? && dns_configured?,
12
+ create_route53: create_route53?,
13
13
  default_listener_protocol: default_listener_protocol,
14
14
  default_listener_ssl_protocol: default_listener_ssl_protocol,
15
15
  default_target_group_protocol: default_target_group_protocol,
16
+ elb_target_group: elb_target_group,
16
17
  elb_type: elb_type,
17
18
  new_stack: new_stack,
18
19
  rollback_task_definition: rollback_task_definition,
@@ -63,15 +64,30 @@ class Ufo::Cfn::Stack
63
64
  elb.ssl.enabled && elb.ssl.certificates
64
65
  end
65
66
 
67
+ def create_route53?
68
+ return false unless dns_configured?
69
+ if create_elb?
70
+ true
71
+ else
72
+ Ufo.config.elb.existing.target_group
73
+ end
74
+ end
75
+
66
76
  def create_elb?
67
77
  elb = Ufo.config.elb
68
- if elb.enabled.to_s == "auto"
78
+ if elb.existing.target_group
79
+ false
80
+ elsif elb.enabled.to_s == "auto"
69
81
  container[:name] == "web" # convention
70
82
  else
71
83
  elb.enabled # true or false
72
84
  end
73
85
  end
74
86
 
87
+ def elb_target_group
88
+ Ufo.config.elb.existing.target_group
89
+ end
90
+
75
91
  def container
76
92
  task_definition = Builder::Resources::TaskDefinition::Reconstructor.new(@task_definition, @options[:rollback]).reconstruct
77
93
 
@@ -0,0 +1,18 @@
1
+ class Ufo::CLI::New
2
+ class EnvFile < Sequence
3
+ argument :type, default: "env", description: "IE: env or secrets" # description doesnt really show up
4
+
5
+ def self.cli_options
6
+ [
7
+ [:force, aliases: ["y"], type: :boolean, desc: "Bypass overwrite are you sure prompt for existing files"],
8
+ ]
9
+ end
10
+ cli_options.each { |args| class_option(*args) }
11
+
12
+ public
13
+ def create_hook
14
+ set_template_source("env_file")
15
+ template "file.#{type}", ".ufo/config/env_files/#{Ufo.env}.#{type}"
16
+ end
17
+ end
18
+ end
@@ -11,7 +11,7 @@ class Ufo::CLI::New
11
11
 
12
12
  public
13
13
  def create_hook
14
- set_template_source("hooks")
14
+ set_template_source("hook")
15
15
  template "#{type}.rb", ".ufo/config/hooks/#{type}.rb"
16
16
  end
17
17
  end
data/lib/ufo/cli/new.rb CHANGED
@@ -7,6 +7,13 @@ class Ufo::CLI
7
7
  end
8
8
  register(BootHook, "boot_hook", "boot_hook", "Generate boot_hook")
9
9
 
10
+ desc "env_file", "Generate env_file"
11
+ long_desc Help.text("new/env_file")
12
+ EnvFile.cli_options.each do |args|
13
+ option(*args)
14
+ end
15
+ register(EnvFile, "env_file", "env_file", "Generate env_file")
16
+
10
17
  desc "helper", "Generate helper"
11
18
  long_desc Help.text("new/helper")
12
19
  Helper.cli_options.each do |args|
@@ -19,10 +19,12 @@ class Ufo::Config
19
19
  return false unless config_line # default is false
20
20
  config_value = config_line.gsub(/.*=/,'').strip.gsub(/["']/,'')
21
21
  case type
22
- when :boolean
23
- config_value != "false" && config_value != "nil"
24
22
  when :array
25
23
  eval(config_value) # IE: '["a"]' => ["a"]
24
+ when :boolean
25
+ config_value != "false" && config_value != "nil"
26
+ when :string
27
+ config_value.sub(/\s+#.*/,'') # remove trailing comment
26
28
  else
27
29
  raise "Type #{type.inspect} not supported"
28
30
  end
data/lib/ufo/config.rb CHANGED
@@ -63,6 +63,10 @@ module Ufo
63
63
  config.elb.default_actions = nil # full override
64
64
  config.elb.enabled = "auto" # "auto", true or false
65
65
 
66
+ config.elb.existing = ActiveSupport::OrderedOptions.new
67
+ config.elb.existing.target_group = nil
68
+ config.elb.existing.dns_name = nil # for managed route53 records
69
+
66
70
  config.elb.health_check_interval_seconds = 10 # keep at 10 in case of network ELB, which is min 10
67
71
  config.elb.health_check_path = nil # When nil its AWS default /
68
72
  config.elb.healthy_threshold_count = 3 # The AWS usual default is 5
@@ -111,11 +115,9 @@ module Ufo
111
115
  config.ps.summary = true
112
116
 
113
117
  config.secrets = ActiveSupport::OrderedOptions.new
114
- config.secrets.pattern = ActiveSupport::OrderedOptions.new
115
- config.secrets.pattern.secretsmanager = ":APP-:ENV-:SECRET_NAME" # => demo-dev-DB_PASS
116
- config.secrets.pattern.ssm = ":APP/:ENV/:SECRET_NAME" # => demo/dev/DB_PASS
118
+ config.secrets.manager_pattern = ":APP/:ENV/:SECRET_NAME" # => demo/dev/DB_PASS
119
+ config.secrets.ssm_pattern = ":APP/:ENV/:SECRET_NAME" # => demo/dev/DB_PASS
117
120
  config.secrets.provider = "ssm" # default provider for conventional expansion IE: ssm or secretsmanager
118
- config.secrets.warning = true
119
121
 
120
122
  config.ship = ActiveSupport::OrderedOptions.new
121
123
  config.ship.docker = ActiveSupport::OrderedOptions.new
@@ -37,8 +37,7 @@ module Ufo::TaskDefinition::Helpers::Vars
37
37
  ]
38
38
  layers.map! { |l| ".ufo/env_files/#{l}#{@ext}" }
39
39
  show_layers(layers)
40
- layers.select! { |l| File.exist?(l) }
41
- layers
40
+ layers.select { |l| File.exist?(l) }
42
41
  end
43
42
 
44
43
  def show_layers(paths)
@@ -63,7 +62,8 @@ module Ufo::TaskDefinition::Helpers::Vars
63
62
 
64
63
  def env(ext='.env')
65
64
  @ext = ext # assign instance variable so dont have to pass around
66
- lines = filtered_lines(content)
65
+ result = render_erb(content) # tricky: use result instead of content for variable assignment or content method is not called
66
+ lines = filtered_lines(result)
67
67
  lines.map do |line|
68
68
  line = line.sub('export ', '') # allow user to use export. ufo ignores it
69
69
  key,*value = line.strip.split("=").map do |x|
@@ -97,7 +97,7 @@ module Ufo::TaskDefinition::Helpers::Vars
97
97
  value.sub(/^ssm:/i, "arn:aws:ssm:#{region}:#{account}:parameter/")
98
98
  when /^secretsmanager:/i
99
99
  value.sub(/^secretsmanager:/i, "arn:aws:secretsmanager:#{region}:#{account}:secret:")
100
- when '' # blank string will mean use convention
100
+ when '', *available_providers # blank string will mean use convention
101
101
  conventional_pattern(name, value)
102
102
  else
103
103
  value # assume full arn has been passed
@@ -129,11 +129,11 @@ module Ufo::TaskDefinition::Helpers::Vars
129
129
  # DB_NAME=:APP/:ENV/:SECRET_NAME # expansion will use => demo/dev/DB_NAME
130
130
  #
131
131
  def conventional_pattern(name, value)
132
- secrets = Ufo.config.secrets
133
- provider = secrets.provider # ssm or secretsmanager
132
+ provider = get_provider(value)
134
133
  namespace = provider == "ssm" ? "parameter/" : "secret:"
135
134
 
136
- config_name = "secrets.pattern.#{provider}"
135
+ field = provider == "secretsmanager" ? "manager_pattern" : "ssm_pattern"
136
+ config_name = "secrets.#{field}"
137
137
  pattern = callable_option(
138
138
  config_name: config_name, # Ufo.config.names.stack => :APP-:ROLE-:ENV => demo-web-dev
139
139
  passed_args: [self],
@@ -143,6 +143,22 @@ module Ufo::TaskDefinition::Helpers::Vars
143
143
  "arn:aws:#{provider}:#{region}:#{account}:#{namespace}#{pattern}"
144
144
  end
145
145
 
146
+ # Allows user to override one-off value. IE: DB_PASS=secretsmanager
147
+ # Note there's no point in disabling this override ability since valueFrom examples a reference.
148
+ #
149
+ # {
150
+ # "name": "PASS",
151
+ # "valueFrom": "arn:aws:ssm:us-west-2:1111111111111:parameter/demo/dev/PASS"
152
+ # }
153
+ #
154
+ def get_provider(value)
155
+ available_providers.include?(value) ? value : Ufo.config.secrets.provider
156
+ end
157
+
158
+ def available_providers
159
+ %w[ssm secretsmanager]
160
+ end
161
+
146
162
  def remove_surrounding_quotes(s)
147
163
  if s =~ /^"/ && s =~ /"$/
148
164
  s.sub(/^["]/, '').gsub(/["]$/,'') # remove surrounding double quotes
@@ -162,5 +178,12 @@ module Ufo::TaskDefinition::Helpers::Vars
162
178
  # filter out empty lines
163
179
  lines = lines.reject { |l| l.strip.empty? }
164
180
  end
181
+
182
+ def render_erb(content)
183
+ path = ".ufo/output/params.erb"
184
+ FileUtils.mkdir_p(File.dirname(path))
185
+ IO.write(path, content)
186
+ RenderMePretty.result(path, context: self)
187
+ end
165
188
  end
166
189
  end
data/lib/ufo/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Ufo
2
- VERSION = "6.3.1"
2
+ VERSION = "6.3.2"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ufo
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.3.1
4
+ version: 6.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tung Nguyen
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-03-25 00:00:00.000000000 Z
11
+ date: 2022-03-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-logs
@@ -479,9 +479,11 @@ files:
479
479
  - exe/ufo
480
480
  - lib/templates/boot_hook/.ufo/config/boot.rb
481
481
  - lib/templates/docker/Dockerfile
482
+ - lib/templates/env_file/file.env
483
+ - lib/templates/env_file/file.secrets.tt
482
484
  - lib/templates/helper/%underscore_name%_helper.rb.tt
483
- - lib/templates/hooks/docker.rb
484
- - lib/templates/hooks/ufo.rb
485
+ - lib/templates/hook/docker.rb
486
+ - lib/templates/hook/ufo.rb
485
487
  - lib/templates/init/.ufo/config.rb.tt
486
488
  - lib/templates/init/.ufo/config/web/base.rb
487
489
  - lib/templates/init/.ufo/config/web/dev.rb
@@ -572,6 +574,7 @@ files:
572
574
  - lib/ufo/cli/new.rb
573
575
  - lib/ufo/cli/new/boot_hook.rb
574
576
  - lib/ufo/cli/new/concerns.rb
577
+ - lib/ufo/cli/new/env_file.rb
575
578
  - lib/ufo/cli/new/helper.rb
576
579
  - lib/ufo/cli/new/hook.rb
577
580
  - lib/ufo/cli/new/init.rb