ufo 6.3.1 → 6.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/templates/env_file/file.env +2 -0
- data/lib/templates/env_file/file.secrets.tt +5 -0
- data/lib/templates/{hooks → hook}/docker.rb +0 -0
- data/lib/templates/{hooks → hook}/ufo.rb +0 -0
- data/lib/templates/init/.ufo/config.rb.tt +1 -2
- data/lib/templates/init/.ufo/vars/base.rb +2 -2
- data/lib/ufo/cfn/stack/builder/resources/dns.rb +38 -1
- data/lib/ufo/cfn/stack/builder/resources/listener.rb +2 -2
- data/lib/ufo/cfn/stack/vars.rb +18 -2
- data/lib/ufo/cli/new/env_file.rb +18 -0
- data/lib/ufo/cli/new/hook.rb +1 -1
- data/lib/ufo/cli/new.rb +7 -0
- data/lib/ufo/config/parse.rb +4 -2
- data/lib/ufo/config.rb +6 -4
- data/lib/ufo/task_definition/helpers/vars/builder.rb +30 -7
- data/lib/ufo/version.rb +1 -1
- metadata +7 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ee25a6ee92c06422088b489aa3f9d27d8fb0dfd229b7bb6e0b0eb2241a4d3902
|
4
|
+
data.tar.gz: f4a8043b8ab3bbb33794d3002d58890d8aa4753ffe3ac4b029432599195e5289
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 76beccace3016451330c40b589fa7c3f95680eff187a667f520eed80c7d4cd90b91667dd06d58288cabf4c5d5acb699cf53ecc6c296dcb48e66504a0c02147ad
|
7
|
+
data.tar.gz: 22700e11a6de03b489deacf6fbde1e7b5652b4048b078b1d3750dfc0f1b083e5e3bbc417057f04d9fe73e48ac609139aea92bc526ae4c33cfdee16253f341db8
|
data/CHANGELOG.md
CHANGED
@@ -3,6 +3,11 @@
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
4
4
|
This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
5
5
|
|
6
|
+
## [6.3.2] - 2022-03-26
|
7
|
+
- [#164](https://github.com/tongueroo/ufo/pull/164) existing elb target group support
|
8
|
+
- [#165](https://github.com/tongueroo/ufo/pull/165) improve secrets support
|
9
|
+
- [#166](https://github.com/tongueroo/ufo/pull/166) infer elb dns name from target group when possible
|
10
|
+
|
6
11
|
## [6.3.1] - 2022-03-25
|
7
12
|
- ufo init: improve vars base.rb
|
8
13
|
|
File without changes
|
File without changes
|
@@ -35,6 +35,5 @@ Ufo.configure do |config|
|
|
35
35
|
# config.logs.filter_pattern = '- "HealthChecker"'
|
36
36
|
|
37
37
|
# Docs: https://ufoships.com/docs/config/reference/
|
38
|
-
#
|
39
|
-
# config.ship.docker.quiet = false # default is true.
|
38
|
+
# config.ship.docker.quiet = true # default is false
|
40
39
|
end
|
@@ -7,8 +7,8 @@
|
|
7
7
|
@name = role # IE: web worker clock
|
8
8
|
@image = docker_image # includes the git sha org/repo:ufo-[sha].
|
9
9
|
# Docs: https://ufoships.com/docs/helpers/builtin/secrets/
|
10
|
-
|
11
|
-
|
10
|
+
@environment = env_file
|
11
|
+
@secrets = secrets_file
|
12
12
|
@cpu = 256
|
13
13
|
@memory = 256
|
14
14
|
@memory_reservation = 256
|
@@ -8,7 +8,7 @@ class Ufo::Cfn::Stack::Builder::Resources
|
|
8
8
|
Comment: dns.comment,
|
9
9
|
Type: dns.type, # CNAME
|
10
10
|
TTL: dns.ttl, # 60 ttl has special casing
|
11
|
-
ResourceRecords: [
|
11
|
+
ResourceRecords: [resource_record]
|
12
12
|
}
|
13
13
|
# HostedZoneName: yourdomain. # dont forget the trailing period
|
14
14
|
props[:HostedZoneName] = hosted_zone_name if hosted_zone_name
|
@@ -21,6 +21,43 @@ class Ufo::Cfn::Stack::Builder::Resources
|
|
21
21
|
end
|
22
22
|
|
23
23
|
private
|
24
|
+
def resource_record
|
25
|
+
existing = Ufo.config.elb.existing
|
26
|
+
if existing.target_group
|
27
|
+
existing_dns_name
|
28
|
+
else
|
29
|
+
{"Fn::GetAtt": "Elb.DNSName"}
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def existing_dns_name
|
34
|
+
existing = Ufo.config.elb.existing
|
35
|
+
resp = elb.describe_target_groups(target_group_arns: [existing.target_group])
|
36
|
+
target_group = resp.target_groups.first
|
37
|
+
load_balancer_arns = target_group.load_balancer_arns
|
38
|
+
if load_balancer_arns.size == 1
|
39
|
+
resp = elb.describe_load_balancers(load_balancer_arns: load_balancer_arns)
|
40
|
+
load_balancer = resp.load_balancers.first
|
41
|
+
load_balancer.dns_name
|
42
|
+
else
|
43
|
+
return existing.dns_name if existing.dns_name
|
44
|
+
logger.error "ERROR: config.existing.dns_name must to be set".color(:red)
|
45
|
+
logger.error <<~EOL
|
46
|
+
This target group is associated with multiple load balancers.
|
47
|
+
UFO cannot infer the dns name in this case. You must set:
|
48
|
+
|
49
|
+
config.existing.dns_name
|
50
|
+
|
51
|
+
Info:
|
52
|
+
|
53
|
+
target group: #{existing.target_group}
|
54
|
+
load balancers: #{load_balancer_arns}
|
55
|
+
|
56
|
+
EOL
|
57
|
+
exit 1
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
24
61
|
def dns_name
|
25
62
|
return unless dns.domain || dns.name
|
26
63
|
name = dns.name # my.domain.com
|
@@ -55,8 +55,8 @@ class Ufo::Cfn::Stack::Builder::Resources
|
|
55
55
|
TargetGroupArn: {
|
56
56
|
"Fn::If": [
|
57
57
|
"ElbTargetGroupIsBlank",
|
58
|
-
{Ref: "TargetGroup"},
|
59
|
-
{Ref: "ElbTargetGroup"}
|
58
|
+
{Ref: "TargetGroup"}, # UFO managed
|
59
|
+
{Ref: "ElbTargetGroup"} # Managed by user outside of UFO
|
60
60
|
]
|
61
61
|
}
|
62
62
|
}
|
data/lib/ufo/cfn/stack/vars.rb
CHANGED
@@ -9,10 +9,11 @@ class Ufo::Cfn::Stack
|
|
9
9
|
container: container,
|
10
10
|
create_elb: create_elb?, # helps set Ecs DependsOn
|
11
11
|
create_listener_ssl: create_listener_ssl?,
|
12
|
-
create_route53:
|
12
|
+
create_route53: create_route53?,
|
13
13
|
default_listener_protocol: default_listener_protocol,
|
14
14
|
default_listener_ssl_protocol: default_listener_ssl_protocol,
|
15
15
|
default_target_group_protocol: default_target_group_protocol,
|
16
|
+
elb_target_group: elb_target_group,
|
16
17
|
elb_type: elb_type,
|
17
18
|
new_stack: new_stack,
|
18
19
|
rollback_task_definition: rollback_task_definition,
|
@@ -63,15 +64,30 @@ class Ufo::Cfn::Stack
|
|
63
64
|
elb.ssl.enabled && elb.ssl.certificates
|
64
65
|
end
|
65
66
|
|
67
|
+
def create_route53?
|
68
|
+
return false unless dns_configured?
|
69
|
+
if create_elb?
|
70
|
+
true
|
71
|
+
else
|
72
|
+
Ufo.config.elb.existing.target_group
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
66
76
|
def create_elb?
|
67
77
|
elb = Ufo.config.elb
|
68
|
-
if elb.
|
78
|
+
if elb.existing.target_group
|
79
|
+
false
|
80
|
+
elsif elb.enabled.to_s == "auto"
|
69
81
|
container[:name] == "web" # convention
|
70
82
|
else
|
71
83
|
elb.enabled # true or false
|
72
84
|
end
|
73
85
|
end
|
74
86
|
|
87
|
+
def elb_target_group
|
88
|
+
Ufo.config.elb.existing.target_group
|
89
|
+
end
|
90
|
+
|
75
91
|
def container
|
76
92
|
task_definition = Builder::Resources::TaskDefinition::Reconstructor.new(@task_definition, @options[:rollback]).reconstruct
|
77
93
|
|
@@ -0,0 +1,18 @@
|
|
1
|
+
class Ufo::CLI::New
|
2
|
+
class EnvFile < Sequence
|
3
|
+
argument :type, default: "env", description: "IE: env or secrets" # description doesnt really show up
|
4
|
+
|
5
|
+
def self.cli_options
|
6
|
+
[
|
7
|
+
[:force, aliases: ["y"], type: :boolean, desc: "Bypass overwrite are you sure prompt for existing files"],
|
8
|
+
]
|
9
|
+
end
|
10
|
+
cli_options.each { |args| class_option(*args) }
|
11
|
+
|
12
|
+
public
|
13
|
+
def create_hook
|
14
|
+
set_template_source("env_file")
|
15
|
+
template "file.#{type}", ".ufo/config/env_files/#{Ufo.env}.#{type}"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
data/lib/ufo/cli/new/hook.rb
CHANGED
data/lib/ufo/cli/new.rb
CHANGED
@@ -7,6 +7,13 @@ class Ufo::CLI
|
|
7
7
|
end
|
8
8
|
register(BootHook, "boot_hook", "boot_hook", "Generate boot_hook")
|
9
9
|
|
10
|
+
desc "env_file", "Generate env_file"
|
11
|
+
long_desc Help.text("new/env_file")
|
12
|
+
EnvFile.cli_options.each do |args|
|
13
|
+
option(*args)
|
14
|
+
end
|
15
|
+
register(EnvFile, "env_file", "env_file", "Generate env_file")
|
16
|
+
|
10
17
|
desc "helper", "Generate helper"
|
11
18
|
long_desc Help.text("new/helper")
|
12
19
|
Helper.cli_options.each do |args|
|
data/lib/ufo/config/parse.rb
CHANGED
@@ -19,10 +19,12 @@ class Ufo::Config
|
|
19
19
|
return false unless config_line # default is false
|
20
20
|
config_value = config_line.gsub(/.*=/,'').strip.gsub(/["']/,'')
|
21
21
|
case type
|
22
|
-
when :boolean
|
23
|
-
config_value != "false" && config_value != "nil"
|
24
22
|
when :array
|
25
23
|
eval(config_value) # IE: '["a"]' => ["a"]
|
24
|
+
when :boolean
|
25
|
+
config_value != "false" && config_value != "nil"
|
26
|
+
when :string
|
27
|
+
config_value.sub(/\s+#.*/,'') # remove trailing comment
|
26
28
|
else
|
27
29
|
raise "Type #{type.inspect} not supported"
|
28
30
|
end
|
data/lib/ufo/config.rb
CHANGED
@@ -63,6 +63,10 @@ module Ufo
|
|
63
63
|
config.elb.default_actions = nil # full override
|
64
64
|
config.elb.enabled = "auto" # "auto", true or false
|
65
65
|
|
66
|
+
config.elb.existing = ActiveSupport::OrderedOptions.new
|
67
|
+
config.elb.existing.target_group = nil
|
68
|
+
config.elb.existing.dns_name = nil # for managed route53 records
|
69
|
+
|
66
70
|
config.elb.health_check_interval_seconds = 10 # keep at 10 in case of network ELB, which is min 10
|
67
71
|
config.elb.health_check_path = nil # When nil its AWS default /
|
68
72
|
config.elb.healthy_threshold_count = 3 # The AWS usual default is 5
|
@@ -111,11 +115,9 @@ module Ufo
|
|
111
115
|
config.ps.summary = true
|
112
116
|
|
113
117
|
config.secrets = ActiveSupport::OrderedOptions.new
|
114
|
-
config.secrets.
|
115
|
-
config.secrets.
|
116
|
-
config.secrets.pattern.ssm = ":APP/:ENV/:SECRET_NAME" # => demo/dev/DB_PASS
|
118
|
+
config.secrets.manager_pattern = ":APP/:ENV/:SECRET_NAME" # => demo/dev/DB_PASS
|
119
|
+
config.secrets.ssm_pattern = ":APP/:ENV/:SECRET_NAME" # => demo/dev/DB_PASS
|
117
120
|
config.secrets.provider = "ssm" # default provider for conventional expansion IE: ssm or secretsmanager
|
118
|
-
config.secrets.warning = true
|
119
121
|
|
120
122
|
config.ship = ActiveSupport::OrderedOptions.new
|
121
123
|
config.ship.docker = ActiveSupport::OrderedOptions.new
|
@@ -37,8 +37,7 @@ module Ufo::TaskDefinition::Helpers::Vars
|
|
37
37
|
]
|
38
38
|
layers.map! { |l| ".ufo/env_files/#{l}#{@ext}" }
|
39
39
|
show_layers(layers)
|
40
|
-
layers.select
|
41
|
-
layers
|
40
|
+
layers.select { |l| File.exist?(l) }
|
42
41
|
end
|
43
42
|
|
44
43
|
def show_layers(paths)
|
@@ -63,7 +62,8 @@ module Ufo::TaskDefinition::Helpers::Vars
|
|
63
62
|
|
64
63
|
def env(ext='.env')
|
65
64
|
@ext = ext # assign instance variable so dont have to pass around
|
66
|
-
|
65
|
+
result = render_erb(content) # tricky: use result instead of content for variable assignment or content method is not called
|
66
|
+
lines = filtered_lines(result)
|
67
67
|
lines.map do |line|
|
68
68
|
line = line.sub('export ', '') # allow user to use export. ufo ignores it
|
69
69
|
key,*value = line.strip.split("=").map do |x|
|
@@ -97,7 +97,7 @@ module Ufo::TaskDefinition::Helpers::Vars
|
|
97
97
|
value.sub(/^ssm:/i, "arn:aws:ssm:#{region}:#{account}:parameter/")
|
98
98
|
when /^secretsmanager:/i
|
99
99
|
value.sub(/^secretsmanager:/i, "arn:aws:secretsmanager:#{region}:#{account}:secret:")
|
100
|
-
when '' # blank string will mean use convention
|
100
|
+
when '', *available_providers # blank string will mean use convention
|
101
101
|
conventional_pattern(name, value)
|
102
102
|
else
|
103
103
|
value # assume full arn has been passed
|
@@ -129,11 +129,11 @@ module Ufo::TaskDefinition::Helpers::Vars
|
|
129
129
|
# DB_NAME=:APP/:ENV/:SECRET_NAME # expansion will use => demo/dev/DB_NAME
|
130
130
|
#
|
131
131
|
def conventional_pattern(name, value)
|
132
|
-
|
133
|
-
provider = secrets.provider # ssm or secretsmanager
|
132
|
+
provider = get_provider(value)
|
134
133
|
namespace = provider == "ssm" ? "parameter/" : "secret:"
|
135
134
|
|
136
|
-
|
135
|
+
field = provider == "secretsmanager" ? "manager_pattern" : "ssm_pattern"
|
136
|
+
config_name = "secrets.#{field}"
|
137
137
|
pattern = callable_option(
|
138
138
|
config_name: config_name, # Ufo.config.names.stack => :APP-:ROLE-:ENV => demo-web-dev
|
139
139
|
passed_args: [self],
|
@@ -143,6 +143,22 @@ module Ufo::TaskDefinition::Helpers::Vars
|
|
143
143
|
"arn:aws:#{provider}:#{region}:#{account}:#{namespace}#{pattern}"
|
144
144
|
end
|
145
145
|
|
146
|
+
# Allows user to override one-off value. IE: DB_PASS=secretsmanager
|
147
|
+
# Note there's no point in disabling this override ability since valueFrom examples a reference.
|
148
|
+
#
|
149
|
+
# {
|
150
|
+
# "name": "PASS",
|
151
|
+
# "valueFrom": "arn:aws:ssm:us-west-2:1111111111111:parameter/demo/dev/PASS"
|
152
|
+
# }
|
153
|
+
#
|
154
|
+
def get_provider(value)
|
155
|
+
available_providers.include?(value) ? value : Ufo.config.secrets.provider
|
156
|
+
end
|
157
|
+
|
158
|
+
def available_providers
|
159
|
+
%w[ssm secretsmanager]
|
160
|
+
end
|
161
|
+
|
146
162
|
def remove_surrounding_quotes(s)
|
147
163
|
if s =~ /^"/ && s =~ /"$/
|
148
164
|
s.sub(/^["]/, '').gsub(/["]$/,'') # remove surrounding double quotes
|
@@ -162,5 +178,12 @@ module Ufo::TaskDefinition::Helpers::Vars
|
|
162
178
|
# filter out empty lines
|
163
179
|
lines = lines.reject { |l| l.strip.empty? }
|
164
180
|
end
|
181
|
+
|
182
|
+
def render_erb(content)
|
183
|
+
path = ".ufo/output/params.erb"
|
184
|
+
FileUtils.mkdir_p(File.dirname(path))
|
185
|
+
IO.write(path, content)
|
186
|
+
RenderMePretty.result(path, context: self)
|
187
|
+
end
|
165
188
|
end
|
166
189
|
end
|
data/lib/ufo/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ufo
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.3.
|
4
|
+
version: 6.3.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tung Nguyen
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-03-
|
11
|
+
date: 2022-03-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-logs
|
@@ -479,9 +479,11 @@ files:
|
|
479
479
|
- exe/ufo
|
480
480
|
- lib/templates/boot_hook/.ufo/config/boot.rb
|
481
481
|
- lib/templates/docker/Dockerfile
|
482
|
+
- lib/templates/env_file/file.env
|
483
|
+
- lib/templates/env_file/file.secrets.tt
|
482
484
|
- lib/templates/helper/%underscore_name%_helper.rb.tt
|
483
|
-
- lib/templates/
|
484
|
-
- lib/templates/
|
485
|
+
- lib/templates/hook/docker.rb
|
486
|
+
- lib/templates/hook/ufo.rb
|
485
487
|
- lib/templates/init/.ufo/config.rb.tt
|
486
488
|
- lib/templates/init/.ufo/config/web/base.rb
|
487
489
|
- lib/templates/init/.ufo/config/web/dev.rb
|
@@ -572,6 +574,7 @@ files:
|
|
572
574
|
- lib/ufo/cli/new.rb
|
573
575
|
- lib/ufo/cli/new/boot_hook.rb
|
574
576
|
- lib/ufo/cli/new/concerns.rb
|
577
|
+
- lib/ufo/cli/new/env_file.rb
|
575
578
|
- lib/ufo/cli/new/helper.rb
|
576
579
|
- lib/ufo/cli/new/hook.rb
|
577
580
|
- lib/ufo/cli/new/init.rb
|