ufo 5.0.1 → 5.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/ufo/ecr/auth.rb +10 -21
- data/lib/ufo/stack/builder/resources/ecs.rb +15 -11
- data/lib/ufo/version.rb +1 -1
- data/spec/lib/ecr_auth_spec.rb +32 -20
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d69cb0cf10e5170348b79e5ca64a6a593196c7e820a50d2c76e3ba667a4093cb
|
4
|
+
data.tar.gz: 60f41ec8d10fdf1a17265c6a6f3ad7a95777943c6246e7ee04be038241bdd2bb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '08b075b165b296f5efd8c45493bd5d0f71db161272a9fd7f41dfd91f9ed18d92287179029ac961f7b892c8c92e86f0a856b85fbe87d595c011cc04de89cd92e3'
|
7
|
+
data.tar.gz: ed0559461a50e6701d93b37bc5484c7366ddf7f9ad56f613b728b43ee1c06a3f9863bab267793f6d6977a2ce9a4ce5aac689a606021390ad69e1bb2ca3ea8cf4
|
data/CHANGELOG.md
CHANGED
@@ -3,6 +3,11 @@
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
4
4
|
This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
5
5
|
|
6
|
+
## [5.0.2]
|
7
|
+
- #111 Add support of credsStore
|
8
|
+
- #112 Add support for bridge network mode
|
9
|
+
- #113 Allow custom container name when you try to attach an existing ELB to a service
|
10
|
+
|
6
11
|
## [5.0.1]
|
7
12
|
- #109 fix fargate
|
8
13
|
- #110 adjust and document `managed_security_groups` setting
|
data/lib/ufo/ecr/auth.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'open3'
|
2
|
+
|
1
3
|
=begin
|
2
4
|
Normally, you must authorized to AWS ECR to push to their registry with:
|
3
5
|
|
@@ -27,19 +29,15 @@ module Ufo
|
|
27
29
|
return unless ecr_image?
|
28
30
|
|
29
31
|
auth_token = fetch_auth_token
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
32
|
+
username, password = Base64.decode64(auth_token).split(':')
|
33
|
+
|
34
|
+
command = "docker login -u #{username} --password-stdin #{@repo_domain}"
|
35
|
+
puts "=> #{command}".color(:green)
|
36
|
+
*, status = Open3.capture3(command, stdin_data: password)
|
37
|
+
unless status.success?
|
38
|
+
puts "ERROR: The docker failed to login.".color(:red)
|
39
|
+
exit 1
|
35
40
|
end
|
36
|
-
|
37
|
-
# Handle legacy docker clients that still have old format with https://
|
38
|
-
legacy_entry = "https://#{@repo_domain}"
|
39
|
-
data["auths"][legacy_entry] = {auth: auth_token}
|
40
|
-
|
41
|
-
ensure_dotdocker_exists
|
42
|
-
IO.write(docker_config, JSON.pretty_generate(data))
|
43
41
|
end
|
44
42
|
|
45
43
|
def ecr_image?
|
@@ -50,14 +48,5 @@ module Ufo
|
|
50
48
|
ecr.get_authorization_token.authorization_data.first.authorization_token
|
51
49
|
end
|
52
50
|
|
53
|
-
def docker_config
|
54
|
-
"#{ENV['HOME']}/.docker/config.json"
|
55
|
-
end
|
56
|
-
|
57
|
-
def ensure_dotdocker_exists
|
58
|
-
dirname = File.dirname(docker_config)
|
59
|
-
FileUtils.mkdir_p(dirname) unless File.exist?(dirname)
|
60
|
-
end
|
61
|
-
|
62
51
|
end
|
63
52
|
end
|
@@ -21,18 +21,12 @@ class Ufo::Stack::Builder::Resources
|
|
21
21
|
{Ref: "EcsDesiredCount"}
|
22
22
|
]
|
23
23
|
},
|
24
|
-
NetworkConfiguration: {
|
25
|
-
AwsvpcConfiguration: {
|
26
|
-
Subnets: {Ref: "EcsSubnets"},
|
27
|
-
SecurityGroups: security_groups(:ecs)
|
28
|
-
}
|
29
|
-
},
|
30
24
|
LoadBalancers: {
|
31
25
|
"Fn::If": [
|
32
26
|
"CreateTargetGroupIsTrue",
|
33
27
|
[
|
34
28
|
{
|
35
|
-
ContainerName:
|
29
|
+
ContainerName: @container[:name],
|
36
30
|
ContainerPort: @container[:port],
|
37
31
|
TargetGroupArn: {Ref: "TargetGroup"}
|
38
32
|
}
|
@@ -43,7 +37,7 @@ class Ufo::Stack::Builder::Resources
|
|
43
37
|
[],
|
44
38
|
[
|
45
39
|
{
|
46
|
-
ContainerName:
|
40
|
+
ContainerName: @container[:name],
|
47
41
|
ContainerPort: @container[:port],
|
48
42
|
TargetGroupArn: {Ref: "ElbTargetGroup"}
|
49
43
|
}
|
@@ -56,9 +50,19 @@ class Ufo::Stack::Builder::Resources
|
|
56
50
|
}
|
57
51
|
|
58
52
|
props[:TaskDefinition] = @rollback_definition_arn ? @rollback_definition_arn : {Ref: "TaskDefinition"}
|
59
|
-
|
60
|
-
|
61
|
-
props[:NetworkConfiguration]
|
53
|
+
|
54
|
+
if @container[:network_mode].to_s == 'awsvpc'
|
55
|
+
props[:NetworkConfiguration] = {
|
56
|
+
AwsvpcConfiguration: {
|
57
|
+
Subnets: {Ref: "EcsSubnets"},
|
58
|
+
SecurityGroups: security_groups(:ecs)
|
59
|
+
}
|
60
|
+
}
|
61
|
+
|
62
|
+
if @container[:fargate]
|
63
|
+
props[:LaunchType] = "FARGATE"
|
64
|
+
props[:NetworkConfiguration][:AwsvpcConfiguration][:AssignPublicIp] = "ENABLED" # Works with fargate but doesnt seem to work with non-fargate
|
65
|
+
end
|
62
66
|
end
|
63
67
|
|
64
68
|
props
|
data/lib/ufo/version.rb
CHANGED
data/spec/lib/ecr_auth_spec.rb
CHANGED
@@ -1,36 +1,48 @@
|
|
1
1
|
describe Ufo::Ecr::Auth do
|
2
2
|
let(:repo_domain) { "123456789.dkr.ecr.us-east-1.amazonaws.com" }
|
3
|
+
let(:username) { "user" }
|
4
|
+
let(:password) { "opensesame" }
|
3
5
|
let(:auth) { Ufo::Ecr::Auth.new(repo_domain) }
|
4
6
|
before(:each) do
|
5
|
-
allow(auth).to receive(:fetch_auth_token).and_return("
|
7
|
+
allow(auth).to receive(:fetch_auth_token).and_return(Base64.encode64("#{username}:#{password}"))
|
6
8
|
end
|
7
9
|
|
8
10
|
context("update") do
|
9
|
-
|
10
|
-
|
11
|
-
|
11
|
+
context("with ecr repo") do
|
12
|
+
context("when login successful") do
|
13
|
+
it "should create the auth token" do
|
14
|
+
command = "docker login -u #{username} --password-stdin #{repo_domain}"
|
15
|
+
command_result = double(success?: true)
|
16
|
+
expect(Open3).to receive(:capture3)
|
17
|
+
.with(command, stdin_data: password)
|
18
|
+
.and_return(['', '', command_result])
|
12
19
|
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
20
|
+
auth.update
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
context("when login failed") do
|
25
|
+
it "should exit with code 1" do
|
26
|
+
command = "docker login -u #{username} --password-stdin #{repo_domain}"
|
27
|
+
command_result = double(success?: false)
|
28
|
+
expect(Open3).to receive(:capture3)
|
29
|
+
.with(command, stdin_data: password)
|
30
|
+
.and_return(['', '', command_result])
|
31
|
+
expect(auth).to receive(:exit).with(1)
|
32
|
+
|
33
|
+
auth.update
|
34
|
+
end
|
19
35
|
end
|
20
36
|
end
|
21
37
|
|
22
|
-
context("
|
23
|
-
|
38
|
+
context("with not ecr repo") do
|
39
|
+
let(:repo_domain) { "example/test" }
|
40
|
+
|
41
|
+
it "should not update credentials" do
|
42
|
+
expect(Open3).not_to receive(:capture3)
|
43
|
+
|
24
44
|
auth.update
|
25
|
-
data = JSON.load(IO.read("spec/fixtures/home/.docker/config.json"))
|
26
|
-
auth_token = data["auths"][repo_domain]["auth"]
|
27
|
-
expect(auth_token).to eq("opensesame")
|
28
45
|
end
|
29
46
|
end
|
30
47
|
end
|
31
|
-
|
32
|
-
def clean_home
|
33
|
-
FileUtils.rm_rf("spec/fixtures/home")
|
34
|
-
FileUtils.cp_r("spec/fixtures/home_existing", "spec/fixtures/home")
|
35
|
-
end
|
36
48
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ufo
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.0.
|
4
|
+
version: 5.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tung Nguyen
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-08-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-logs
|