ufo 5.0.1 → 5.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/ufo/ecr/auth.rb +10 -21
- data/lib/ufo/stack/builder/resources/ecs.rb +15 -11
- data/lib/ufo/version.rb +1 -1
- data/spec/lib/ecr_auth_spec.rb +32 -20
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d69cb0cf10e5170348b79e5ca64a6a593196c7e820a50d2c76e3ba667a4093cb
|
|
4
|
+
data.tar.gz: 60f41ec8d10fdf1a17265c6a6f3ad7a95777943c6246e7ee04be038241bdd2bb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '08b075b165b296f5efd8c45493bd5d0f71db161272a9fd7f41dfd91f9ed18d92287179029ac961f7b892c8c92e86f0a856b85fbe87d595c011cc04de89cd92e3'
|
|
7
|
+
data.tar.gz: ed0559461a50e6701d93b37bc5484c7366ddf7f9ad56f613b728b43ee1c06a3f9863bab267793f6d6977a2ce9a4ce5aac689a606021390ad69e1bb2ca3ea8cf4
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,11 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
|
5
5
|
|
|
6
|
+
## [5.0.2]
|
|
7
|
+
- #111 Add support of credsStore
|
|
8
|
+
- #112 Add support for bridge network mode
|
|
9
|
+
- #113 Allow custom container name when you try to attach an existing ELB to a service
|
|
10
|
+
|
|
6
11
|
## [5.0.1]
|
|
7
12
|
- #109 fix fargate
|
|
8
13
|
- #110 adjust and document `managed_security_groups` setting
|
data/lib/ufo/ecr/auth.rb
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'open3'
|
|
2
|
+
|
|
1
3
|
=begin
|
|
2
4
|
Normally, you must authorized to AWS ECR to push to their registry with:
|
|
3
5
|
|
|
@@ -27,19 +29,15 @@ module Ufo
|
|
|
27
29
|
return unless ecr_image?
|
|
28
30
|
|
|
29
31
|
auth_token = fetch_auth_token
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
username, password = Base64.decode64(auth_token).split(':')
|
|
33
|
+
|
|
34
|
+
command = "docker login -u #{username} --password-stdin #{@repo_domain}"
|
|
35
|
+
puts "=> #{command}".color(:green)
|
|
36
|
+
*, status = Open3.capture3(command, stdin_data: password)
|
|
37
|
+
unless status.success?
|
|
38
|
+
puts "ERROR: The docker failed to login.".color(:red)
|
|
39
|
+
exit 1
|
|
35
40
|
end
|
|
36
|
-
|
|
37
|
-
# Handle legacy docker clients that still have old format with https://
|
|
38
|
-
legacy_entry = "https://#{@repo_domain}"
|
|
39
|
-
data["auths"][legacy_entry] = {auth: auth_token}
|
|
40
|
-
|
|
41
|
-
ensure_dotdocker_exists
|
|
42
|
-
IO.write(docker_config, JSON.pretty_generate(data))
|
|
43
41
|
end
|
|
44
42
|
|
|
45
43
|
def ecr_image?
|
|
@@ -50,14 +48,5 @@ module Ufo
|
|
|
50
48
|
ecr.get_authorization_token.authorization_data.first.authorization_token
|
|
51
49
|
end
|
|
52
50
|
|
|
53
|
-
def docker_config
|
|
54
|
-
"#{ENV['HOME']}/.docker/config.json"
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
def ensure_dotdocker_exists
|
|
58
|
-
dirname = File.dirname(docker_config)
|
|
59
|
-
FileUtils.mkdir_p(dirname) unless File.exist?(dirname)
|
|
60
|
-
end
|
|
61
|
-
|
|
62
51
|
end
|
|
63
52
|
end
|
|
@@ -21,18 +21,12 @@ class Ufo::Stack::Builder::Resources
|
|
|
21
21
|
{Ref: "EcsDesiredCount"}
|
|
22
22
|
]
|
|
23
23
|
},
|
|
24
|
-
NetworkConfiguration: {
|
|
25
|
-
AwsvpcConfiguration: {
|
|
26
|
-
Subnets: {Ref: "EcsSubnets"},
|
|
27
|
-
SecurityGroups: security_groups(:ecs)
|
|
28
|
-
}
|
|
29
|
-
},
|
|
30
24
|
LoadBalancers: {
|
|
31
25
|
"Fn::If": [
|
|
32
26
|
"CreateTargetGroupIsTrue",
|
|
33
27
|
[
|
|
34
28
|
{
|
|
35
|
-
ContainerName:
|
|
29
|
+
ContainerName: @container[:name],
|
|
36
30
|
ContainerPort: @container[:port],
|
|
37
31
|
TargetGroupArn: {Ref: "TargetGroup"}
|
|
38
32
|
}
|
|
@@ -43,7 +37,7 @@ class Ufo::Stack::Builder::Resources
|
|
|
43
37
|
[],
|
|
44
38
|
[
|
|
45
39
|
{
|
|
46
|
-
ContainerName:
|
|
40
|
+
ContainerName: @container[:name],
|
|
47
41
|
ContainerPort: @container[:port],
|
|
48
42
|
TargetGroupArn: {Ref: "ElbTargetGroup"}
|
|
49
43
|
}
|
|
@@ -56,9 +50,19 @@ class Ufo::Stack::Builder::Resources
|
|
|
56
50
|
}
|
|
57
51
|
|
|
58
52
|
props[:TaskDefinition] = @rollback_definition_arn ? @rollback_definition_arn : {Ref: "TaskDefinition"}
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
props[:NetworkConfiguration]
|
|
53
|
+
|
|
54
|
+
if @container[:network_mode].to_s == 'awsvpc'
|
|
55
|
+
props[:NetworkConfiguration] = {
|
|
56
|
+
AwsvpcConfiguration: {
|
|
57
|
+
Subnets: {Ref: "EcsSubnets"},
|
|
58
|
+
SecurityGroups: security_groups(:ecs)
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
if @container[:fargate]
|
|
63
|
+
props[:LaunchType] = "FARGATE"
|
|
64
|
+
props[:NetworkConfiguration][:AwsvpcConfiguration][:AssignPublicIp] = "ENABLED" # Works with fargate but doesnt seem to work with non-fargate
|
|
65
|
+
end
|
|
62
66
|
end
|
|
63
67
|
|
|
64
68
|
props
|
data/lib/ufo/version.rb
CHANGED
data/spec/lib/ecr_auth_spec.rb
CHANGED
|
@@ -1,36 +1,48 @@
|
|
|
1
1
|
describe Ufo::Ecr::Auth do
|
|
2
2
|
let(:repo_domain) { "123456789.dkr.ecr.us-east-1.amazonaws.com" }
|
|
3
|
+
let(:username) { "user" }
|
|
4
|
+
let(:password) { "opensesame" }
|
|
3
5
|
let(:auth) { Ufo::Ecr::Auth.new(repo_domain) }
|
|
4
6
|
before(:each) do
|
|
5
|
-
allow(auth).to receive(:fetch_auth_token).and_return("
|
|
7
|
+
allow(auth).to receive(:fetch_auth_token).and_return(Base64.encode64("#{username}:#{password}"))
|
|
6
8
|
end
|
|
7
9
|
|
|
8
10
|
context("update") do
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
11
|
+
context("with ecr repo") do
|
|
12
|
+
context("when login successful") do
|
|
13
|
+
it "should create the auth token" do
|
|
14
|
+
command = "docker login -u #{username} --password-stdin #{repo_domain}"
|
|
15
|
+
command_result = double(success?: true)
|
|
16
|
+
expect(Open3).to receive(:capture3)
|
|
17
|
+
.with(command, stdin_data: password)
|
|
18
|
+
.and_return(['', '', command_result])
|
|
12
19
|
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
20
|
+
auth.update
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
context("when login failed") do
|
|
25
|
+
it "should exit with code 1" do
|
|
26
|
+
command = "docker login -u #{username} --password-stdin #{repo_domain}"
|
|
27
|
+
command_result = double(success?: false)
|
|
28
|
+
expect(Open3).to receive(:capture3)
|
|
29
|
+
.with(command, stdin_data: password)
|
|
30
|
+
.and_return(['', '', command_result])
|
|
31
|
+
expect(auth).to receive(:exit).with(1)
|
|
32
|
+
|
|
33
|
+
auth.update
|
|
34
|
+
end
|
|
19
35
|
end
|
|
20
36
|
end
|
|
21
37
|
|
|
22
|
-
context("
|
|
23
|
-
|
|
38
|
+
context("with not ecr repo") do
|
|
39
|
+
let(:repo_domain) { "example/test" }
|
|
40
|
+
|
|
41
|
+
it "should not update credentials" do
|
|
42
|
+
expect(Open3).not_to receive(:capture3)
|
|
43
|
+
|
|
24
44
|
auth.update
|
|
25
|
-
data = JSON.load(IO.read("spec/fixtures/home/.docker/config.json"))
|
|
26
|
-
auth_token = data["auths"][repo_domain]["auth"]
|
|
27
|
-
expect(auth_token).to eq("opensesame")
|
|
28
45
|
end
|
|
29
46
|
end
|
|
30
47
|
end
|
|
31
|
-
|
|
32
|
-
def clean_home
|
|
33
|
-
FileUtils.rm_rf("spec/fixtures/home")
|
|
34
|
-
FileUtils.cp_r("spec/fixtures/home_existing", "spec/fixtures/home")
|
|
35
|
-
end
|
|
36
48
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ufo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.0.
|
|
4
|
+
version: 5.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-08-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-logs
|