vominator 0.0.2 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -0
  3. data/lib/ec2/security_groups.rb +21 -21
  4. data/lib/vominator/ec2.rb +6 -6
  5. data/lib/vominator/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 53df973484342c23fa5dd76112d93161b8963375
4
- data.tar.gz: a6886455dcb30e4f305c0f9e233cfdffa0936c6f
3
+ metadata.gz: fba414ccd39128ec41e5e7337f624e8a5dca2758
4
+ data.tar.gz: 75012aeef586da2e77a0cb817cbe0860838c7c13
5
5
  SHA512:
6
- metadata.gz: aa37b7bfbe5819cbd0c73c64b5f1a4e505b2ab25cf7774e60b0498604a9d40a17574b690fbfda547f0d90e84a64ffb3b303a407b38cbd05531fa865bdbe2cddd
7
- data.tar.gz: 95bcbd216f5b72fcdeb797a8c2afbf8c2a9f6b942667d242255d2020e61ddaa1f2e7a871b1c51de1b54cd64414ffe19855b46897042569f93552c01cb3f49b21
6
+ metadata.gz: 9ef593c067e45b82582317a80d51f9ab0306893b56dcf8a3c1338b9700b73ca90a479dda4c3b8d8d65d1e8146b8d89156a7740687617c1651eca6d16e1b82995
7
+ data.tar.gz: f884636b45307f3215ce1868067d6d92886ee72999094285d4e371206bd965d9ede8ecc62caa621a7457f869ecccdaf9cf505018c7c5f73404dd9fb28c533020
data/README.md CHANGED
@@ -22,7 +22,9 @@ access_key_id: AWS_SECRET_KEY
22
22
  secret_access_key: AWS_SECRET_ACCESS_KEY
23
23
  configuration_path: Location to puke
24
24
  key_pair_name: infrastructure@example.com
25
+ instances_file: Location for cache file IE /Users/foo/.vominator/instances-metadata
25
26
  ```
27
+
26
28
  ## Usage
27
29
 
28
30
  Everything with Vominator revolves around the concept of defining products. These products are a logical grouping of resources that describe how your product is deployed and accessed. These products are then associated with an environment so that you can quickly replicate resources between VPCs.
data/lib/ec2/security_groups.rb CHANGED
@@ -172,7 +172,7 @@ puke_security_groups.each do |puke_security_group|
172
172
 
173
173
  # Normalize the rules that we defined in puke for the security group.
174
174
  puke_ingress_rules = Array.new
175
- cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/
175
+ cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[0-2][0-9]|3[0-2]))$/
176
176
 
177
177
  puke_security_group['ingress'].each do |rule|
178
178
  #TODO: Normalize all to -1 for ip_protocol
@@ -187,8 +187,8 @@ puke_security_groups.each do |puke_security_group|
187
187
  if rule['source'] =~ cidr_block_regex
188
188
  puke_ingress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => rule['source'], :source_security_group_id => nil})
189
189
  else rule['source']
190
- if vpc_security_groups_id_lookup[puke_security_group_name]
191
- group_id = vpc_security_groups_id_lookup[puke_security_group_name]
190
+ if vpc_security_groups_id_lookup[rule['source']]
191
+ group_id = vpc_security_groups_id_lookup[rule['source']]
192
192
  puke_ingress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => nil, :source_security_group_id => group_id, :source_security_group_name => vpc_security_groups_name_lookup[group_id] })
193
193
  else
194
194
  LOGGER.fatal("Do not recognize #{rule['source']} as a valid cidr block and was unable to resolve this to a valid security group for #{rule} in #{puke_security_group_name}")
@@ -207,17 +207,17 @@ puke_security_groups.each do |puke_security_group|
207
207
  #TODO: Normalize -1 to all for ip_protocol
208
208
  #TODO: if -1 for ip_protocol set :from_port and to_ports
209
209
  rule.ip_ranges.each do |ip_range|
210
- vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => ip_range.cidr_ip, :source_security_group_id => nil })
210
+ vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => ip_range.cidr_ip, :destination_security_group_id => nil })
211
211
  end
212
212
 
213
213
  rule.user_id_group_pairs.each do |group|
214
- vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => nil, :source_security_group_id => group.group_id, :source_security_group_name => vpc_security_groups_name_lookup[group.group_id] })
214
+ vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => nil, :destination_security_group_id => group.group_id, :destination_security_group_name => vpc_security_groups_name_lookup[group.group_id] })
215
215
  end
216
216
  end
217
217
 
218
218
  # Normalize the rules that we defined in puke for the security group.
219
219
  puke_egress_rules = Array.new
220
- cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/
220
+ cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[0-2][0-9]|3[0-2]))$/
221
221
 
222
222
  puke_security_group['egress'].each do |rule|
223
223
  #TODO: Normalize all to -1 for ip_protocol
@@ -228,15 +228,15 @@ puke_security_groups.each do |puke_security_group|
228
228
  from_port = rule['ports']
229
229
  to_port = rule['ports']
230
230
  end
231
-
232
- if rule['source'] =~ cidr_block_regex
233
- puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => rule['source'], :source_security_group_id => nil})
234
- else rule['source']
235
- if vpc_security_groups_id_lookup[puke_security_group_name]
236
- group_id = vpc_security_groups_id_lookup[puke_security_group_name]
237
- puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => nil, :source_security_group_id => group_id, :source_security_group_name => vpc_security_groups_name_lookup[group_id] })
231
+
232
+ if rule['destination'] =~ cidr_block_regex
233
+ puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => rule['destination'], :destination_security_group_id => nil})
234
+ else rule['destination']
235
+ if vpc_security_groups_id_lookup[rule['destination']]
236
+ group_id = vpc_security_groups_id_lookup[rule['destination']]
237
+ puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => nil, :destination_security_group_id => group_id, :destination_security_group_name => vpc_security_groups_name_lookup[group_id] })
238
238
  else
239
- LOGGER.fatal("Do not recognize #{rule['source']} as a valid cidr block and was unable to resolve this to a valid security group for #{rule} in #{puke_security_group_name}")
239
+ LOGGER.fatal("Do not recognize #{rule['destination']} as a valid cidr block and was unable to resolve this to a valid security group for #{rule} in #{puke_security_group_name}")
240
240
  end
241
241
  end
242
242
  end
@@ -265,19 +265,19 @@ puke_security_groups.each do |puke_security_group|
265
265
  end
266
266
 
267
267
  egress_to_create.each do |rule|
268
- source = rule[:cidr_ip] || rule[:source_security_group_name]
269
- t.add_row ['Outbound'.green, source.green, rule[:from_port].to_s.green, rule[:to_port].to_s.green, rule[:ip_protocol].green, 'Create'.green]
268
+ destination = rule[:cidr_ip] || rule[:destination_security_group_name]
269
+ t.add_row ['Outbound'.green, destination.green, rule[:from_port].to_s.green, rule[:to_port].to_s.green, rule[:ip_protocol].green, 'Create'.green]
270
270
  end
271
271
 
272
272
  egress_to_delete.each do |rule|
273
- source = rule[:cidr_ip] || rule[:source_security_group_name]
274
- t.add_row ['Outbound'.red, source.red, rule[:from_port].to_s.red, rule[:to_port].to_s.red, rule[:ip_protocol].red, 'Delete'.red]
273
+ destination = rule[:cidr_ip] || rule[:destination_security_group_name]
274
+ t.add_row ['Outbound'.red, destination.red, rule[:from_port].to_s.red, rule[:to_port].to_s.red, rule[:ip_protocol].red, 'Delete'.red]
275
275
  end
276
276
 
277
277
  if options[:verbose]
278
278
  ((vpc_egress_rules - egress_to_create) - egress_to_delete).each do |rule|
279
- source = rule[:cidr_ip] || rule[:source_security_group_name]
280
- t.add_row ['Outbound', source, rule[:from_port].to_s, rule[:to_port].to_s, rule[:ip_protocol], nil]
279
+ destination = rule[:cidr_ip] || rule[:destination_security_group_name]
280
+ t.add_row ['Outbound', destination, rule[:from_port].to_s, rule[:to_port].to_s, rule[:ip_protocol], nil]
281
281
  end
282
282
  end
283
283
  end
@@ -311,4 +311,4 @@ puke_security_groups.each do |puke_security_group|
311
311
  end
312
312
  end
313
313
  end
314
- end
314
+ end
data/lib/vominator/ec2.rb CHANGED
@@ -266,16 +266,16 @@ module Vominator
266
266
  end
267
267
 
268
268
  if rule[:cidr_ip]
269
- client.authorize_security_group_ingress({group_id: group_id, cidr_ip: rule[:cidr_ip], ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port]})
269
+ client.authorize_security_group_ingress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], ip_ranges: [{cidr_ip: rule[:cidr_ip]}]}]})
270
270
  end
271
271
 
272
272
  when 'egress'
273
- if rule[:source_security_group_id]
274
- client.authorize_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:source_security_group_id]}]}]})
273
+ if rule[:destination_security_group_id]
274
+ client.authorize_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:destination_security_group_id]}]}]})
275
275
  end
276
276
 
277
277
  if rule[:cidr_ip]
278
- client.authorize_security_group_egress({group_id: group_id, cidr_ip: rule[:cidr_ip], ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port]})
278
+ client.authorize_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], ip_ranges: [{cidr_ip: rule[:cidr_ip]}]}]})
279
279
  end
280
280
  else
281
281
  return false
@@ -294,8 +294,8 @@ module Vominator
294
294
  end
295
295
 
296
296
  when 'egress'
297
- if rule[:source_security_group_id]
298
- client.revoke_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:source_security_group_id]}]}]})
297
+ if rule[:destination_security_group_id]
298
+ client.revoke_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:destination_security_group_id]}]}]})
299
299
  end
300
300
 
301
301
  if rule[:cidr_ip]
data/lib/vominator/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Vominator
2
- VERSION = "0.0.2"
2
+ VERSION = "0.0.3"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vominator
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Kelly
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2016-02-24 00:00:00.000000000 Z
13
+ date: 2016-02-25 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: aws-sdk