vominator 0.0.2 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 53df973484342c23fa5dd76112d93161b8963375
4
- data.tar.gz: a6886455dcb30e4f305c0f9e233cfdffa0936c6f
3
+ metadata.gz: fba414ccd39128ec41e5e7337f624e8a5dca2758
4
+ data.tar.gz: 75012aeef586da2e77a0cb817cbe0860838c7c13
5
5
  SHA512:
6
- metadata.gz: aa37b7bfbe5819cbd0c73c64b5f1a4e505b2ab25cf7774e60b0498604a9d40a17574b690fbfda547f0d90e84a64ffb3b303a407b38cbd05531fa865bdbe2cddd
7
- data.tar.gz: 95bcbd216f5b72fcdeb797a8c2afbf8c2a9f6b942667d242255d2020e61ddaa1f2e7a871b1c51de1b54cd64414ffe19855b46897042569f93552c01cb3f49b21
6
+ metadata.gz: 9ef593c067e45b82582317a80d51f9ab0306893b56dcf8a3c1338b9700b73ca90a479dda4c3b8d8d65d1e8146b8d89156a7740687617c1651eca6d16e1b82995
7
+ data.tar.gz: f884636b45307f3215ce1868067d6d92886ee72999094285d4e371206bd965d9ede8ecc62caa621a7457f869ecccdaf9cf505018c7c5f73404dd9fb28c533020
data/README.md CHANGED
@@ -22,7 +22,9 @@ access_key_id: AWS_SECRET_KEY
22
22
  secret_access_key: AWS_SECRET_ACCESS_KEY
23
23
  configuration_path: Location to puke
24
24
  key_pair_name: infrastructure@example.com
25
+ instances_file: Location for cache file IE /Users/foo/.vominator/instances-metadata
25
26
  ```
27
+
26
28
  ## Usage
27
29
 
28
30
  Everything with Vominator revolves around the concept of defining products. These products are a logical grouping of resources that describe how your product is deployed and accessed. These products are then associated with an environment so that you can quickly replicate resources between VPCs.
@@ -172,7 +172,7 @@ puke_security_groups.each do |puke_security_group|
172
172
 
173
173
  # Normalize the rules that we defined in puke for the security group.
174
174
  puke_ingress_rules = Array.new
175
- cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/
175
+ cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[0-2][0-9]|3[0-2]))$/
176
176
 
177
177
  puke_security_group['ingress'].each do |rule|
178
178
  #TODO: Normalize all to -1 for ip_protocol
@@ -187,8 +187,8 @@ puke_security_groups.each do |puke_security_group|
187
187
  if rule['source'] =~ cidr_block_regex
188
188
  puke_ingress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => rule['source'], :source_security_group_id => nil})
189
189
  else rule['source']
190
- if vpc_security_groups_id_lookup[puke_security_group_name]
191
- group_id = vpc_security_groups_id_lookup[puke_security_group_name]
190
+ if vpc_security_groups_id_lookup[rule['source']]
191
+ group_id = vpc_security_groups_id_lookup[rule['source']]
192
192
  puke_ingress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => nil, :source_security_group_id => group_id, :source_security_group_name => vpc_security_groups_name_lookup[group_id] })
193
193
  else
194
194
  LOGGER.fatal("Do not recognize #{rule['source']} as a valid cidr block and was unable to resolve this to a valid security group for #{rule} in #{puke_security_group_name}")
@@ -207,17 +207,17 @@ puke_security_groups.each do |puke_security_group|
207
207
  #TODO: Normalize -1 to all for ip_protocol
208
208
  #TODO: if -1 for ip_protocol set :from_port and to_ports
209
209
  rule.ip_ranges.each do |ip_range|
210
- vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => ip_range.cidr_ip, :source_security_group_id => nil })
210
+ vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => ip_range.cidr_ip, :destination_security_group_id => nil })
211
211
  end
212
212
 
213
213
  rule.user_id_group_pairs.each do |group|
214
- vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => nil, :source_security_group_id => group.group_id, :source_security_group_name => vpc_security_groups_name_lookup[group.group_id] })
214
+ vpc_egress_rules.push({ :ip_protocol => rule.ip_protocol, :from_port => rule.from_port, :to_port => rule.to_port, :cidr_ip => nil, :destination_security_group_id => group.group_id, :destination_security_group_name => vpc_security_groups_name_lookup[group.group_id] })
215
215
  end
216
216
  end
217
217
 
218
218
  # Normalize the rules that we defined in puke for the security group.
219
219
  puke_egress_rules = Array.new
220
- cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/
220
+ cidr_block_regex = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[0-2][0-9]|3[0-2]))$/
221
221
 
222
222
  puke_security_group['egress'].each do |rule|
223
223
  #TODO: Normalize all to -1 for ip_protocol
@@ -228,15 +228,15 @@ puke_security_groups.each do |puke_security_group|
228
228
  from_port = rule['ports']
229
229
  to_port = rule['ports']
230
230
  end
231
-
232
- if rule['source'] =~ cidr_block_regex
233
- puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => rule['source'], :source_security_group_id => nil})
234
- else rule['source']
235
- if vpc_security_groups_id_lookup[puke_security_group_name]
236
- group_id = vpc_security_groups_id_lookup[puke_security_group_name]
237
- puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => nil, :source_security_group_id => group_id, :source_security_group_name => vpc_security_groups_name_lookup[group_id] })
231
+
232
+ if rule['destination'] =~ cidr_block_regex
233
+ puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => rule['destination'], :destination_security_group_id => nil})
234
+ else rule['destination']
235
+ if vpc_security_groups_id_lookup[rule['destination']]
236
+ group_id = vpc_security_groups_id_lookup[rule['destination']]
237
+ puke_egress_rules.push({ :ip_protocol => rule['protocol'], :from_port => from_port.to_i, :to_port => to_port.to_i, :cidr_ip => nil, :destination_security_group_id => group_id, :destination_security_group_name => vpc_security_groups_name_lookup[group_id] })
238
238
  else
239
- LOGGER.fatal("Do not recognize #{rule['source']} as a valid cidr block and was unable to resolve this to a valid security group for #{rule} in #{puke_security_group_name}")
239
+ LOGGER.fatal("Do not recognize #{rule['destination']} as a valid cidr block and was unable to resolve this to a valid security group for #{rule} in #{puke_security_group_name}")
240
240
  end
241
241
  end
242
242
  end
@@ -265,19 +265,19 @@ puke_security_groups.each do |puke_security_group|
265
265
  end
266
266
 
267
267
  egress_to_create.each do |rule|
268
- source = rule[:cidr_ip] || rule[:source_security_group_name]
269
- t.add_row ['Outbound'.green, source.green, rule[:from_port].to_s.green, rule[:to_port].to_s.green, rule[:ip_protocol].green, 'Create'.green]
268
+ destination = rule[:cidr_ip] || rule[:destination_security_group_name]
269
+ t.add_row ['Outbound'.green, destination.green, rule[:from_port].to_s.green, rule[:to_port].to_s.green, rule[:ip_protocol].green, 'Create'.green]
270
270
  end
271
271
 
272
272
  egress_to_delete.each do |rule|
273
- source = rule[:cidr_ip] || rule[:source_security_group_name]
274
- t.add_row ['Outbound'.red, source.red, rule[:from_port].to_s.red, rule[:to_port].to_s.red, rule[:ip_protocol].red, 'Delete'.red]
273
+ destination = rule[:cidr_ip] || rule[:destination_security_group_name]
274
+ t.add_row ['Outbound'.red, destination.red, rule[:from_port].to_s.red, rule[:to_port].to_s.red, rule[:ip_protocol].red, 'Delete'.red]
275
275
  end
276
276
 
277
277
  if options[:verbose]
278
278
  ((vpc_egress_rules - egress_to_create) - egress_to_delete).each do |rule|
279
- source = rule[:cidr_ip] || rule[:source_security_group_name]
280
- t.add_row ['Outbound', source, rule[:from_port].to_s, rule[:to_port].to_s, rule[:ip_protocol], nil]
279
+ destination = rule[:cidr_ip] || rule[:destination_security_group_name]
280
+ t.add_row ['Outbound', destination, rule[:from_port].to_s, rule[:to_port].to_s, rule[:ip_protocol], nil]
281
281
  end
282
282
  end
283
283
  end
@@ -311,4 +311,4 @@ puke_security_groups.each do |puke_security_group|
311
311
  end
312
312
  end
313
313
  end
314
- end
314
+ end
data/lib/vominator/ec2.rb CHANGED
@@ -266,16 +266,16 @@ module Vominator
266
266
  end
267
267
 
268
268
  if rule[:cidr_ip]
269
- client.authorize_security_group_ingress({group_id: group_id, cidr_ip: rule[:cidr_ip], ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port]})
269
+ client.authorize_security_group_ingress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], ip_ranges: [{cidr_ip: rule[:cidr_ip]}]}]})
270
270
  end
271
271
 
272
272
  when 'egress'
273
- if rule[:source_security_group_id]
274
- client.authorize_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:source_security_group_id]}]}]})
273
+ if rule[:destination_security_group_id]
274
+ client.authorize_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:destination_security_group_id]}]}]})
275
275
  end
276
276
 
277
277
  if rule[:cidr_ip]
278
- client.authorize_security_group_egress({group_id: group_id, cidr_ip: rule[:cidr_ip], ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port]})
278
+ client.authorize_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], ip_ranges: [{cidr_ip: rule[:cidr_ip]}]}]})
279
279
  end
280
280
  else
281
281
  return false
@@ -294,8 +294,8 @@ module Vominator
294
294
  end
295
295
 
296
296
  when 'egress'
297
- if rule[:source_security_group_id]
298
- client.revoke_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:source_security_group_id]}]}]})
297
+ if rule[:destination_security_group_id]
298
+ client.revoke_security_group_egress({group_id: group_id, ip_permissions: [{ip_protocol: rule[:ip_protocol], from_port: rule[:from_port], to_port: rule[:to_port], user_id_group_pairs: [{group_id: rule[:destination_security_group_id]}]}]})
299
299
  end
300
300
 
301
301
  if rule[:cidr_ip]
@@ -1,3 +1,3 @@
1
1
  module Vominator
2
- VERSION = "0.0.2"
2
+ VERSION = "0.0.3"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vominator
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Kelly
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2016-02-24 00:00:00.000000000 Z
13
+ date: 2016-02-25 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: aws-sdk