yle_tf 1.0.0 → 1.4.0

data/lib/yle_tf/error.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class YleTf
   # Base class for yle_tf errors
   Error = Class.new(StandardError)

data/lib/yle_tf/helpers/hash.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require_relative '../../../vendor/hash_deep_merge'
+
+class YleTf
+  module Helpers
+    module Hash
+      module_function
+
+      # Returns deep merged new Hash
+      def deep_merge(target, source)
+        target.deep_merge(source)
+      end
+
+      # Returns deep copy of a Hash.
+      # `dup` and `clone` only return shallow copies.
+      def deep_copy(hash)
+        Marshal.load(Marshal.dump(hash))
+      end
+    end
+  end
+end

data/lib/yle_tf/logger.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'forwardable'
 require 'logger'
 require 'rubygems'
@@ -21,7 +23,6 @@ class YleTf
 
     def self.logger
       @logger ||= ::Logger.new(DEVICE).tap do |logger|
-        patch_for_old_ruby(logger)
         logger.level = log_level
         logger.formatter = log_formatter
       end
@@ -63,14 +64,5 @@ class YleTf
         :brown
       end
     end
-
-    # Patches the `::Logger` in older Ruby versions to
-    # accept log level as a `String`
-    def self.patch_for_old_ruby(logger)
-      if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.3')
-        require_relative '../../vendor/logger_level_patch'
-        logger.extend(LoggerLevelPatch)
-      end
-    end
   end
 end

data/lib/yle_tf/logger/colorize.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class YleTf
   module Logger
     module Colorize

data/lib/yle_tf/plugin.rb

@@ -1,9 +1,12 @@
+# frozen_string_literal: true
+
 class YleTf
   class Plugin
     autoload :ActionHook, 'yle_tf/plugin/action_hook'
     autoload :Loader, 'yle_tf/plugin/loader'
     autoload :Manager, 'yle_tf/plugin/manager'
 
+    DEFAULT_BACKEND = Object.new.freeze
     DEFAULT_COMMAND = Object.new.freeze
 
     def self.manager
@@ -30,7 +33,7 @@ class YleTf
       name = name.to_s if name.is_a?(Symbol)
       commands[name] = {
         synopsis: synopsis,
-        proc: block
+        proc:     block
       }
     end
 
@@ -49,7 +52,8 @@ class YleTf
     end
 
     def self.backend(type, &block)
-      backends[type.to_sym] = block
+      type = type.to_s if type.is_a?(Symbol)
+      backends[type] = block
     end
   end
 end

data/lib/yle_tf/plugin/action_hook.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class YleTf
   class Plugin
     class ActionHook

data/lib/yle_tf/plugin/loader.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 
 class YleTf
@@ -13,7 +15,7 @@ class YleTf
 
       def self.load_core_plugins
         core_plugins.each do |plugin_file|
-          Logger.debug("Loading core plugin: #{File.basename(plugin_file, '.rb')}")
+          Logger.debug { "Loading core plugin: #{core_plugin_name(plugin_file)}" }
           load(plugin_file)
         end
       end
@@ -36,6 +38,11 @@ class YleTf
         Dir.glob(File.expand_path('../../yle_tf_plugins/**/plugin.rb', __dir__))
       end
 
+      def self.core_plugin_name(path)
+        m = %r{.*/yle_tf_plugins/(?<name>.+?)/plugin\.rb$}.match(path)
+        m ? m[:name] : path
+      end
+
       def self.bundler_plugins
         plugins = Bundler.definition.current_dependencies.select do |dep|
           dep.groups.include?(BUNDLER_PLUGIN_GROUP)

data/lib/yle_tf/plugin/manager.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 
 class YleTf
@@ -42,6 +44,7 @@ class YleTf
           registered.each do |plugin|
             backends.merge!(plugin.backends)
           end
+          backends.default = backends.delete(DEFAULT_BACKEND)
         end
       end
     end

data/lib/yle_tf/system.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 require 'English'
 require 'open3'
 require 'shellwords'
+require 'stringio'
 require 'thwait'
 require 'yle_tf/error'
 require 'yle_tf/logger'
@@ -14,7 +17,7 @@ class YleTf
     DEFAULT_ERROR_HANDLER = ->(_exit_code, error) { raise error }.freeze
 
     DEFAULT_IO_HANDLERS = {
-      stdin: :dev_null,
+      stdin:  :dev_null,
       stdout: :info,
       stderr: :error
     }.freeze
@@ -44,7 +47,7 @@ class YleTf
 
     def self.read_cmd(*args, **opts)
       buffer = StringIO.new
-      cmd(*args, opts.merge(stdout: buffer))
+      cmd(*args, **opts.merge(stdout: buffer))
       buffer.string
     end
 

data/lib/yle_tf/system/io_handlers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/error'
 require 'yle_tf/logger'
 require 'yle_tf/system/output_logger'
@@ -22,6 +24,7 @@ class YleTf
           if !handler.respond_to?(:call)
             raise YleTf::Error, "Unknown input handler #{handler.inspect}"
           end
+
           handler
         end
       end
@@ -42,6 +45,7 @@ class YleTf
           if !handler.respond_to?(:call)
             raise YleTf::Error, "Unknown output handler #{handler.inspect}"
           end
+
           handler
         end
       end
@@ -104,7 +108,7 @@ class YleTf
         while (data = source.readpartial(BLOCK_SIZE))
           target.write(data)
         end
-      rescue EOFError # rubocop:disable Lint/HandleExceptions
+      rescue EOFError # rubocop:disable Lint/SuppressedException
         # All read
       rescue IOError => e
         YleTf::Logger.debug e.full_message

data/lib/yle_tf/system/output_logger.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 
 class YleTf

data/lib/yle_tf/system/tf_hook_output_logger.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 require 'yle_tf/system/output_logger'
 

data/lib/yle_tf/tf_hook.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fileutils'
 require 'tmpdir'
 
@@ -14,8 +16,8 @@ class YleTf
     def self.from_config(config, tf_env)
       TfHook.new(
         description: config['description'],
-        source: config['source'],
-        vars: merge_vars(config['vars'], tf_env)
+        source:      config['source'],
+        vars:        merge_vars(config['vars'], tf_env)
       )
     end
 
@@ -23,7 +25,7 @@ class YleTf
     def self.from_file(path)
       TfHook.new(
         description: File.basename(path),
-        path: path
+        path:        path
       )
     end
 
@@ -43,10 +45,10 @@ class YleTf
       Logger.info("Running hook '#{description}'")
       YleTf::System.cmd(
         path,
-        env: vars.merge(tf_vars),
+        env:      vars.merge(tf_vars),
         progname: File.basename(path),
-        stdout: System::TfHookOutputLogger.new(:info),
-        stderr: System::TfHookOutputLogger.new(:error)
+        stdout:   System::TfHookOutputLogger.new(:info),
+        stderr:   System::TfHookOutputLogger.new(:error)
       )
     ensure
       delete_tmpdir
@@ -57,9 +59,9 @@ class YleTf
       raise Error, "Invalid or missing `source` for hook '#{description}'" if !m
 
       {
-        uri: m[:uri],
+        uri:  m[:uri],
         path: m[:path],
-        ref: m[:ref] || 'master'
+        ref:  m[:ref] || 'master'
       }
     end
 
@@ -83,7 +85,7 @@ class YleTf
     end
 
     def delete_tmpdir
-      FileUtils.rm_r(@tmpdir) if @tmpdir && Dir.exist?(@tmpdir)
+      FileUtils.rm_rf(@tmpdir, secure: true) if @tmpdir && Dir.exist?(@tmpdir)
       @tmpdir = nil
     end
 

data/lib/yle_tf/tf_hook/runner.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 require 'yle_tf/tf_hook'
 

data/lib/yle_tf/vars_file.rb

@@ -1,6 +1,8 @@
+# frozen_string_literal: true
+
 class YleTf
   class VarsFile
-    ENV_DIR = 'envs'.freeze
+    ENV_DIR = 'envs'
 
     # Returns the env specific tfvars file path if it exists
     def self.find_env_vars_file(config)
@@ -10,7 +12,7 @@ class YleTf
 
     # Returns all envs that have tfvars files
     def self.list_all_envs(config)
-      Dir.glob("#{config.module_dir}/#{ENV_DIR}/*.tfvars").map do |path|
+      Dir.glob("#{config.module_dir}/#{ENV_DIR}/*.tfvars").sort.map do |path|
         File.basename(path, '.tfvars')
       end
     end
@@ -36,9 +38,20 @@ class YleTf
       File.open(path, 'a') do |file|
         file.puts # ensure we don't append to an existing line
         vars.each do |key, value|
-          file.puts %(#{key} = "#{value}")
+          file.puts "#{key} = #{eval_value(value)}"
         end
       end
     end
+
+    def eval_value(value)
+      case value
+      when Hash
+        %({ #{value.map { |k, v| "#{k} = #{eval_value(v)}" }.join(', ')} })
+      when Array
+        %([ #{value.map { |item| eval_value(item) }.join(', ')} ])
+      else
+        %("#{value}")
+      end
+    end
   end
 end

data/lib/yle_tf/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class YleTf
-  VERSION = '1.0.0'.freeze
+  VERSION = '1.4.0'
 end

data/lib/yle_tf/version_requirement.rb

@@ -1,13 +1,10 @@
+# frozen_string_literal: true
+
 require 'rubygems'
 
 class YleTf
   # Helper class for comparing versions
   class VersionRequirement
-    # Checks if the specified Terrform version is older than 0.9
-    def self.pre_0_9?(terraform_version)
-      new('< 0.9.0-beta').satisfied_by?(terraform_version)
-    end
-
     attr_reader :requirement
 
     def initialize(requirement)

data/lib/yle_tf_plugins/backends/{s3 → __default}/plugin.rb

@@ -1,14 +1,16 @@
+# frozen_string_literal: true
+
 require 'yle_tf'
+require 'yle_tf/backend'
 
 module YleTfPlugins
   module Backends
-    module S3
+    module Default
       class Plugin < YleTf::Plugin
         register
 
-        backend('s3') do
-          require_relative 'command'
-          Command
+        backend(DEFAULT_BACKEND) do
+          YleTf::Backend
         end
       end
     end

data/lib/yle_tf_plugins/backends/file/backend.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+require 'fileutils'
+require 'pathname'
+require 'shellwords'
+
+require 'yle_tf/backend'
+require 'yle_tf/logger'
+require 'yle_tf/system'
+
+module YleTfPlugins
+  module Backends
+    module File
+      class Backend < YleTf::Backend
+        def configure
+          if !encrypt?
+            create_tfstate(tfstate_path)
+            symlink_tfstate
+          elsif tfstate_path.exist?
+            decrypt_tfstate
+          end
+        end
+
+        def tear_down
+          encrypt_tfstate if encrypt? && local_tfstate_path.exist?
+        end
+
+        def create_tfstate(path)
+          return if path.exist?
+
+          YleTf::Logger.debug('Creating state file')
+          path.write(tfstate_template, perm: 0o644)
+        end
+
+        def symlink_tfstate
+          YleTf::Logger.info("Symlinking state to '#{tfstate_path}'")
+          local_tfstate_path.make_symlink(tfstate_path)
+        end
+
+        def encrypt?
+          config.fetch('backend', type, 'encrypt')
+        end
+
+        def decrypt_tfstate
+          YleTf::Logger.info("Decrypting state from '#{tfstate_path}'")
+
+          cmd = config.fetch('backend', type, 'decrypt_command')
+          cmd.gsub!('{{FROM}}', tfstate_path.to_s)
+          cmd.gsub!('{{TO}}', local_tfstate_path.to_s)
+
+          # Split the command to have nicer logs
+          YleTf::System.cmd(*Shellwords.split(cmd))
+        end
+
+        def encrypt_tfstate
+          YleTf::Logger.info("Encrypting state to '#{tfstate_path}'")
+
+          cmd = config.fetch('backend', type, 'encrypt_command')
+          cmd.gsub!('{{FROM}}', local_tfstate_path.to_s)
+          cmd.gsub!('{{TO}}', tfstate_path.to_s)
+
+          YleTf::System.cmd(*Shellwords.split(cmd),
+                            error_handler: method(:on_encrypt_error))
+        end
+
+        def on_encrypt_error(_exit_code, error)
+          plain_tfstate_path = "#{tfstate_path}.plaintext"
+
+          YleTf::Logger.warn("Copying unencrypted state to '#{plain_tfstate_path}'")
+          FileUtils.cp(local_tfstate_path.to_s, plain_tfstate_path)
+
+          raise error
+        end
+
+        def tfstate_path
+          @tfstate_path ||= config.module_dir.join(config.fetch('backend', type, 'path'))
+        end
+
+        def local_tfstate_path
+          @local_tfstate_path ||= Pathname.pwd.join('terraform.tfstate')
+        end
+
+        def tfstate_template
+          '{"version": 1}'
+        end
+      end
+    end
+  end
+end