dbt-platform-helper 10.9.1__py3-none-any.whl → 10.11.0__py3-none-any.whl

dbt_platform_helper/commands/copilot.py

@@ -222,6 +222,9 @@ def _get_s3_kms_alias_arns(session, application_name, config):
         if environment_name not in config:
             continue
 
+        if "bucket_name" not in config[environment_name]:
+            continue
+
         bucket_name = config[environment_name]["bucket_name"]
         kms_client = application.environments[environment_name].session.client("kms")
         alias_name = f"alias/{application_name}-{environment_name}-{bucket_name}-key"
@@ -313,6 +316,8 @@ def make_addons():
         log_destination_arns = get_log_destination_arn()
 
         if addon_type in ["s3", "s3-policy"]:
+            if config[addon_name].get("serve_static_content"):
+                continue
             if is_terraform:
                 s3_kms_arns = _get_s3_kms_alias_arns(session, application_name, environments)
                 for environment_name in environments:

dbt_platform_helper/commands/environment.py

@@ -250,7 +250,7 @@ def get_cert_arn(session, application, env_name):
     return arn
 
 
-def get_env_ips(vpc: str, application_environment: Environment):
+def get_env_ips(vpc: str, application_environment: Environment) -> List[str]:
     account_name = f"{application_environment.session.profile_name}-vpc"
     vpc_name = vpc if vpc else account_name
     ssm_client = application_environment.session.client("ssm")
@@ -275,8 +275,6 @@ def generate(name, vpc_name):
         )
         raise click.Abort
 
-    session = get_aws_session_or_abort()
-
     try:
         conf = load_and_validate_platform_config()
     except SchemaError as ex:
@@ -284,6 +282,9 @@ def generate(name, vpc_name):
         raise click.Abort
 
     env_config = apply_environment_defaults(conf)["environments"][name]
+    profile_for_environment = env_config.get("accounts", {}).get("deploy", {}).get("name")
+    click.secho(f"Using {profile_for_environment} for this AWS session")
+    session = get_aws_session_or_abort(profile_for_environment)
 
     _generate_copilot_environment_manifests(name, conf["application"], env_config, session)
 
@@ -482,11 +483,8 @@ def delete_listener_rule(tag_descriptions: list, tag_name: str, lb_client: boto3
         tags = {t["Key"]: t["Value"] for t in description["Tags"]}
         if tags.get("name") == tag_name:
             current_rule_arn = description["ResourceArn"]
-
-    if not current_rule_arn:
-        return current_rule_arn
-
-    lb_client.delete_rule(RuleArn=current_rule_arn)
+            if current_rule_arn:
+                lb_client.delete_rule(RuleArn=current_rule_arn)
 
     return current_rule_arn
 
@@ -500,7 +498,7 @@ def remove_maintenance_page(session: boto3.Session, listener_arn: str):
         "TagDescriptions"
     ]
 
-    for name in ["MaintenancePage", "AllowedIps", "BypassIpFilter"]:
+    for name in ["MaintenancePage", "AllowedIps", "BypassIpFilter", "AllowedSourceIps"]:
         deleted = delete_listener_rule(tag_descriptions, name, lb_client)
 
         if name == "MaintenancePage" and not deleted:
@@ -520,15 +518,7 @@ def get_rules_tag_descriptions(rules: list, lb_client):
     return tag_descriptions
 
 
-def create_header_rule(
-    lb_client: boto3.client,
-    listener_arn: str,
-    target_group_arn: str,
-    header_name: str,
-    values: list,
-    rule_name: str,
-    priority: int,
-):
+def get_host_conditions(lb_client: boto3.client, listener_arn: str, target_group_arn: str):
     rules = lb_client.describe_rules(ListenerArn=listener_arn)["Rules"]
 
     # Get current set of forwarding conditions for the target group
@@ -549,6 +539,20 @@ def create_header_rule(
         v for v in conditions[0]["HostHeaderConfig"]["Values"]
     ]
 
+    return conditions
+
+
+def create_header_rule(
+    lb_client: boto3.client,
+    listener_arn: str,
+    target_group_arn: str,
+    header_name: str,
+    values: list,
+    rule_name: str,
+    priority: int,
+):
+    conditions = get_host_conditions(lb_client, listener_arn, target_group_arn)
+
     # add new condition to existing conditions
     combined_conditions = [
         {
@@ -573,6 +577,40 @@ def create_header_rule(
     )
 
 
+def create_source_ip_rule(
+    lb_client: boto3.client,
+    listener_arn: str,
+    target_group_arn: str,
+    values: list,
+    rule_name: str,
+    priority: int,
+):
+    conditions = get_host_conditions(lb_client, listener_arn, target_group_arn)
+
+    # add new condition to existing conditions
+    combined_conditions = [
+        {
+            "Field": "source-ip",
+            "SourceIpConfig": {"Values": [value + "/32" for value in values]},
+        }
+    ] + conditions
+
+    lb_client.create_rule(
+        ListenerArn=listener_arn,
+        Priority=priority,
+        Conditions=combined_conditions,
+        Actions=[{"Type": "forward", "TargetGroupArn": target_group_arn}],
+        Tags=[
+            {"Key": "name", "Value": rule_name},
+        ],
+    )
+
+    click.secho(
+        f"Creating listener rule {rule_name} for HTTPS Listener with arn {listener_arn}.\n\nIf request source ip matches one of the values {values}, the request will be forwarded to target group with arn {target_group_arn}.",
+        fg="green",
+    )
+
+
 def add_maintenance_page(
     session: boto3.Session,
     listener_arn: str,
@@ -608,6 +646,14 @@ def add_maintenance_page(
                 "AllowedIps",
                 forwarded_rule_priority,
             )
+            create_source_ip_rule(
+                lb_client,
+                listener_arn,
+                target_group_arn,
+                [ip],
+                "AllowedSourceIps",
+                forwarded_rule_priority + 1,
+            )
 
         bypass_rule_priority = service_number
         create_header_rule(

dbt_platform_helper/custom_resources/s3_object.py

@@ -72,10 +72,12 @@ def handler(event, context):
                 Key=properties["S3ObjectKey"],
             )
         else:
+            content_type = properties.get("S3ObjectContentType", "binary/octet-stream")
             s3_client.put_object(
                 Bucket=properties["S3Bucket"],
                 Key=properties["S3ObjectKey"],
                 Body=properties["S3ObjectBody"].encode("utf-8"),
+                ContentType=content_type,
             )
 
         send_response(event, context, "SUCCESS", f"{request_type}d")

dbt_platform_helper/templates/addons/env/redis-cluster.yml

@@ -35,20 +35,6 @@ Mappings:
       CacheParameterGroupFamily: 'redis7.x'
     '6.2':
       CacheParameterGroupFamily: 'redis6.x'
-    '6.0':
-      CacheParameterGroupFamily: 'redis6.x'
-    '5.0.6':
-      CacheParameterGroupFamily: 'redis5.0'
-    '5.0.4':
-      CacheParameterGroupFamily: 'redis5.0'
-    '5.0.3':
-      CacheParameterGroupFamily: 'redis5.0'
-    '5.0.0':
-      CacheParameterGroupFamily: 'redis5.0'
-    '4.0.10':
-      CacheParameterGroupFamily: 'redis4.0'
-    '3.2.6':
-      CacheParameterGroupFamily: 'redis3.2'
 
 Conditions:
   {{ addon_config.prefix }}HasAutomaticFailoverEnabled: !Not [!Equals [!FindInMap [{{ addon_config.prefix }}EnvironmentConfigMap, !Ref Env, NumReplicas], 0]]

dbt_platform_helper/templates/addons/env/s3.yml

@@ -201,6 +201,9 @@ Resources:
       S3Bucket: !Ref {{ addon_config.prefix }}Bucket
       S3ObjectKey: {{ s3object.key }}
       S3ObjectBody: {{ s3object.body }}
+      {% if s3object.content_type %} 
+      S3ObjectContentType: {{ s3object.content_type }}
+      {% endif %}
 {% endfor %}
 {% endif %}
 

dbt_platform_helper/utils/validation.py

@@ -180,7 +180,7 @@ REDIS_PLANS = Or(
     "x-large-ha",
 )
 
-REDIS_ENGINE_VERSIONS = Or("4.0.10", "5.0.6", "6.0", "6.2", "7.0", "7.1")
+REDIS_ENGINE_VERSIONS = Or("6.2", "7.0", "7.1")
 
 REDIS_DEFINITION = {
     "type": "redis",
@@ -308,6 +308,7 @@ DATA_MIGRATION = {
 
 S3_BASE = {
     Optional("readonly"): bool,
+    Optional("serve_static_content"): bool,
     Optional("services"): Or("__all__", [str]),
     Optional("environments"): {
         ENV_NAME: {
@@ -328,12 +329,7 @@ S3_DEFINITION = dict(S3_BASE)
 S3_DEFINITION.update(
     {
         "type": "s3",
-        Optional("objects"): [
-            {
-                "key": str,
-                Optional("body"): str,
-            }
-        ],
+        Optional("objects"): [{"key": str, Optional("body"): str, Optional("content_type"): str}],
     }
 )
 

{dbt_platform_helper-10.9.1.dist-info → dbt_platform_helper-10.11.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dbt-platform-helper
-Version: 10.9.1
+Version: 10.11.0
 Summary: Set of tools to help transfer applications/services from GOV.UK PaaS to DBT PaaS augmenting AWS Copilot.
 License: MIT
 Author: Department for Business and Trade Platform Team

{dbt_platform_helper-10.9.1.dist-info → dbt_platform_helper-10.11.0.dist-info}/RECORD

@@ -9,10 +9,10 @@ dbt_platform_helper/commands/check_cloudformation.py,sha256=aLif3yMHKuZO0uvdUjTH
 dbt_platform_helper/commands/codebase.py,sha256=NchJzH-yxv5mXCe2rPyXVNHmXGEvjFUv0KhMKYsLNNQ,11380
 dbt_platform_helper/commands/conduit.py,sha256=M_-Lrcph4c4PFivfEzDEL2_PW_OzZaOtZXpgo_Ao3DU,14882
 dbt_platform_helper/commands/config.py,sha256=NOHea7OAjrl6XHlW6HMLn0m0T5lFPyNH3HXoyCOWsJk,12070
-dbt_platform_helper/commands/copilot.py,sha256=hGaF3631BCx9SKyY7BB-xK0B9cENK9UKffGiDO2Cp0Q,16556
+dbt_platform_helper/commands/copilot.py,sha256=euid0FTlVtwKmBQ6vxt_HxtBdRYiVQvb-9CyrK1-MWc,16724
 dbt_platform_helper/commands/database.py,sha256=-DacXZ2LhwV3CRukG35urEU2TuNVZHppUA3EhbBNjUs,4840
 dbt_platform_helper/commands/dns.py,sha256=o7PkvHktZo0jmqbx0krJTL0R4GtWSf1rF2KDEWor8Ts,35211
-dbt_platform_helper/commands/environment.py,sha256=MJcqYBGxMl3oZIJqnbUNNBbwi5WCShLujMUFgGlmzy8,23147
+dbt_platform_helper/commands/environment.py,sha256=VNr7G1QstM8INGs8jOxL1jQRqDcWx2Q0jaaBXtbHhys,24819
 dbt_platform_helper/commands/generate.py,sha256=YLCPb-xcPapGcsLn-7d1Am7BpGp5l0iecIDTOdNGjHk,722
 dbt_platform_helper/commands/notify.py,sha256=kVJ0s78QMiaEWPVKu_bbMko4DW2uJy2fu8-HNJsglyk,3748
 dbt_platform_helper/commands/pipeline.py,sha256=jQGwCRpJ_hXK988XmLHzRBHDWmhFzZb37wa75KuSd0M,5945
@@ -20,7 +20,7 @@ dbt_platform_helper/commands/secrets.py,sha256=2NtV5FGx-ErkMg2QMiDvFOp03cKVbLzgm
 dbt_platform_helper/commands/version.py,sha256=2r6c3-PSMMY_VAU32UNaPJJXOsouX1MQDWXnx3ZpGJI,1474
 dbt_platform_helper/constants.py,sha256=fzN2VZt81mspNfdYpNef5_eEjDVsh8GUYmhBMTIfPvI,232
 dbt_platform_helper/custom_resources/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dbt_platform_helper/custom_resources/s3_object.py,sha256=wJftyeHWUO2egObsNeQpStYI96e-vAJWJh6pq2CxV24,2396
+dbt_platform_helper/custom_resources/s3_object.py,sha256=0mhLuKD0-vwuN1qmnLCrLo2qL58FvtCjNNjH34kac6Y,2526
 dbt_platform_helper/default-extensions.yml,sha256=SU1ZitskbuEBpvE7efc3s56eAUF11j70brhj_XrNMMo,493
 dbt_platform_helper/exceptions.py,sha256=BeqhBQHXS57ROwEEGCnd9qcMDbuKvsdeiYRUuTlhe4w,499
 dbt_platform_helper/jinja2_tags.py,sha256=jFyN_Sxmko1GSfvrqRIGQ80CCW8EwlCV3su0ahJPfoE,541
@@ -38,8 +38,8 @@ dbt_platform_helper/templates/addons/env/aurora-postgres.yml,sha256=El0jTaWqWy5C
 dbt_platform_helper/templates/addons/env/monitoring.yml,sha256=ZjvKhrhg6hIoQ51n0jl94z5I8ue_XQp-sypsDVQLiwY,6085
 dbt_platform_helper/templates/addons/env/opensearch.yml,sha256=Ay0IAE8AWMEUjBRpMWyI4qLFmdwNkQwAN1ciTnuKb5c,10874
 dbt_platform_helper/templates/addons/env/rds-postgres.yml,sha256=uz7I9u8c-25ergwzNe1EQTT9TadlekeRyhgdpyNbCOo,25645
-dbt_platform_helper/templates/addons/env/redis-cluster.yml,sha256=dx6dYniLdhcX-hnSF6RKaO5ZWewAOYqHgX_MMhPkcjs,7634
-dbt_platform_helper/templates/addons/env/s3.yml,sha256=rnbmYKWi-SKRjCEyn1duTiv-1IcZA06Rd9wLcnoK9FU,7647
+dbt_platform_helper/templates/addons/env/redis-cluster.yml,sha256=lUqoNgomx5FzoAplRcqT1BDMeXHTXZ16Or5Xd0Sz2eg,7236
+dbt_platform_helper/templates/addons/env/s3.yml,sha256=E0ikzN7ztk61rPjUXoKbAujgWcm6MRiDfHzShflBQPA,7758
 dbt_platform_helper/templates/addons/env/vpc.yml,sha256=Bi-RDr58u-X5J6VHRUxSKDCJ0ddbY79gec6kB69sz8w,3679
 dbt_platform_helper/templates/addons/svc/appconfig-ipfilter.yml,sha256=nBIXV4um4jIvXs3Q5QycHqVpJODK5yg_M-xJT6AOBKE,977
 dbt_platform_helper/templates/addons/svc/prometheus-policy.yml,sha256=cxt0N_MVs-29IX213B6H64-5aWVQNDUR5UnYbLlhX2I,1032
@@ -93,11 +93,11 @@ dbt_platform_helper/utils/manifests.py,sha256=ji3UYHCxq9tTpkm4MlRa2y0-JOYYqq1pWZ
 dbt_platform_helper/utils/messages.py,sha256=aLx6s9utt__IqlDdeIYq4n82ERwludu2Zfqy0Q2t-x8,115
 dbt_platform_helper/utils/platform_config.py,sha256=dEGB6peHB1ywYSdS71JGxbWIuTFRaeQfWelksX9v6bQ,608
 dbt_platform_helper/utils/template.py,sha256=raRx4QUCVJtKfvJK08Egg6gwWcs3r3V4nPWcJW4xNhA,574
-dbt_platform_helper/utils/validation.py,sha256=HhBBDEhvw0hExVRG2d4QiUCXSje_rwcuzlIlEuGIKPQ,23719
+dbt_platform_helper/utils/validation.py,sha256=2XMizmCGk4oTVU67q72cdc8eyOzL0wxhe7DframhQ8Q,23699
 dbt_platform_helper/utils/versioning.py,sha256=h3veQpFoiOjYY9dRVppcBDzVfgZerT0lXuE9QCTo5-c,10710
 platform_helper.py,sha256=zjsZKcbyrEQbKfERi0JG8JEL-MgG6EjxIMiWT66kCVg,2299
-dbt_platform_helper-10.9.1.dist-info/LICENSE,sha256=dP79lN73--7LMApnankTGLqDbImXg8iYFqWgnExGkGk,1090
-dbt_platform_helper-10.9.1.dist-info/METADATA,sha256=QwBeXbo-g5zBnm8jfaDk8NaRBIcK_1V8aVFeU2PodB8,3126
-dbt_platform_helper-10.9.1.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-dbt_platform_helper-10.9.1.dist-info/entry_points.txt,sha256=QhbY8F434A-onsg0-FsdMd2U6HKh6Q7yCFFZrGUh5-M,67
-dbt_platform_helper-10.9.1.dist-info/RECORD,,
+dbt_platform_helper-10.11.0.dist-info/LICENSE,sha256=dP79lN73--7LMApnankTGLqDbImXg8iYFqWgnExGkGk,1090
+dbt_platform_helper-10.11.0.dist-info/METADATA,sha256=R2rfcAwazxqT20_XZoW-CZeaGjBLSuHIJSchxQJ4Kh4,3127
+dbt_platform_helper-10.11.0.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+dbt_platform_helper-10.11.0.dist-info/entry_points.txt,sha256=QhbY8F434A-onsg0-FsdMd2U6HKh6Q7yCFFZrGUh5-M,67
+dbt_platform_helper-10.11.0.dist-info/RECORD,,