spaceforge 1.2.1__tar.gz → 1.3.0__tar.gz

{spaceforge-1.2.1 → spaceforge-1.3.0}/.github/workflows/ci.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ['3.10', '3.11']
+        python-version: ['3.10', '3.11', '3.12']
     
     steps:
     - uses: actions/checkout@v4

{spaceforge-1.2.1/spaceforge.egg-info → spaceforge-1.3.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: spaceforge
-Version: 1.2.1
+Version: 1.3.0
 Summary: A Python framework for building Spacelift plugins
 Author-email: Spacelift <support@spacelift.io>
 Maintainer-email: Spacelift <support@spacelift.io>
@@ -14,13 +14,12 @@ Classifier: Development Status :: 3 - Alpha
 Classifier: Intended Audience :: Developers
 Classifier: Operating System :: OS Independent
 Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Classifier: Topic :: System :: Systems Administration
-Requires-Python: >=3.9
+Requires-Python: >=3.10
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: PyYAML>=6.0
@@ -31,7 +30,7 @@ Requires-Dist: mergedeep>=1.3.4
 Provides-Extra: dev
 Requires-Dist: pytest>=6.0; extra == "dev"
 Requires-Dist: pytest-cov; extra == "dev"
-Requires-Dist: black; extra == "dev"
+Requires-Dist: black>=26.1.0; extra == "dev"
 Requires-Dist: isort; extra == "dev"
 Requires-Dist: mypy; extra == "dev"
 Requires-Dist: pylint; extra == "dev"

spaceforge-1.3.0/plugins/aws_sam/README.md

@@ -0,0 +1,43 @@
+# AWS SAM Plugin
+
+Packages AWS SAM templates into CloudFormation templates for Spacelift's CloudFormation integration.
+
+## Overview
+
+This plugin runs `sam package` before initialization to convert SAM templates to CloudFormation,
+enabling you to deploy serverless applications through Spacelift's CloudFormation workflow.
+
+## Prerequisites
+
+- A CloudFormation stack configured in Spacelift
+- SAM template in your repository
+- S3 bucket for template storage (configured via Spacelift CloudFormation settings)
+
+## Configuration
+
+### Parameters
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| S3 Prefix | S3 prefix for SAM artifacts | `sam-artifacts` |
+| Additional Arguments | Extra arguments for `sam package` | (empty) |
+
+### Required Environment Variables
+
+These are automatically set by Spacelift's CloudFormation integration:
+
+- `CF_METADATA_REGION`: AWS region
+- `CF_METADATA_TEMPLATE_BUCKET`: S3 bucket for templates
+- `CF_METADATA_ENTRY_TEMPLATE_FILE`: Output template path
+
+## Usage
+
+1. Create a CloudFormation stack in Spacelift pointing to your SAM template
+2. Install and attach this plugin to the stack
+3. The plugin automatically packages your SAM template before each run
+
+## References
+
+- [Spacelift CloudFormation Getting Started](https://docs.spacelift.io/vendors/cloudformation/getting-started)
+- [Spacelift CloudFormation Reference](https://docs.spacelift.io/vendors/cloudformation/reference)
+- [AWS SAM CLI Documentation](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-package.html)

spaceforge-1.3.0/plugins/aws_sam/plugin.py

@@ -0,0 +1,142 @@
+import os
+
+from spaceforge import Context, Parameter, SpaceforgePlugin, Variable
+
+
+class AwsSamPlugin(SpaceforgePlugin):
+    """
+    The AWS SAM plugin packages SAM templates into CloudFormation templates
+    for use with Spacelift's CloudFormation integration.
+
+    This plugin runs `sam package` before initialization to:
+    - Package the SAM application
+    - Upload artifacts to S3
+    - Generate a CloudFormation template for Spacelift to process
+
+    ## Usage
+
+    1. Install the plugin in your Spacelift account
+    2. Attach it to CloudFormation stacks using SAM templates
+    3. Configure the required environment variables via Spacelift contexts
+    4. The plugin runs automatically before init, generating the CF template
+
+    ## Required Environment Variables
+
+    These are typically set by Spacelift's CloudFormation integration:
+    - `CF_METADATA_REGION`: AWS region for packaging
+    - `CF_METADATA_TEMPLATE_BUCKET`: S3 bucket for template storage
+    - `CF_METADATA_ENTRY_TEMPLATE_FILE`: Output template file path
+
+    ## Configuration
+
+    - **S3 Prefix**: Prefix for SAM artifacts in S3 (default: `sam-artifacts`)
+    - **Additional Arguments**: Extra arguments to pass to `sam package`
+    """
+
+    __plugin_name__ = "AWS SAM"
+    __author__ = "tetienne"
+    __version__ = "1.0.0"
+    __labels__ = ["cloudformation", "sam", "serverless"]
+
+    __parameters__ = [
+        Parameter(
+            name="S3 Prefix",
+            id="sam_s3_prefix",
+            description="S3 prefix for SAM artifacts",
+            default="sam-artifacts",
+            type="string",
+            required=False,
+        ),
+        Parameter(
+            name="Additional Arguments",
+            id="sam_additional_args",
+            description="Additional command-line arguments to pass to sam package",
+            default="",
+            type="string",
+            required=False,
+        ),
+    ]
+
+    __contexts__ = [
+        Context(
+            name_prefix="aws_sam",
+            description="AWS SAM Plugin",
+            env=[
+                Variable(
+                    key="SAM_S3_PREFIX",
+                    value_from_parameter="sam_s3_prefix",
+                ),
+                Variable(
+                    key="SAM_ADDITIONAL_ARGS",
+                    value_from_parameter="sam_additional_args",
+                ),
+            ],
+        )
+    ]
+
+    def before_init(self):
+        """
+        Execute sam package before Spacelift initialization.
+
+        This generates the CloudFormation template from the SAM template,
+        uploading artifacts to S3 and outputting the packaged template
+        for Spacelift's CloudFormation flow.
+        """
+        try:
+            # Get required environment variables
+            region = os.environ.get("CF_METADATA_REGION")
+            template_bucket = os.environ.get("CF_METADATA_TEMPLATE_BUCKET")
+            output_template = os.environ.get("CF_METADATA_ENTRY_TEMPLATE_FILE")
+
+            if not region:
+                self.logger.error("CF_METADATA_REGION environment variable is required")
+                exit(1)
+            if not template_bucket:
+                self.logger.error(
+                    "CF_METADATA_TEMPLATE_BUCKET environment variable is required"
+                )
+                exit(1)
+            if not output_template:
+                self.logger.error(
+                    "CF_METADATA_ENTRY_TEMPLATE_FILE environment variable is required"
+                )
+                exit(1)
+
+            # Get optional configuration
+            s3_prefix = os.environ.get("SAM_S3_PREFIX", "sam-artifacts")
+            additional_args = os.environ.get("SAM_ADDITIONAL_ARGS", "").strip()
+
+            # Build sam package command
+            args = [
+                "package",
+                "--region",
+                region,
+                "--s3-bucket",
+                template_bucket,
+                "--s3-prefix",
+                s3_prefix,
+                "--output-template-file",
+                output_template,
+            ]
+
+            # Add additional arguments if provided
+            if additional_args:
+                args.extend(additional_args.split())
+
+            # Execute sam package
+            self.logger.info(f"Running: sam {' '.join(args)}")
+            return_code, stdout, stderr = self.run_cli("sam", *args)
+
+            if return_code != 0:
+                self.logger.error(f"sam package failed with exit code {return_code}")
+                if stderr:
+                    self.logger.error("Error output: " + "\n".join(stderr))
+                exit(1)
+
+            self.logger.info(
+                f"Successfully generated CloudFormation template: {output_template}"
+            )
+
+        except Exception as e:
+            self.logger.error(f"Plugin failed: {e}")
+            exit(1)

spaceforge-1.3.0/plugins/aws_sam/plugin.yaml

@@ -0,0 +1,238 @@
+name: AWS SAM
+version: 1.0.0
+description: |-
+  The AWS SAM plugin packages SAM templates into CloudFormation templates
+  for use with Spacelift's CloudFormation integration.
+
+  This plugin runs `sam package` before initialization to:
+  - Package the SAM application
+  - Upload artifacts to S3
+  - Generate a CloudFormation template for Spacelift to process
+
+  ## Usage
+
+  1. Install the plugin in your Spacelift account
+  2. Attach it to CloudFormation stacks using SAM templates
+  3. Configure the required environment variables via Spacelift contexts
+  4. The plugin runs automatically before init, generating the CF template
+
+  ## Required Environment Variables
+
+  These are typically set by Spacelift's CloudFormation integration:
+  - `CF_METADATA_REGION`: AWS region for packaging
+  - `CF_METADATA_TEMPLATE_BUCKET`: S3 bucket for template storage
+  - `CF_METADATA_ENTRY_TEMPLATE_FILE`: Output template file path
+
+  ## Configuration
+
+  - **S3 Prefix**: Prefix for SAM artifacts in S3 (default: `sam-artifacts`)
+  - **Additional Arguments**: Extra arguments to pass to `sam package`
+author: tetienne
+labels:
+- cloudformation
+- sam
+- serverless
+parameters:
+- name: S3 Prefix
+  description: S3 prefix for SAM artifacts
+  type: string
+  sensitive: false
+  required: false
+  default: sam-artifacts
+  id: sam_s3_prefix
+- name: Additional Arguments
+  description: Additional command-line arguments to pass to sam package
+  type: string
+  sensitive: false
+  required: false
+  default: ''
+  id: sam_additional_args
+contexts:
+- name_prefix: aws_sam
+  description: AWS SAM Plugin
+  env:
+  - key: SAM_S3_PREFIX
+    value_from_parameter: sam_s3_prefix
+    sensitive: false
+  - key: SAM_ADDITIONAL_ARGS
+    value_from_parameter: sam_additional_args
+    sensitive: false
+  mounted_files:
+  - path: /mnt/workspace/plugins/aws_sam/requirements.txt
+    content: |-
+      aws-sam-cli==1.148.0
+    sensitive: false
+  - path: /mnt/workspace/plugins/aws_sam/plugin.py
+    content: |-
+      import os
+
+      from spaceforge import Context, Parameter, SpaceforgePlugin, Variable
+
+
+      class AwsSamPlugin(SpaceforgePlugin):
+          """
+          The AWS SAM plugin packages SAM templates into CloudFormation templates
+          for use with Spacelift's CloudFormation integration.
+
+          This plugin runs `sam package` before initialization to:
+          - Package the SAM application
+          - Upload artifacts to S3
+          - Generate a CloudFormation template for Spacelift to process
+
+          ## Usage
+
+          1. Install the plugin in your Spacelift account
+          2. Attach it to CloudFormation stacks using SAM templates
+          3. Configure the required environment variables via Spacelift contexts
+          4. The plugin runs automatically before init, generating the CF template
+
+          ## Required Environment Variables
+
+          These are typically set by Spacelift's CloudFormation integration:
+          - `CF_METADATA_REGION`: AWS region for packaging
+          - `CF_METADATA_TEMPLATE_BUCKET`: S3 bucket for template storage
+          - `CF_METADATA_ENTRY_TEMPLATE_FILE`: Output template file path
+
+          ## Configuration
+
+          - **S3 Prefix**: Prefix for SAM artifacts in S3 (default: `sam-artifacts`)
+          - **Additional Arguments**: Extra arguments to pass to `sam package`
+          """
+
+          __plugin_name__ = "AWS SAM"
+          __author__ = "tetienne"
+          __version__ = "1.0.0"
+          __labels__ = ["cloudformation", "sam", "serverless"]
+
+          __parameters__ = [
+              Parameter(
+                  name="S3 Prefix",
+                  id="sam_s3_prefix",
+                  description="S3 prefix for SAM artifacts",
+                  default="sam-artifacts",
+                  type="string",
+                  required=False,
+              ),
+              Parameter(
+                  name="Additional Arguments",
+                  id="sam_additional_args",
+                  description="Additional command-line arguments to pass to sam package",
+                  default="",
+                  type="string",
+                  required=False,
+              ),
+          ]
+
+          __contexts__ = [
+              Context(
+                  name_prefix="aws_sam",
+                  description="AWS SAM Plugin",
+                  env=[
+                      Variable(
+                          key="SAM_S3_PREFIX",
+                          value_from_parameter="sam_s3_prefix",
+                      ),
+                      Variable(
+                          key="SAM_ADDITIONAL_ARGS",
+                          value_from_parameter="sam_additional_args",
+                      ),
+                  ],
+              )
+          ]
+
+          def before_init(self):
+              """
+              Execute sam package before Spacelift initialization.
+
+              This generates the CloudFormation template from the SAM template,
+              uploading artifacts to S3 and outputting the packaged template
+              for Spacelift's CloudFormation flow.
+              """
+              try:
+                  # Get required environment variables
+                  region = os.environ.get("CF_METADATA_REGION")
+                  template_bucket = os.environ.get("CF_METADATA_TEMPLATE_BUCKET")
+                  output_template = os.environ.get("CF_METADATA_ENTRY_TEMPLATE_FILE")
+
+                  if not region:
+                      self.logger.error("CF_METADATA_REGION environment variable is required")
+                      exit(1)
+                  if not template_bucket:
+                      self.logger.error(
+                          "CF_METADATA_TEMPLATE_BUCKET environment variable is required"
+                      )
+                      exit(1)
+                  if not output_template:
+                      self.logger.error(
+                          "CF_METADATA_ENTRY_TEMPLATE_FILE environment variable is required"
+                      )
+                      exit(1)
+
+                  # Get optional configuration
+                  s3_prefix = os.environ.get("SAM_S3_PREFIX", "sam-artifacts")
+                  additional_args = os.environ.get("SAM_ADDITIONAL_ARGS", "").strip()
+
+                  # Build sam package command
+                  args = [
+                      "package",
+                      "--region",
+                      region,
+                      "--s3-bucket",
+                      template_bucket,
+                      "--s3-prefix",
+                      s3_prefix,
+                      "--output-template-file",
+                      output_template,
+                  ]
+
+                  # Add additional arguments if provided
+                  if additional_args:
+                      args.extend(additional_args.split())
+
+                  # Execute sam package
+                  self.logger.info(f"Running: sam {' '.join(args)}")
+                  return_code, stdout, stderr = self.run_cli("sam", *args)
+
+                  if return_code != 0:
+                      self.logger.error(f"sam package failed with exit code {return_code}")
+                      if stderr:
+                          self.logger.error("Error output: " + "\n".join(stderr))
+                      exit(1)
+
+                  self.logger.info(
+                      f"Successfully generated CloudFormation template: {output_template}"
+                  )
+
+              except Exception as e:
+                  self.logger.error(f"Plugin failed: {e}")
+                  exit(1)
+    sensitive: false
+  - path: /mnt/workspace/plugins/aws_sam/before_init.sh
+    content: |-
+      #!/bin/sh
+
+      set -e
+
+      cd /mnt/workspace/plugins/aws_sam
+
+      if [ ! -d "./venv" ]; then
+          python -m venv --system-site-packages ./venv
+      fi
+      . venv/bin/activate
+
+      if ! command -v spaceforge; then
+          pip install spaceforge
+      fi
+
+      if [ -f requirements.txt ] && [ ! -f .spaceforge_installed_requirements ]; then
+          pip install -r requirements.txt
+          touch .spaceforge_installed_requirements
+      fi
+
+      cd /mnt/workspace/source/$TF_VAR_spacelift_project_root
+      python -m spaceforge run --plugin-file /mnt/workspace/plugins/aws_sam/plugin.py before_init
+    sensitive: false
+  hooks:
+    before_init:
+    - mkdir -p /mnt/workspace/plugins/aws_sam
+    - chmod +x /mnt/workspace/plugins/aws_sam/before_init.sh && /mnt/workspace/plugins/aws_sam/before_init.sh

spaceforge-1.3.0/plugins/aws_sam/requirements.txt

@@ -0,0 +1 @@
+aws-sam-cli==1.148.0

{spaceforge-1.2.1 → spaceforge-1.3.0}/plugins/checkov/plugin.py

@@ -77,7 +77,7 @@ class CheckovPlugin(SpaceforgePlugin):
 
     __plugin_name__ = "Checkov"
     __author__ = "Spacelift"
-    __version__ = "1.0.3"
+    __version__ = "1.0.4"
     __labels__ = ["security", "terraform"]
 
     __parameters__ = [
@@ -109,6 +109,7 @@ class CheckovPlugin(SpaceforgePlugin):
             name_prefix="checkov",
             type="PLAN",
             labels=["checkov"],
+            engine_type="REGO_V0",
             body="""package spacelift
 
 import rego.v1

{spaceforge-1.2.1 → spaceforge-1.3.0}/plugins/checkov/plugin.yaml

@@ -1,5 +1,5 @@
 name: Checkov
-version: 1.0.3
+version: 1.0.4
 description: |-
   This plugin runs Checkov security scanning on Terraform/OpenTofu configurations
   during the after_plan hook and reports findings with detailed resource-level
@@ -173,7 +173,7 @@ contexts:
 
           __plugin_name__ = "Checkov"
           __author__ = "Spacelift"
-          __version__ = "1.0.3"
+          __version__ = "1.0.4"
           __labels__ = ["security", "terraform"]
 
           __parameters__ = [
@@ -205,6 +205,7 @@ contexts:
                   name_prefix="checkov",
                   type="PLAN",
                   labels=["checkov"],
+                  engine_type="REGO_V0",
                   body="""package spacelift
 
       import rego.v1
@@ -508,5 +509,6 @@ policies:
         checkov_data.summary.low == 0
         checkov_data.summary.total_failed > max_critical
     }
+  engine_type: REGO_V0
   labels:
   - checkov

{spaceforge-1.2.1 → spaceforge-1.3.0}/plugins/infracost/plugin.py

@@ -9,7 +9,7 @@ class InfracostPlugin(SpaceforgePlugin):
     # Plugin metadata
     __plugin_name__ = "Infracost"
     __labels__ = ["cost estimation", "infrastructure"]
-    __version__ = "1.0.2"
+    __version__ = "1.0.3"
     __author__ = "Spacelift Team"
 
     __parameters__ = [
@@ -46,6 +46,7 @@ class InfracostPlugin(SpaceforgePlugin):
         Policy(
             name_prefix="INFRACOST",
             type="PLAN",
+            engine_type="REGO_V0",
             body="""
 package spacelift
 

{spaceforge-1.2.1 → spaceforge-1.3.0}/plugins/infracost/plugin.yaml

@@ -1,5 +1,5 @@
 name: Infracost
-version: 1.0.2
+version: 1.0.3
 description: A plugin for integrating with Infracost to estimate costs of infrastructure changes.
 author: Spacelift Team
 labels:
@@ -33,7 +33,7 @@ contexts:
           # Plugin metadata
           __plugin_name__ = "Infracost"
           __labels__ = ["cost estimation", "infrastructure"]
-          __version__ = "1.0.2"
+          __version__ = "1.0.3"
           __author__ = "Spacelift Team"
 
           __parameters__ = [
@@ -70,6 +70,7 @@ contexts:
               Policy(
                   name_prefix="INFRACOST",
                   type="PLAN",
+                  engine_type="REGO_V0",
                   body="""
       package spacelift
 
@@ -148,3 +149,4 @@ policies:
     # Learn more about sampling policy evaluations here:
     # https://docs.spacelift.io/concepts/policy#sampling-policy-inputs
     sample := true
+  engine_type: REGO_V0

{spaceforge-1.2.1 → spaceforge-1.3.0}/plugins/sops/plugin.py

@@ -1,9 +1,10 @@
+import os
 from pathlib import Path
 
 import yaml
 from sopsy import Sops, SopsyError
 
-from spaceforge import Binary, SpaceforgePlugin
+from spaceforge import Binary, Context, Parameter, SpaceforgePlugin, Variable
 
 
 class SopsPlugin(SpaceforgePlugin):
@@ -34,12 +35,20 @@ class SopsPlugin(SpaceforgePlugin):
     secrets:
       - test_secret.yaml
     ```
+
+    ## Configuration
+
+    Use the "Config File Path" parameter to specify the location of your `.sops.yaml` file.
+    This is useful when your stack's `project_root` is set to a subdirectory but the `.sops.yaml`
+    file is at the repository root.
+
+    Example: `${TF_VAR_spacelift_workspace_root}/source/.sops.yaml`
     """
 
     # Plugin metadata
     __plugin_name__ = "Sops"
     __labels__ = ["secrets management", "encryption"]
-    __version__ = "1.0.3"
+    __version__ = "1.1.1"
     __author__ = "Spacelift Team"
 
     __binaries__ = [
@@ -52,20 +61,48 @@ class SopsPlugin(SpaceforgePlugin):
         )
     ]
 
+    __parameters__ = [
+        Parameter(
+            name="Config File Path",
+            id="sops_config_path",
+            description="Path to the .sops.yaml configuration file. Defaults to .sops.yaml in the working directory. Use an absolute path (e.g., /mnt/workspace/source/.sops.yaml) when the config file is at the repository root but the stack uses a project_root subdirectory.",
+            default=".sops.yaml",
+            type="string",
+            required=False,
+        ),
+    ]
+
+    __contexts__ = [
+        Context(
+            name_prefix="sops",
+            description="Main context for Sops",
+            env=[
+                Variable(
+                    key="SOPS_CONFIG_PATH",
+                    value_from_parameter="sops_config_path",
+                ),
+            ],
+        )
+    ]
+
     def before_init(self):
-        if not Path(".sops.yaml").exists():
-            self.logger.error("No .sops.yaml file found.")
+        # Get config path from environment variable or use default
+        config_path = os.environ.get("SOPS_CONFIG_PATH", ".sops.yaml").strip()
+        config_file = Path(config_path)
+
+        if not config_file.exists():
+            self.logger.error(f"No config file found at: {config_path}")
             return
 
-        secrets = Path(".sops.yaml").read_text()
+        secrets = config_file.read_text()
         try:
             secrets = yaml.safe_load(secrets)
         except yaml.YAMLError as e:
-            self.logger.error(f"Failed to parse .sops.yaml: {e}")
+            self.logger.error(f"Failed to parse {config_path}: {e}")
             return
 
         if "secrets" not in secrets:
-            self.logger.error("No secrets key found in .sops.yaml.")
+            self.logger.error(f"No secrets key found in {config_path}.")
             return
         secrets = secrets["secrets"]
 
@@ -75,10 +112,10 @@ class SopsPlugin(SpaceforgePlugin):
                 continue
 
             try:
-                self.logger.log(f"Decrypting secret {secret}.")
+                self.logger.info(f"Decrypting secret {secret}.")
                 sops = Sops(Path(secret), in_place=True)
                 sops.decrypt()
-                self.logger.log("Decryption successful.")
+                self.logger.info("Decryption successful.")
             except SopsyError as e:
                 self.logger.error(f"Failed to decrypt secret: {e}")
             except Exception as e: