Class: Ufo::TaskDefinition::Helpers::Vars::Builder

Inherits:
Object
  • Object
show all
Extended by:
Memoist
Includes:
Concerns::Names, Config::CallableOption::Concern, AwsHelper, Utils::CallLine, Utils::Logging, Utils::Pretty
Defined in:
lib/ufo/task_definition/helpers/vars/builder.rb

Instance Method Summary collapse

Methods included from Utils::Pretty

#pretty_home, #pretty_path, #pretty_time

Methods included from Utils::Logging

#logger

Methods included from Utils::CallLine

#ufo_call_line

Methods included from AwsHelper

#aws

Methods included from Config::CallableOption::Concern

#callable_option

Methods included from Concerns::Names

#names

Constructor Details

#initialize(options = {}) ⇒ Builder

Returns a new instance of Builder.



13
14
15
16
17
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 13

def initialize(options={})
  # use either file or text. text takes higher precedence
  @file = options[:file]
  @text = options[:text]
end

Instance Method Details

#available_providersObject 



158
159
160
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 158

def available_providers
  %w[ssm secretsmanager]
end

#contentObject 



19
20
21
22
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 19

def content
  @text if @text
  read(*find_files)
end

#conventional_pattern(name, value) ⇒ Object

Examples with config.secrets.provider = “ssm”

.secrets

DB_NAME

Results

DB_NAME=:APP/:ENV/:SECRET_NAME # expansion will use => demo/dev/DB_NAME



131
132
133
134
135
136
137
138
139
140
141
142
143
144
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 131

def conventional_pattern(name, value)
  provider = get_provider(value)
  namespace = provider == "ssm" ? "parameter/" : "secret:"

  field = provider == "secretsmanager" ? "manager_pattern" : "ssm_pattern"
  config_name = "secrets.#{field}"
  pattern = callable_option(
    config_name: config_name, # Ufo.config.names.stack => :APP-:ROLE-:ENV => demo-web-dev
    passed_args: [self],
  )
  # replace :SECRET_NAME since names expand doesnt know how to nor do we want to add logic there
  pattern = pattern.sub(':SECRET_NAME', name)
  "arn:aws:#{provider}:#{region}:#{}:#{namespace}#{pattern}"
end

#env(ext = '.env') ⇒ Object 



63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 63

def env(ext='.env')
  @ext = ext # assign instance variable so dont have to pass around
  result = render_erb(content) # tricky: use result instead of content for variable assignment or content method is not called
  lines = filtered_lines(result)
  lines.map do |line|
    line = line.sub('export ', '') # allow user to use export. ufo ignores it
    key,*value = line.strip.split("=").map do |x|
      remove_surrounding_quotes(x.strip)
    end
    value = value.join('=')
    # Note: env vars do NOT support valueFrom
    # Docs: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definition_environment
    {
      name: key,
      value: value,
    }
  end
end

#expansion(arn) ⇒ Object

arn:aws:ssm:us-west-2:111111111111:parameter/demo/dev/DB-NAME arn:aws:ssm:us-west-2:111111111111:parameter/demo/dev/DB-NAME



109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 109

def expansion(arn)
  md = arn.match(/(.*:)(parameter\/|secret:)(.*)/)
  if md
    prefix, type, name = md[1], md[2], md[3]
    # performance improvement only run names.expansion on the name portion
    expanded_name = names.expansion(name, dasherize: false) # dasherize: false. dont turn SECRET_NAME => SECRET-NAME
    "#{prefix}#{type}#{expanded_name}"
  else # not arn full value. In case user accidentally puts value in .secrets file KEY=value
    names.expansion(arn, dasherize: false) # dasherize: false. dont turn SECRET_NAME => SECRET-NAME
  end
end

#filtered_lines(content) ⇒ Object 



172
173
174
175
176
177
178
179
180
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 172

def filtered_lines(content)
  lines = content.split("\n")
  # remove comment at the end of the line
  lines.map! { |l| l.sub(/\s+#.*/,'').strip }
  # filter out commented lines
  lines = lines.reject { |l| l =~ /(^|\s)#/i }
  # filter out empty lines
  lines = lines.reject { |l| l.strip.empty? }
end

#find_filesObject

Not considering .env files in project root since this is more for deployment Also ufo supports a smarter format than the normal .env files



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 26

def find_files
  return @file if @file
  layers = [
    "base",
    "#{Ufo.env}",
    "#{Ufo.app}",
    "#{Ufo.app}/base",
    "#{Ufo.app}/#{Ufo.env}",
    "#{Ufo.app}/#{Ufo.role}",
    "#{Ufo.app}/#{Ufo.role}/base",
    "#{Ufo.app}/#{Ufo.role}/#{Ufo.env}",
  ]
  layers.map! { |l| ".ufo/env_files/#{l}#{@ext}" }
  show_layers(layers)
  layers.select { |l| File.exist?(l) }
end

#get_provider(value) ⇒ Object

Allows user to override one-off value. IE: DB_PASS=secretsmanager Note there’s no point in disabling this override ability since valueFrom examples a reference.

{
  "name": "PASS",
  "valueFrom": "arn:aws:ssm:us-west-2:1111111111111:parameter/demo/dev/PASS"
}



154
155
156
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 154

def get_provider(value)
  available_providers.include?(value) ? value : Ufo.config.secrets.provider
end

#normalize_to_arn(name, value) ⇒ Object 



94
95
96
97
98
99
100
101
102
103
104
105
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 94

def normalize_to_arn(name, value)
  case value
  when /^ssm:/i
    value.sub(/^ssm:/i, "arn:aws:ssm:#{region}:#{}:parameter/")
  when /^secretsmanager:/i
    value.sub(/^secretsmanager:/i, "arn:aws:secretsmanager:#{region}:#{}:secret:")
  when '', *available_providers # blank string will mean use convention
    conventional_pattern(name, value)
  else
    value # assume full arn has been passed
  end
end

#read(*paths) ⇒ Object 



54
55
56
57
58
59
60
61
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 54

def read(*paths)
  text= ""
  paths.compact.each do |path|
    text << IO.read("#{Ufo.root}/#{path}")
    text << "\n"
  end
  text
end

#remove_surrounding_quotes(s) ⇒ Object 



162
163
164
165
166
167
168
169
170
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 162

def remove_surrounding_quotes(s)
  if s =~ /^"/ && s =~ /"$/
    s.sub(/^["]/, '').gsub(/["]$/,'') # remove surrounding double quotes
  elsif s =~ /^'/ && s =~ /'$/
    s.sub(/^[']/, '').gsub(/[']$/,'') # remove surrounding single quotes
  else
    s
  end
end

#render_erb(content) ⇒ Object 



182
183
184
185
186
187
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 182

def render_erb(content)
  path = ".ufo/output/params.erb"
  FileUtils.mkdir_p(File.dirname(path))
  IO.write(path, content)
  RenderMePretty.result(path, context: self)
end

#secretsObject 



82
83
84
85
86
87
88
89
90
91
92
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 82

def secrets
  secrets = env('.secrets')
  secrets.map do |item|
    value = item.delete(:value)
    arn = normalize_to_arn(item[:name], value)
    value = expansion(arn)
    value = value.sub('parameter//','parameter/') # auto fix accidental leading slash for user
    item[:valueFrom] = value
  end
  secrets
end

#show_layers(paths) ⇒ Object 



43
44
45
46
47
48
49
50
51
52
 
# File 'lib/ufo/task_definition/helpers/vars/builder.rb', line 43

def show_layers(paths)
  label = @ext.sub('.','').capitalize
  paths.each do |path|
    if ENV['UFO_LAYERS_ALL']
      logger.info "    #{path}"
    elsif Ufo.config.layering.show
      logger.info "    #{path} "if File.exist?(path)
    end
  end
end