1
|
|
|
module Awspec::Generator |
2
|
|
|
module Spec |
3
|
|
|
class S3Bucket |
4
|
|
|
include Awspec::Helper::Finder |
5
|
|
|
def generate_all |
6
|
|
|
buckets = select_all_buckets |
7
|
|
|
raise 'Not Found Bucket' if buckets.empty? |
8
|
|
|
specs = buckets.map do |bucket| |
9
|
|
|
content(bucket) |
10
|
|
|
end |
11
|
|
|
specs.join("\n") |
12
|
|
|
end |
13
|
|
|
|
14
|
|
|
def generate(bucket_name) |
15
|
|
|
bucket = find_bucket(bucket_name) |
16
|
|
|
content(bucket) |
17
|
|
|
end |
18
|
|
|
|
19
|
|
|
def generate_grant_specs(acl) |
20
|
|
|
return [] unless acl |
21
|
|
|
linespecs = [] |
22
|
|
|
acl.grants.each do |grant| |
23
|
|
|
linespecs.push(ERB.new(grant_linetemplate, nil, '-').result(binding)) |
24
|
|
|
end |
25
|
|
|
linespecs |
26
|
|
|
end |
27
|
|
|
|
28
|
|
|
def grant_linetemplate |
29
|
|
|
grantee = 'grant.grantee.display_name || grant.grantee.uri || grant.grantee.id' |
30
|
|
|
template = <<-EOF |
31
|
|
|
it { should have_acl_grant(grantee: '<%= #{grantee} %>', permission: '<%= grant.permission %>') } |
32
|
|
|
EOF |
33
|
|
|
template |
34
|
|
|
end |
35
|
|
|
|
36
|
|
|
def generate_lifecycle_rule_transitions_spec(transitions_rule) |
37
|
|
|
rules = [] |
38
|
|
|
transitions_rule.each do |line| |
39
|
|
|
elements = [] |
40
|
|
|
line.each do |k, v| |
41
|
|
|
elements << case v |
42
|
|
|
when Numeric |
43
|
|
|
"#{k}: #{v}" |
44
|
|
|
when String |
45
|
|
|
"#{k}: '#{v}'" |
46
|
|
|
else |
47
|
|
|
"#{k}: '#{v.inspect}'" |
48
|
|
|
end |
49
|
|
|
end |
50
|
|
|
rules << '{ ' + elements.join(', ') + ' }' |
51
|
|
|
end |
52
|
|
|
'[' + rules.join(', ') + ']' |
53
|
|
|
end |
54
|
|
|
|
55
|
|
|
def generate_lifecycle_rule_specs(lifecycle_rule) |
56
|
|
|
return [] unless lifecycle_rule |
57
|
|
|
linespecs = [] |
58
|
|
|
lifecycle_rule.rules.each do |rule| |
59
|
|
|
transitions = generate_lifecycle_rule_transitions_spec(rule.transitions.map(&:to_h)) |
60
|
|
|
template = <<-EOF |
61
|
|
|
it do |
62
|
|
|
should have_lifecycle_rule( |
63
|
|
|
id: '<%= rule.id %>', |
64
|
|
|
<%- if rule.prefix -%> |
65
|
|
|
prefix: '<%= rule.prefix %>', |
66
|
|
|
<%- end -%> |
67
|
|
|
<%- rule.noncurrent_version_expiration.to_h.each do |k, v| -%> |
68
|
|
|
noncurrent_version_expiration: { <%= k %>: <%= v %> }, |
69
|
|
|
<%- end -%> |
70
|
|
|
<%- rule.expiration.to_h.each do |k, v| -%> |
71
|
|
|
expiration: { <%= k %>: <%= v %> }, |
72
|
|
|
<%- end -%> |
73
|
|
|
transitions: <%= transitions %>, |
74
|
|
|
status: '<%= rule.status %>' |
75
|
|
|
) |
76
|
|
|
end |
77
|
|
|
EOF |
78
|
|
|
linespecs.push(ERB.new(template, nil, '-').result(binding)) |
79
|
|
|
end |
80
|
|
|
linespecs |
81
|
|
|
end |
82
|
|
|
|
83
|
|
|
def bucket_spec_template |
84
|
|
|
template = <<-'EOF' |
85
|
|
|
describe s3_bucket('<%= bucket.name %>') do |
86
|
|
|
it { should exist } |
87
|
|
|
<%- if acl -%> |
88
|
|
|
its(:acl_owner) { should eq '<%= acl.owner.display_name %>' } |
89
|
|
|
its(:acl_grants_count) { should eq <%= acl.grants.count %> } |
90
|
|
|
<%- end -%> |
91
|
|
|
<% grant_specs.each do |line| %> |
92
|
|
|
<%= line %> |
93
|
|
|
<% end %> |
94
|
|
|
<%- if bucket_policy -%> |
95
|
|
|
it { should have_policy('<%= bucket_policy %>') } |
96
|
|
|
<%- end -%> |
97
|
|
|
<%- if tag -%> |
98
|
|
|
it { should have_tag('env').value('dev') } |
99
|
|
|
<%- end -%> |
100
|
|
|
<%- if lifecycle_rule -%> |
101
|
|
|
<% lifecycle_specs.each do |line| %> |
102
|
|
|
<%= line %> |
103
|
|
|
<% end %> |
104
|
|
|
<%- end -%> |
105
|
|
|
end |
106
|
|
|
EOF |
107
|
|
|
template |
108
|
|
|
end |
109
|
|
|
|
110
|
|
|
private |
111
|
|
|
|
112
|
|
|
def content(bucket) |
113
|
|
|
acl = find_bucket_acl(bucket.name) |
114
|
|
|
grant_specs = generate_grant_specs(acl) |
115
|
|
|
tag = find_bucket_tag(bucket.name, 'env') |
116
|
|
|
policy = find_bucket_policy(bucket.name) |
117
|
|
|
bucket_policy = policy.policy.read if policy |
118
|
|
|
lifecycle_rule = find_bucket_lifecycle_configuration(bucket.name) |
119
|
|
|
lifecycle_specs = generate_lifecycle_rule_specs(lifecycle_rule) if lifecycle_rule |
120
|
|
|
ERB.new(bucket_spec_template, nil, '-').result(binding).gsub(/^\n/, '') |
121
|
|
|
end |
122
|
|
|
end |
123
|
|
|
end |
124
|
|
|
end |
125
|
|
|
|