|
1
|
|
|
module Awspec::Generator |
|
2
|
|
|
module Spec |
|
3
|
|
|
class S3Bucket |
|
4
|
|
|
include Awspec::Helper::Finder |
|
5
|
|
|
def generate_all |
|
6
|
|
|
buckets = select_all_buckets |
|
7
|
|
|
raise 'Not Found Bucket' if buckets.empty? |
|
8
|
|
|
specs = buckets.map do |bucket| |
|
9
|
|
|
content(bucket) |
|
10
|
|
|
end |
|
11
|
|
|
specs.join("\n") |
|
12
|
|
|
end |
|
13
|
|
|
|
|
14
|
|
|
def generate(bucket_name) |
|
15
|
|
|
bucket = find_bucket(bucket_name) |
|
16
|
|
|
content(bucket) |
|
17
|
|
|
end |
|
18
|
|
|
|
|
19
|
|
|
def generate_grant_specs(acl) |
|
20
|
|
|
return [] unless acl |
|
21
|
|
|
linespecs = [] |
|
22
|
|
|
acl.grants.each do |grant| |
|
23
|
|
|
linespecs.push(ERB.new(grant_linetemplate, nil, '-').result(binding)) |
|
24
|
|
|
end |
|
25
|
|
|
linespecs |
|
26
|
|
|
end |
|
27
|
|
|
|
|
28
|
|
|
def grant_linetemplate |
|
29
|
|
|
grantee = 'grant.grantee.display_name || grant.grantee.uri || grant.grantee.id' |
|
30
|
|
|
template = <<-EOF |
|
31
|
|
|
it { should have_acl_grant(grantee: '<%= #{grantee} %>', permission: '<%= grant.permission %>') } |
|
32
|
|
|
EOF |
|
33
|
|
|
template |
|
34
|
|
|
end |
|
35
|
|
|
|
|
36
|
|
|
def generate_lifecycle_rule_transitions_spec(transitions_rule) |
|
37
|
|
|
rules = [] |
|
38
|
|
|
transitions_rule.each do |line| |
|
39
|
|
|
elements = [] |
|
40
|
|
|
line.each do |k, v| |
|
41
|
|
|
elements << case v |
|
42
|
|
|
when Numeric |
|
43
|
|
|
"#{k}: #{v}" |
|
44
|
|
|
when String |
|
45
|
|
|
"#{k}: '#{v}'" |
|
46
|
|
|
else |
|
47
|
|
|
"#{k}: '#{v.inspect}'" |
|
48
|
|
|
end |
|
49
|
|
|
end |
|
50
|
|
|
rules << '{ ' + elements.join(', ') + ' }' |
|
51
|
|
|
end |
|
52
|
|
|
'[' + rules.join(', ') + ']' |
|
53
|
|
|
end |
|
54
|
|
|
|
|
55
|
|
|
def generate_lifecycle_rule_specs(lifecycle_rule) |
|
56
|
|
|
return [] unless lifecycle_rule |
|
57
|
|
|
linespecs = [] |
|
58
|
|
|
lifecycle_rule.rules.each do |rule| |
|
59
|
|
|
transitions = generate_lifecycle_rule_transitions_spec(rule.transitions.map(&:to_h)) |
|
60
|
|
|
template = <<-EOF |
|
61
|
|
|
it do |
|
62
|
|
|
should have_lifecycle_rule( |
|
63
|
|
|
id: '<%= rule.id %>', |
|
64
|
|
|
<%- if rule.prefix -%> |
|
65
|
|
|
prefix: '<%= rule.prefix %>', |
|
66
|
|
|
<%- end -%> |
|
67
|
|
|
<%- rule.noncurrent_version_expiration.to_h.each do |k, v| -%> |
|
68
|
|
|
noncurrent_version_expiration: { <%= k %>: <%= v %> }, |
|
69
|
|
|
<%- end -%> |
|
70
|
|
|
<%- rule.expiration.to_h.each do |k, v| -%> |
|
71
|
|
|
expiration: { <%= k %>: <%= v %> }, |
|
72
|
|
|
<%- end -%> |
|
73
|
|
|
transitions: <%= transitions %>, |
|
74
|
|
|
status: '<%= rule.status %>' |
|
75
|
|
|
) |
|
76
|
|
|
end |
|
77
|
|
|
EOF |
|
78
|
|
|
linespecs.push(ERB.new(template, nil, '-').result(binding)) |
|
79
|
|
|
end |
|
80
|
|
|
linespecs |
|
81
|
|
|
end |
|
82
|
|
|
|
|
83
|
|
|
def bucket_spec_template |
|
84
|
|
|
template = <<-'EOF' |
|
85
|
|
|
describe s3_bucket('<%= bucket.name %>') do |
|
86
|
|
|
it { should exist } |
|
87
|
|
|
<%- if acl -%> |
|
88
|
|
|
its(:acl_owner) { should eq '<%= acl.owner.display_name %>' } |
|
89
|
|
|
its(:acl_grants_count) { should eq <%= acl.grants.count %> } |
|
90
|
|
|
<%- end -%> |
|
91
|
|
|
<% grant_specs.each do |line| %> |
|
92
|
|
|
<%= line %> |
|
93
|
|
|
<% end %> |
|
94
|
|
|
<%- if bucket_policy -%> |
|
95
|
|
|
it { should have_policy('<%= bucket_policy %>') } |
|
96
|
|
|
<%- end -%> |
|
97
|
|
|
<%- if tag -%> |
|
98
|
|
|
it { should have_tag('env').value('dev') } |
|
99
|
|
|
<%- end -%> |
|
100
|
|
|
<%- if lifecycle_rule -%> |
|
101
|
|
|
<% lifecycle_specs.each do |line| %> |
|
102
|
|
|
<%= line %> |
|
103
|
|
|
<% end %> |
|
104
|
|
|
<%- end -%> |
|
105
|
|
|
end |
|
106
|
|
|
EOF |
|
107
|
|
|
template |
|
108
|
|
|
end |
|
109
|
|
|
|
|
110
|
|
|
private |
|
111
|
|
|
|
|
112
|
|
|
def content(bucket) |
|
113
|
|
|
acl = find_bucket_acl(bucket.name) |
|
114
|
|
|
grant_specs = generate_grant_specs(acl) |
|
115
|
|
|
tag = find_bucket_tag(bucket.name, 'env') |
|
116
|
|
|
policy = find_bucket_policy(bucket.name) |
|
117
|
|
|
bucket_policy = policy.policy.read if policy |
|
118
|
|
|
lifecycle_rule = find_bucket_lifecycle_configuration(bucket.name) |
|
119
|
|
|
lifecycle_specs = generate_lifecycle_rule_specs(lifecycle_rule) if lifecycle_rule |
|
120
|
|
|
ERB.new(bucket_spec_template, nil, '-').result(binding).gsub(/^\n/, '') |
|
121
|
|
|
end |
|
122
|
|
|
end |
|
123
|
|
|
end |
|
124
|
|
|
end |
|
125
|
|
|
|
k1LoW /
awspec
