150 lines
6.4 KiB
Ruby
150 lines
6.4 KiB
Ruby
class C7n < Formula
|
|
include Language::Python::Virtualenv
|
|
|
|
desc "Rules engine for cloud security, cost optimization, and governance"
|
|
homepage "https://github.com/cloud-custodian/cloud-custodian"
|
|
url "https://github.com/cloud-custodian/cloud-custodian/archive/0.9.11.0.tar.gz"
|
|
sha256 "6893497aea3d8c956f03588cec845f288d6c00db8caa3444c72c18aa8ae54d39"
|
|
license "Apache-2.0"
|
|
|
|
livecheck do
|
|
url :stable
|
|
strategy :github_latest
|
|
end
|
|
|
|
bottle do
|
|
sha256 cellar: :any_skip_relocation, arm64_big_sur: "2c8882d52e1eaabd2df446e7b6bbe91979fb8a6d110852d9c44ac3da976f2cb6"
|
|
sha256 cellar: :any_skip_relocation, big_sur: "5b04c9aed7f6ea764ab0322fb0a6f3e7e58737a9f031a5cf7ad85cb408f834f0"
|
|
sha256 cellar: :any_skip_relocation, catalina: "36dba24d4fc6d75b84c56f6e57af83843064dafae3b86e512b3a3c21c8e1e208"
|
|
sha256 cellar: :any_skip_relocation, mojave: "96b4249641926857ee779ab8d00c37515b3ed61836688526737706ac379fbd9d"
|
|
end
|
|
|
|
depends_on "python-tabulate"
|
|
depends_on "python@3.9"
|
|
|
|
resource "argcomplete" do
|
|
url "https://files.pythonhosted.org/packages/cb/53/d2e3d11726367351b00c8f078a96dacb7f57aef2aca0d3b6c437afc56b55/argcomplete-1.12.2.tar.gz"
|
|
sha256 "de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"
|
|
end
|
|
|
|
resource "attrs" do
|
|
url "https://files.pythonhosted.org/packages/f0/cb/80a4a274df7da7b8baf083249b0890a0579374c3d74b5ac0ee9291f912dc/attrs-20.3.0.tar.gz"
|
|
sha256 "832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"
|
|
end
|
|
|
|
resource "boto3" do
|
|
url "https://files.pythonhosted.org/packages/36/f6/93e3878eaa336a6a068daca29e8ce43baa7c779f03dbc10c509f0241bdf1/boto3-1.17.45.tar.gz"
|
|
sha256 "edd3042eba5e21914a7d099cb8a25f009c0c42a9529c9ac4f5b852ad5b3acacf"
|
|
end
|
|
|
|
resource "botocore" do
|
|
url "https://files.pythonhosted.org/packages/4b/f1/f5ccaf6e0ef833c67210615511d934c0f0815673a7007fed384945462b9f/botocore-1.20.45.tar.gz"
|
|
sha256 "b3a59b21c6f404d2c5dcb1a21698484a5ac1bbe639ca97b2e0f0e19c52c2ebe1"
|
|
end
|
|
|
|
resource "importlib-metadata" do
|
|
url "https://files.pythonhosted.org/packages/8e/33/d54eacc679af34dc7c03fe9f3383669095b27fa17bd820cd33ec957cb249/importlib_metadata-3.10.0.tar.gz"
|
|
sha256 "c9db46394197244adf2f0b08ec5bc3cf16757e9590b02af1fca085c16c0d600a"
|
|
end
|
|
|
|
resource "jmespath" do
|
|
url "https://files.pythonhosted.org/packages/3c/56/3f325b1eef9791759784aa5046a8f6a1aff8f7c898a2e34506771d3b99d8/jmespath-0.10.0.tar.gz"
|
|
sha256 "b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"
|
|
end
|
|
|
|
resource "jsonpickle" do
|
|
url "https://files.pythonhosted.org/packages/62/8a/84864798c5ef120e3a5b5cf08d8c231fa4499b53d465488563c4cb901f2f/jsonpickle-2.0.0.tar.gz"
|
|
sha256 "0be49cba80ea6f87a168aa8168d717d00c6ca07ba83df3cec32d3b30bfe6fb9a"
|
|
end
|
|
|
|
resource "jsonschema" do
|
|
url "https://files.pythonhosted.org/packages/69/11/a69e2a3c01b324a77d3a7c0570faa372e8448b666300c4117a516f8b1212/jsonschema-3.2.0.tar.gz"
|
|
sha256 "c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"
|
|
end
|
|
|
|
resource "pyrsistent" do
|
|
url "https://files.pythonhosted.org/packages/4d/70/fd441df751ba8b620e03fd2d2d9ca902103119616f0f6cc42e6405035062/pyrsistent-0.17.3.tar.gz"
|
|
sha256 "2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"
|
|
end
|
|
|
|
resource "python-dateutil" do
|
|
url "https://files.pythonhosted.org/packages/be/ed/5bbc91f03fa4c839c4c7360375da77f9659af5f7086b7a7bdda65771c8e0/python-dateutil-2.8.1.tar.gz"
|
|
sha256 "73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"
|
|
end
|
|
|
|
resource "PyYAML" do
|
|
url "https://files.pythonhosted.org/packages/a0/a4/d63f2d7597e1a4b55aa3b4d6c5b029991d3b824b5bd331af8d4ab1ed687d/PyYAML-5.4.1.tar.gz"
|
|
sha256 "607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e"
|
|
end
|
|
|
|
resource "s3transfer" do
|
|
url "https://files.pythonhosted.org/packages/0f/c2/266326b601256b5722aea10961504857f324cd50f4adc66a2f573fbea017/s3transfer-0.3.6.tar.gz"
|
|
sha256 "c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"
|
|
end
|
|
|
|
resource "six" do
|
|
url "https://files.pythonhosted.org/packages/6b/34/415834bfdafca3c5f451532e8a8d9ba89a21c9743a0c59fbd0205c7f9426/six-1.15.0.tar.gz"
|
|
sha256 "30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259"
|
|
end
|
|
|
|
resource "typing-extensions" do
|
|
url "https://files.pythonhosted.org/packages/16/06/0f7367eafb692f73158e5c5cbca1aec798cdf78be5167f6415dd4205fa32/typing_extensions-3.7.4.3.tar.gz"
|
|
sha256 "99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c"
|
|
end
|
|
|
|
resource "urllib3" do
|
|
url "https://files.pythonhosted.org/packages/cb/cf/871177f1fc795c6c10787bc0e1f27bb6cf7b81dbde399fd35860472cecbc/urllib3-1.26.4.tar.gz"
|
|
sha256 "e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937"
|
|
end
|
|
|
|
resource "zipp" do
|
|
url "https://files.pythonhosted.org/packages/38/f9/4fa6df2753ded1bcc1ce2fdd8046f78bd240ff7647f5c9bcf547c0df77e3/zipp-3.4.1.tar.gz"
|
|
sha256 "3607921face881ba3e026887d8150cca609d517579abe052ac81fc5aeffdbd76"
|
|
end
|
|
|
|
def install
|
|
virtualenv_install_with_resources
|
|
end
|
|
|
|
test do
|
|
# trim last decimal point version to match semver returned from version command
|
|
assert_match version.major_minor_patch.to_s, shell_output("#{bin}/custodian version")
|
|
|
|
(testpath/"good-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
mode:
|
|
type: cloudtrail
|
|
role: arn:aws:iam::{account_id}:role/custodian-auto-tagger
|
|
# note {account_id} is optional. If you put that there instead of
|
|
# your actual account number, when the policy is provisioned it
|
|
# will automatically inherit the account_id properly
|
|
events:
|
|
- RunInstances
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
actions:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/good-policy.yml 2>&1")
|
|
assert_match "valid", output
|
|
# has invalid "action" key instead of "actions"
|
|
(testpath/"bad-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
action:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/bad-policy.yml 2>&1", 1)
|
|
assert_match "invalid", output
|
|
end
|
|
end
|