143 lines
6.2 KiB
Ruby
143 lines
6.2 KiB
Ruby
class C7n < Formula
|
|
include Language::Python::Virtualenv
|
|
|
|
desc "Rules engine for cloud security, cost optimization, and governance"
|
|
homepage "https://github.com/cloud-custodian/cloud-custodian"
|
|
url "https://github.com/cloud-custodian/cloud-custodian/archive/0.9.16.0.tar.gz"
|
|
sha256 "65a20d879bee71a99f8e7717cd7287e27d23684e2a9fe6c4ee6a5b8ab5f69b5a"
|
|
license "Apache-2.0"
|
|
|
|
livecheck do
|
|
url :stable
|
|
strategy :github_latest
|
|
end
|
|
|
|
bottle do
|
|
sha256 cellar: :any_skip_relocation, arm64_monterey: "fdf486e70e46b85985171399bfca7471a7529fc1919a0fc29b9f4f3df4fc7428"
|
|
sha256 cellar: :any_skip_relocation, arm64_big_sur: "3704a9c9e68b40e09c171626b79db452dcefecefc48da38b41b0251ece7d67c9"
|
|
sha256 cellar: :any_skip_relocation, monterey: "0b0e65c34616940b75e68d3a5be32cff7a738269853c01cbd293a0161c242369"
|
|
sha256 cellar: :any_skip_relocation, big_sur: "6d89dbf8a4d14f193411d5fcae57a562442ca25cb2203db274a0a3eb8352c94f"
|
|
sha256 cellar: :any_skip_relocation, catalina: "89af16ee361e76667cf4fdd9d4add637a74cbf71db97edf36af6a729ad64146e"
|
|
sha256 cellar: :any_skip_relocation, x86_64_linux: "6ecfa9a54d3e75267560cf4c84052e01f49cfc033afc07f951eff3ba5d557858"
|
|
end
|
|
|
|
depends_on "python-tabulate"
|
|
depends_on "python@3.9"
|
|
depends_on "six"
|
|
|
|
resource "argcomplete" do
|
|
url "https://files.pythonhosted.org/packages/05/f8/67851ae4fe5396ba6868c5d84219b81ea6a5d53991a6853616095c30adc0/argcomplete-2.0.0.tar.gz"
|
|
sha256 "6372ad78c89d662035101418ae253668445b391755cfe94ea52f1b9d22425b20"
|
|
end
|
|
|
|
resource "attrs" do
|
|
url "https://files.pythonhosted.org/packages/d7/77/ebb15fc26d0f815839ecd897b919ed6d85c050feeb83e100e020df9153d2/attrs-21.4.0.tar.gz"
|
|
sha256 "626ba8234211db98e869df76230a137c4c40a12d72445c45d5f5b716f076e2fd"
|
|
end
|
|
|
|
resource "boto3" do
|
|
url "https://files.pythonhosted.org/packages/14/7a/14c7a6a0c203c758ee264a0c4005beb44b6b2cd6c108c1b2b4ce7b0e1d34/boto3-1.21.42.tar.gz"
|
|
sha256 "bcb541175a7d190dd919a0af0e807ee6e9d26f135551e741b10d94343f2d7588"
|
|
end
|
|
|
|
resource "botocore" do
|
|
url "https://files.pythonhosted.org/packages/bf/c1/ccb78e982e38452c8db74c05aa2ac560a6267c52f702d6acb1611b447349/botocore-1.24.42.tar.gz"
|
|
sha256 "a2baa9484bbaee96ef312c049b8e360badcab58329e487b57567644a571b5f4a"
|
|
end
|
|
|
|
resource "docutils" do
|
|
url "https://files.pythonhosted.org/packages/4c/17/559b4d020f4b46e0287a2eddf2d8ebf76318fd3bd495f1625414b052fdc9/docutils-0.17.1.tar.gz"
|
|
sha256 "686577d2e4c32380bb50cbb22f575ed742d58168cee37e99117a854bcd88f125"
|
|
end
|
|
|
|
resource "importlib-metadata" do
|
|
url "https://files.pythonhosted.org/packages/3e/1d/964b27278cfa369fbe9041f604ab09c6e99556f8b7910781b4584b428c2f/importlib_metadata-4.11.3.tar.gz"
|
|
sha256 "ea4c597ebf37142f827b8f39299579e31685c31d3a438b59f469406afd0f2539"
|
|
end
|
|
|
|
resource "jmespath" do
|
|
url "https://files.pythonhosted.org/packages/06/7e/44686b986ef9ca6069db224651baaa8300b93af2a085a5b135997bf659b3/jmespath-1.0.0.tar.gz"
|
|
sha256 "a490e280edd1f57d6de88636992d05b71e97d69a26a19f058ecf7d304474bf5e"
|
|
end
|
|
|
|
resource "jsonschema" do
|
|
url "https://files.pythonhosted.org/packages/26/67/36cfd516f7b3560bbf7183d7a0f82bb9514d2a5f4e1d682a8a1d55d8031d/jsonschema-4.4.0.tar.gz"
|
|
sha256 "636694eb41b3535ed608fe04129f26542b59ed99808b4f688aa32dcf55317a83"
|
|
end
|
|
|
|
resource "pyrsistent" do
|
|
url "https://files.pythonhosted.org/packages/42/ac/455fdc7294acc4d4154b904e80d964cc9aae75b087bbf486be04df9f2abd/pyrsistent-0.18.1.tar.gz"
|
|
sha256 "d4d61f8b993a7255ba714df3aca52700f8125289f84f704cf80916517c46eb96"
|
|
end
|
|
|
|
resource "python-dateutil" do
|
|
url "https://files.pythonhosted.org/packages/4c/c4/13b4776ea2d76c115c1d1b84579f3764ee6d57204f6be27119f13a61d0a9/python-dateutil-2.8.2.tar.gz"
|
|
sha256 "0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86"
|
|
end
|
|
|
|
resource "PyYAML" do
|
|
url "https://files.pythonhosted.org/packages/36/2b/61d51a2c4f25ef062ae3f74576b01638bebad5e045f747ff12643df63844/PyYAML-6.0.tar.gz"
|
|
sha256 "68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2"
|
|
end
|
|
|
|
resource "s3transfer" do
|
|
url "https://files.pythonhosted.org/packages/7e/19/f82e4af435a19b28bdbfba63f338ea20a264f4df4beaf8f2ab9bfa34072b/s3transfer-0.5.2.tar.gz"
|
|
sha256 "95c58c194ce657a5f4fb0b9e60a84968c808888aed628cd98ab8771fe1db98ed"
|
|
end
|
|
|
|
resource "urllib3" do
|
|
url "https://files.pythonhosted.org/packages/1b/a5/4eab74853625505725cefdf168f48661b2cd04e7843ab836f3f63abf81da/urllib3-1.26.9.tar.gz"
|
|
sha256 "aabaf16477806a5e1dd19aa41f8c2b7950dd3c746362d7e3223dbe6de6ac448e"
|
|
end
|
|
|
|
resource "zipp" do
|
|
url "https://files.pythonhosted.org/packages/cc/3c/3e8c69cd493297003da83f26ccf1faea5dd7da7892a0a7c965ac3bcba7bf/zipp-3.8.0.tar.gz"
|
|
sha256 "56bf8aadb83c24db6c4b577e13de374ccfb67da2078beba1d037c17980bf43ad"
|
|
end
|
|
|
|
def install
|
|
virtualenv_install_with_resources
|
|
end
|
|
|
|
test do
|
|
# trim last decimal point version to match semver returned from version command
|
|
assert_match version.major_minor_patch.to_s, shell_output("#{bin}/custodian version")
|
|
|
|
(testpath/"good-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
mode:
|
|
type: cloudtrail
|
|
role: arn:aws:iam::{account_id}:role/custodian-auto-tagger
|
|
# note {account_id} is optional. If you put that there instead of
|
|
# your actual account number, when the policy is provisioned it
|
|
# will automatically inherit the account_id properly
|
|
events:
|
|
- RunInstances
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
actions:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/good-policy.yml 2>&1")
|
|
assert_match "valid", output
|
|
# has invalid "action" key instead of "actions"
|
|
(testpath/"bad-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
action:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/bad-policy.yml 2>&1", 1)
|
|
assert_match "invalid", output
|
|
end
|
|
end
|