140 lines
6.1 KiB
Ruby
140 lines
6.1 KiB
Ruby
class C7n < Formula
|
|
include Language::Python::Virtualenv
|
|
|
|
desc "Rules engine for cloud security, cost optimization, and governance"
|
|
homepage "https://github.com/cloud-custodian/cloud-custodian"
|
|
url "https://github.com/cloud-custodian/cloud-custodian/archive/0.9.22.0.tar.gz"
|
|
sha256 "05d99fd9f2e348d2bd6c924469da94ba3b12a1a2db5639aa0009110a18c337c6"
|
|
license "Apache-2.0"
|
|
|
|
livecheck do
|
|
url :stable
|
|
strategy :github_latest
|
|
end
|
|
|
|
bottle do
|
|
sha256 cellar: :any_skip_relocation, arm64_ventura: "a98e229fa2c6881181c7036a2da3c9a3256decc5caece6b0d6a05d37860c74b8"
|
|
sha256 cellar: :any_skip_relocation, arm64_monterey: "6efc81eda049d2b47489714ce01a35b81ada33c4f2f151f057e0d19166f6e20e"
|
|
sha256 cellar: :any_skip_relocation, arm64_big_sur: "a321ceb0e742a93605331e6a7705bdc0869b4aa2a878aed56dcc61c18e3d3fab"
|
|
sha256 cellar: :any_skip_relocation, ventura: "2415cd2c1ba0ee891c4905e4cb5b6ba28574ba80e034ff555b2bbd1231cdc037"
|
|
sha256 cellar: :any_skip_relocation, monterey: "c1f6fabb0aeeb50a3cdc9aabe7c174463dde4636b945dda4c85fa6532b97c5d1"
|
|
sha256 cellar: :any_skip_relocation, big_sur: "0270e626ce4325fda86e804f0b0b663e332f26892681f32534d2d273176bc4df"
|
|
sha256 cellar: :any_skip_relocation, x86_64_linux: "431bca43bf505e2f0098cd1d1ff126b01623788a379bbc98cf6b796ea5dbcff9"
|
|
end
|
|
|
|
depends_on "python-tabulate"
|
|
depends_on "python@3.11"
|
|
depends_on "pyyaml"
|
|
depends_on "six"
|
|
|
|
resource "argcomplete" do
|
|
url "https://files.pythonhosted.org/packages/05/f8/67851ae4fe5396ba6868c5d84219b81ea6a5d53991a6853616095c30adc0/argcomplete-2.0.0.tar.gz"
|
|
sha256 "6372ad78c89d662035101418ae253668445b391755cfe94ea52f1b9d22425b20"
|
|
end
|
|
|
|
resource "attrs" do
|
|
url "https://files.pythonhosted.org/packages/21/31/3f468da74c7de4fcf9b25591e682856389b3400b4b62f201e65f15ea3e07/attrs-22.2.0.tar.gz"
|
|
sha256 "c9227bfc2f01993c03f68db37d1d15c9690188323c067c641f1a35ca58185f99"
|
|
end
|
|
|
|
resource "boto3" do
|
|
url "https://files.pythonhosted.org/packages/74/e6/f5167f2c905089966e696dcd204cfcd234717bd09ee1882d625bc8aed686/boto3-1.26.52.tar.gz"
|
|
sha256 "0b1f82d4565ed875c7975ac0be5665e8d948613c01bcb0e49df6d4f5af670cc8"
|
|
end
|
|
|
|
resource "botocore" do
|
|
url "https://files.pythonhosted.org/packages/50/ee/f48701d596846dae86346a0a84f7911108bc7a38ee271e150ebf2c057dc5/botocore-1.29.52.tar.gz"
|
|
sha256 "a0b89a33305cfa6251c6e1142deb7567e216e37e25363159f45fb81dc5b474e5"
|
|
end
|
|
|
|
resource "docutils" do
|
|
url "https://files.pythonhosted.org/packages/4c/17/559b4d020f4b46e0287a2eddf2d8ebf76318fd3bd495f1625414b052fdc9/docutils-0.17.1.tar.gz"
|
|
sha256 "686577d2e4c32380bb50cbb22f575ed742d58168cee37e99117a854bcd88f125"
|
|
end
|
|
|
|
resource "importlib-metadata" do
|
|
url "https://files.pythonhosted.org/packages/90/07/6397ad02d31bddf1841c9ad3ec30a693a3ff208e09c2ef45c9a8a5f85156/importlib_metadata-6.0.0.tar.gz"
|
|
sha256 "e354bedeb60efa6affdcc8ae121b73544a7aa74156d047311948f6d711cd378d"
|
|
end
|
|
|
|
resource "jmespath" do
|
|
url "https://files.pythonhosted.org/packages/00/2a/e867e8531cf3e36b41201936b7fa7ba7b5702dbef42922193f05c8976cd6/jmespath-1.0.1.tar.gz"
|
|
sha256 "90261b206d6defd58fdd5e85f478bf633a2901798906be2ad389150c5c60edbe"
|
|
end
|
|
|
|
resource "jsonschema" do
|
|
url "https://files.pythonhosted.org/packages/36/3d/ca032d5ac064dff543aa13c984737795ac81abc9fb130cd2fcff17cfabc7/jsonschema-4.17.3.tar.gz"
|
|
sha256 "0f864437ab8b6076ba6707453ef8f98a6a0d512a80e93f8abdb676f737ecb60d"
|
|
end
|
|
|
|
resource "pyrsistent" do
|
|
url "https://files.pythonhosted.org/packages/bf/90/445a7dbd275c654c268f47fa9452152709134f61f09605cf776407055a89/pyrsistent-0.19.3.tar.gz"
|
|
sha256 "1a2994773706bbb4995c31a97bc94f1418314923bd1048c6d964837040376440"
|
|
end
|
|
|
|
resource "python-dateutil" do
|
|
url "https://files.pythonhosted.org/packages/4c/c4/13b4776ea2d76c115c1d1b84579f3764ee6d57204f6be27119f13a61d0a9/python-dateutil-2.8.2.tar.gz"
|
|
sha256 "0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86"
|
|
end
|
|
|
|
resource "s3transfer" do
|
|
url "https://files.pythonhosted.org/packages/e1/eb/e57c93d5cd5edf8c1d124c831ef916601540db70acd96fa21fe60cef1365/s3transfer-0.6.0.tar.gz"
|
|
sha256 "2ed07d3866f523cc561bf4a00fc5535827981b117dd7876f036b0c1aca42c947"
|
|
end
|
|
|
|
resource "urllib3" do
|
|
url "https://files.pythonhosted.org/packages/c5/52/fe421fb7364aa738b3506a2d99e4f3a56e079c0a798e9f4fa5e14c60922f/urllib3-1.26.14.tar.gz"
|
|
sha256 "076907bf8fd355cde77728471316625a4d2f7e713c125f51953bb5b3eecf4f72"
|
|
end
|
|
|
|
resource "zipp" do
|
|
url "https://files.pythonhosted.org/packages/8e/b3/8b16a007184714f71157b1a71bbe632c5d66dd43bc8152b3c799b13881e1/zipp-3.11.0.tar.gz"
|
|
sha256 "a7a22e05929290a67401440b39690ae6563279bced5f314609d9d03798f56766"
|
|
end
|
|
|
|
def install
|
|
virtualenv_install_with_resources
|
|
end
|
|
|
|
test do
|
|
# trim last decimal point version to match semver returned from version command
|
|
assert_match version.major_minor_patch.to_s, shell_output("#{bin}/custodian version")
|
|
|
|
(testpath/"good-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
mode:
|
|
type: cloudtrail
|
|
role: arn:aws:iam::{account_id}:role/custodian-auto-tagger
|
|
# note {account_id} is optional. If you put that there instead of
|
|
# your actual account number, when the policy is provisioned it
|
|
# will automatically inherit the account_id properly
|
|
events:
|
|
- RunInstances
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
actions:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/good-policy.yml 2>&1")
|
|
assert_match "valid", output
|
|
# has invalid "action" key instead of "actions"
|
|
(testpath/"bad-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
action:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/bad-policy.yml 2>&1", 1)
|
|
assert_match "invalid", output
|
|
end
|
|
end
|