154 lines
6.6 KiB
Ruby
154 lines
6.6 KiB
Ruby
class C7n < Formula
|
|
include Language::Python::Virtualenv
|
|
|
|
desc "Rules engine for cloud security, cost optimization, and governance"
|
|
homepage "https://github.com/cloud-custodian/cloud-custodian"
|
|
url "https://github.com/cloud-custodian/cloud-custodian/archive/0.9.10.0.tar.gz"
|
|
sha256 "807ba80dcebd9eaa972772d6952c1b9e7c3bfd34b18dd5c3f44790f76c3eb7d2"
|
|
license "Apache-2.0"
|
|
|
|
livecheck do
|
|
url :stable
|
|
strategy :github_latest
|
|
end
|
|
|
|
bottle do
|
|
sha256 cellar: :any_skip_relocation, arm64_big_sur: "a2c557f8b99a4cb78e4f505c8c530b1032e9cb3ccd7b1d7ea71e52f013fd0a24"
|
|
sha256 cellar: :any_skip_relocation, big_sur: "b620cf92b010f74bcbd593aa4ad2bb214fc6409a811211e2a4a886558dd1ae2f"
|
|
sha256 cellar: :any_skip_relocation, catalina: "4e912eacec68187bb8995f42a98bb8228204039e9d7a20384ac9aeaee019fbb8"
|
|
sha256 cellar: :any_skip_relocation, mojave: "3503b3d947cc8763e6ec2254f28b0d877b008ed662878858e4c34d237dba2ce2"
|
|
end
|
|
|
|
depends_on "python@3.9"
|
|
|
|
resource "argcomplete" do
|
|
url "https://files.pythonhosted.org/packages/cb/53/d2e3d11726367351b00c8f078a96dacb7f57aef2aca0d3b6c437afc56b55/argcomplete-1.12.2.tar.gz"
|
|
sha256 "de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"
|
|
end
|
|
|
|
resource "attrs" do
|
|
url "https://files.pythonhosted.org/packages/f0/cb/80a4a274df7da7b8baf083249b0890a0579374c3d74b5ac0ee9291f912dc/attrs-20.3.0.tar.gz"
|
|
sha256 "832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"
|
|
end
|
|
|
|
resource "boto3" do
|
|
url "https://files.pythonhosted.org/packages/ad/28/18bc9eb86ac557ecc7f3f6067a454888b90e8dcec49731870f1fc5f8e9a1/boto3-1.16.42.tar.gz"
|
|
sha256 "928e73f51f71469a1b0cead1fbb37f304457ec54400833c02c0c328e64581fea"
|
|
end
|
|
|
|
resource "botocore" do
|
|
url "https://files.pythonhosted.org/packages/ea/b6/feb570c421052117643d1e38874fe18b13350c9280c73c99b07ccd3887a0/botocore-1.19.42.tar.gz"
|
|
sha256 "f0b071fd08f4d72d7ba2c547da529abebe052705c1595be6d12a2151a75a6029"
|
|
end
|
|
|
|
resource "importlib-metadata" do
|
|
url "https://files.pythonhosted.org/packages/30/8c/aafe43247cd18441740a4c3976c29b147e9df3ce79c1076b4e4f6253d15d/importlib_metadata-3.3.0.tar.gz"
|
|
sha256 "5c5a2720817414a6c41f0a49993908068243ae02c1635a228126519b509c8aed"
|
|
end
|
|
|
|
resource "jmespath" do
|
|
url "https://files.pythonhosted.org/packages/3c/56/3f325b1eef9791759784aa5046a8f6a1aff8f7c898a2e34506771d3b99d8/jmespath-0.10.0.tar.gz"
|
|
sha256 "b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"
|
|
end
|
|
|
|
resource "jsonpickle" do
|
|
url "https://files.pythonhosted.org/packages/8a/6d/92d8dadd0aa7a526fe5466e05e1b26b5fc033183af7dc0c38d67eb69915b/jsonpickle-1.3.tar.gz"
|
|
sha256 "71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"
|
|
end
|
|
|
|
resource "jsonschema" do
|
|
url "https://files.pythonhosted.org/packages/69/11/a69e2a3c01b324a77d3a7c0570faa372e8448b666300c4117a516f8b1212/jsonschema-3.2.0.tar.gz"
|
|
sha256 "c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"
|
|
end
|
|
|
|
resource "pyrsistent" do
|
|
url "https://files.pythonhosted.org/packages/4d/70/fd441df751ba8b620e03fd2d2d9ca902103119616f0f6cc42e6405035062/pyrsistent-0.17.3.tar.gz"
|
|
sha256 "2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"
|
|
end
|
|
|
|
resource "python-dateutil" do
|
|
url "https://files.pythonhosted.org/packages/be/ed/5bbc91f03fa4c839c4c7360375da77f9659af5f7086b7a7bdda65771c8e0/python-dateutil-2.8.1.tar.gz"
|
|
sha256 "73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"
|
|
end
|
|
|
|
resource "PyYAML" do
|
|
url "https://files.pythonhosted.org/packages/64/c2/b80047c7ac2478f9501676c988a5411ed5572f35d1beff9cae07d321512c/PyYAML-5.3.1.tar.gz"
|
|
sha256 "b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d"
|
|
end
|
|
|
|
resource "s3transfer" do
|
|
url "https://files.pythonhosted.org/packages/50/de/2b688c062107942486c81a739383b1432a72717d9a85a6a1a692f003c70c/s3transfer-0.3.3.tar.gz"
|
|
sha256 "921a37e2aefc64145e7b73d50c71bb4f26f46e4c9f414dc648c6245ff92cf7db"
|
|
end
|
|
|
|
resource "six" do
|
|
url "https://files.pythonhosted.org/packages/6b/34/415834bfdafca3c5f451532e8a8d9ba89a21c9743a0c59fbd0205c7f9426/six-1.15.0.tar.gz"
|
|
sha256 "30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259"
|
|
end
|
|
|
|
resource "tabulate" do
|
|
url "https://files.pythonhosted.org/packages/57/6f/213d075ad03c84991d44e63b6516dd7d185091df5e1d02a660874f8f7e1e/tabulate-0.8.7.tar.gz"
|
|
sha256 "db2723a20d04bcda8522165c73eea7c300eda74e0ce852d9022e0159d7895007"
|
|
end
|
|
|
|
resource "typing-extensions" do
|
|
url "https://files.pythonhosted.org/packages/16/06/0f7367eafb692f73158e5c5cbca1aec798cdf78be5167f6415dd4205fa32/typing_extensions-3.7.4.3.tar.gz"
|
|
sha256 "99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c"
|
|
end
|
|
|
|
resource "urllib3" do
|
|
url "https://files.pythonhosted.org/packages/29/e6/d1a1d78c439cad688757b70f26c50a53332167c364edb0134cadd280e234/urllib3-1.26.2.tar.gz"
|
|
sha256 "19188f96923873c92ccb987120ec4acaa12f0461fa9ce5d3d0772bc965a39e08"
|
|
end
|
|
|
|
resource "zipp" do
|
|
url "https://files.pythonhosted.org/packages/ce/b0/757db659e8b91cb3ea47d90350d7735817fe1df36086afc77c1c4610d559/zipp-3.4.0.tar.gz"
|
|
sha256 "ed5eee1974372595f9e416cc7bbeeb12335201d8081ca8a0743c954d4446e5cb"
|
|
end
|
|
|
|
def install
|
|
virtualenv_install_with_resources
|
|
end
|
|
|
|
test do
|
|
# trim last decimal point version to match semver returned from version command
|
|
assert_match version.major_minor_patch.to_s, shell_output("#{bin}/custodian version")
|
|
|
|
(testpath/"good-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
mode:
|
|
type: cloudtrail
|
|
role: arn:aws:iam::{account_id}:role/custodian-auto-tagger
|
|
# note {account_id} is optional. If you put that there instead of
|
|
# your actual account number, when the policy is provisioned it
|
|
# will automatically inherit the account_id properly
|
|
events:
|
|
- RunInstances
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
actions:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/good-policy.yml 2>&1")
|
|
assert_match "valid", output
|
|
# has invalid "action" key instead of "actions"
|
|
(testpath/"bad-policy.yml").write <<~EOF
|
|
policies:
|
|
- name: ec2-auto-tag-user
|
|
resource: ec2
|
|
filters:
|
|
- tag:CreatorName: absent
|
|
action:
|
|
- type: auto-tag-user
|
|
tag: CreatorName
|
|
principal_id_tag: CreatorId
|
|
EOF
|
|
output = shell_output("custodian validate --verbose #{testpath}/bad-policy.yml 2>&1", 1)
|
|
assert_match "invalid", output
|
|
end
|
|
end
|