module GClouder::Resources::Compute::VPNs

Public Class Methods

dir() click to toggle source
# File lib/gclouder/resources/compute/vpns.rb, line 24
def self.dir
  cli_args[:keys_dir] || File.join(ENV["HOME"], "keys")
end
ensure() click to toggle source
# File lib/gclouder/resources/compute/vpns.rb, line 28
def self.ensure
  return if Local.list.empty?

  header

  Local.list.each do |region, instances|
    info region, indent: 2, heading: true
    info

    instances.each do |vpn|
      skip_vpn = false

      # if 'shared_secret' key is set, use it
      # if not, fall back to trying to read the secret from an environment variable, the name
      # of which is provided by the 'shared_secret_env_var' key
      unless vpn.key?("shared_secret") || vpn.key?("shared_secret_env_var") || vpn.key?("shared_secret_file")
        if cli_args[:dry_run]
          warning "skipping resource since no shared secret found for VPN and this is a dry run"
          skip_vpn = true
        else
          fatal "shared_secret_env_var or shared_secret must be set for region/vpn: #{region}/#{vpn["name"]}"
        end
      end

      vpn["shared_secret"] = if vpn.key?("shared_secret") && !vpn["shared_secret"].empty? && !vpn["shared_secret"].nil?
        vpn["shared_secret"]
      else
        ENV[vpn["shared_secret_env_var"]] if vpn["shared_secret_env_var"]
      end

      # this overrides the above for now..
      if vpn.key?("shared_secret_file")
        config_file = File.join(dir, vpn["shared_secret_file"])

        if !File.exists?(config_file)
          fatal "shared_secret_file specified for vpn but no file found for region/vpn: #{region}/#{vpn["name"]}"
        end

        vpn["shared_secret"] = File.read(config_file)
      end

      vpn.delete("shared_secret_env_var") if vpn.key?("shared_secret_env_var")
      vpn.delete("shared_secret_file") if vpn.key?("shared_secret_file")

      required_params = %w(peer_address shared_secret ike_version remote_traffic_selector
                           local_traffic_selector target_vpn_gateway network)

      required_params.each do |param|
        fatal "no #{param} defined for region/vpn: #{region}/#{vpn}" unless vpn.key?(param)

        # FIXME: change once hashie has been ripped out
        if vpn[param].nil?
          if cli_args[:dry_run]
            warning "no #{param} defined for region/vpn: #{vpn["name"]} [#{region}]"
            skip_vpn = true
          else
            fatal "no #{param} defined for region/vpn: #{vpn["name"]} [#{region}]"
          end
        end

        if vpn[param].is_a?(String)
          if cli_args[:dry_run]
            warning "no #{param} defined for region/vpn: #{vpn["name"]} [#{region}]" if vpn[param].empty?
            skip_vpn = true
          else
            fatal "no #{param} defined for region/vpn: #{vpn["name"]} [#{region}]" if vpn[param].empty?
          end
        end
      end

      next if skip_vpn && !cli_args[:dry_run]

      VPN.create(region, vpn["name"], vpn)
    end
  end
end
header(stage = :ensure) click to toggle source
# File lib/gclouder/resources/compute/vpns.rb, line 14
def self.header(stage = :ensure)
  info "[#{stage}] compute / vpns", indent: 1, title: true
end
validate() click to toggle source
# File lib/gclouder/resources/compute/vpns.rb, line 18
def self.validate
  return if Local.list.empty?
  header :validate
  Local.validate
end