Sitefull::Cloud
This is a gem for automating cloud deployments using different cloud providers. The gem uses Auth 2.0 authorization code grant for authorization whenever it is supported.
Installation
Add this line to your application's Gemfile:
gem 'sitefull-cloud'
And then execute:
$ bundle
Or install it yourself as:
$ gem install sitefull-cloud
Usage
Authorization
Amazon
- Setup a new application for Login with Amazon https://sellercentral.amazon.com/gp/homepage.html
- Create am IAM role in the AWS Management Console to allow the users access to your resources:
- Login to the AWS Management Console https://console.aws.amazon.com/iam/home#home
- Go to the Roles section and click on "Create New Role"
- Choose "Role for Identity Provider Access" on the "Select Role Type" page and select the "Grant access to web identity providers" option
- Select "Login with Amazon" and entery your Application ID for the application you created
- Follow the wizard and create the new role
- Edit the new role and from the "Permissions" tab select policies that the authenticated users will be able to access
Once the Amazon application is configured and the role is setup you can use the Sitefull Oauth gem to generate credentials for the Amazon SDK for Ruby https://aws.amazon.com/sdk-for-ruby/
- Configure the provider class:
options = {
client_id: "Amazon Application Client ID",
client_secret: "Amazon Application Client Secret",
role_arn: "IAM Role ARN",
redirect_uri: "One of the Allowed Return URLs for the Amazon Application"
}
provider = Sitefull::Cloud::Auth.new('amazon', options) ;
- Generate the authorization URL and open it in a web browser
provider.authorization_url
- Get the authorization code from the URL and request an access token
provider.authorize!('The code from the URL parameters when you are redirected to the redirect_uri')
- Generate credentials for the AWS SDK for Ruby https://aws.amazon.com/sdk-for-ruby/
credentials = provider.credentials
- Add the credentials to the AWS API client:
client = Aws::EC2::Client.new(region: 'us-east-1', credentials: credentials)
client.describe_instances
Azure
- Setup a new application in Active Directory following the steps described here https://azure.microsoft.com/en-us/documentation/articles/active-directory-integrating-applications/
Once the application is configured you can use the Sitefull Oauth gem to generate credentials for the Microsoft Azure SDK for Ruby https://github.com/Azure/azure-sdk-for-ruby
- Configure the provider class:
options = {
tenant_id: "Your Azure Application Tenant ID",
client_id: "Azure Application Client ID",
client_secret: "Azure Application Client Secret",
redirect_uri: "One of the Reply URLs for the Azure Application"
}
provider = Sitefull::Cloud::Auth.new('azure', options) ;
- Generate the authorization URL and open it in a web browser
provider.authorization_url
- Get the authorization code from the URL and request an access token
provider.authorize!('The code from the URL parameters when you are redirected to the redirect_uri')
- Generate credentials for the Azure SDK for Ruby https://github.com/Azure/azure-sdk-for-ruby
credentials = provider.credentials
- Add the credentials to one of the the Azure API client libraries (Compute, Network, Storage or Resources):
client = Azure::ARM::Resources::ResourceManagementClient.new(credentials)
NOTE You will need to set the client subscription ID before you can query the Azure APIs:
client.subscription_id = 'The desired subscription ID'
client.resources.list.value!
- Setup a new OAuth client ID in the Google developer console https://console.developers.google.com/apis/credentials
Once the OAuth application is configured you can use the Sitefull Oauth gem to generate credentials for the Google API Client https://github.com/google/google-api-ruby-client
- Configure the provider class:
options = {
client_id: "Google OAuth Client ID",
client_secret: "Google OAuth Client Secret",
redirect_uri: "One of the Authorized redirect URIs"
}
provider = Sitefull::Cloud::Auth.new('google', options) ;
- Generate the authorization URL and open it in a web browser
provider.authorization_url
- Get the authorization code from the URL and request an access token
provider.authorize!('The code from the URL parameters when you are redirected to the redirect_uri')
- Generate credentials for the Google API Client https://github.com/google/google-api-ruby-client
credentials = provider.credentials
- Add the credentials to the Google API client you want to use
require 'google/apis/compute_v1'
client = Google::Apis::ComputeV1.new
client.authorization = credentials
client.list_images('A project the authenticated user can access')
Providers
If you already have obtained a token for one of the providers you can use Sitefull::Cloud::Provider
to perform basic operations.
provider = Sitefull::Cloud::Provider.new(:amazon, token: token, region: 'us-east-1')
provider.regions # Returns a list of regions
provider.machine_types(region) # Returns a list of regions
....
Development
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Testing
To mock the provider APIs just add the following to your rails_helper.rb
or spec_helper.rb
file:
Sitefull::Cloud.mock!
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/stanchino/sitefull-cloud. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
License
The gem is available as open source under the terms of the MIT License.