def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!", wanted=template, available=available, meta=meta)
val = MergedOptions.using(meta.everything['templates'][template], val)
formatted_string = sb.formatted(sb.string_spec(), MergedOptionStringFormatter, expected_type=six.string_types)
role_name = meta.key_names()['_key_name_0']
original_permission = sb.listof(permission_dict()).normalise(meta.at("permission"), NotSpecified if "permission" not in val else val["permission"])
deny_permission = sb.listof(permission_dict(effect='Deny')).normalise(meta.at("deny_permission"), NotSpecified if "deny_permission" not in val else val["deny_permission"])
allow_permission = sb.listof(permission_dict(effect='Allow')).normalise(meta.at("allow_permission"), NotSpecified if "allow_permission" not in val else val["allow_permission"])
allow_to_assume_me = sb.listof(trust_dict("principal")).normalise(meta.at("allow_to_assume_me"), val.get("allow_to_assume_me", NotSpecified))
disallow_to_assume_me = sb.listof(trust_dict("notprincipal")).normalise(meta.at("disallow_to_assume_me"), val.get("disallow_to_assume_me", NotSpecified))
val = val.wrapped()
val['trust'] = allow_to_assume_me + disallow_to_assume_me
val['permission'] = original_permission + deny_permission + allow_permission
return sb.create_spec(Role
, name = sb.overridden(role_name)
, description = formatted_string
, trust = sb.container_spec(Document, sb.listof(trust_statement_spec('role', role_name)))
, permission = sb.container_spec(Document, sb.listof(permission_statement_spec('role', role_name)))
, make_instance_profile = sb.defaulted(sb.boolean(), False)
).normalise(meta, val)
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!",
wanted=template,
available=available,
meta=meta)
val = MergedOptions.using(meta.everything['templates'][template],
val)
formatted_string = sb.formatted(sb.string_spec(),
MergedOptionStringFormatter,
expected_type=six.string_types)
role_name = meta.key_names()['_key_name_0']
original_permission = sb.listof(permission_dict()).normalise(
meta.at("permission"),
NotSpecified if "permission" not in val else val["permission"])
deny_permission = sb.listof(permission_dict(effect='Deny')).normalise(
meta.at("deny_permission"), NotSpecified
if "deny_permission" not in val else val["deny_permission"])
allow_permission = sb.listof(
permission_dict(effect='Allow')).normalise(
meta.at("allow_permission"), NotSpecified
if "allow_permission" not in val else val["allow_permission"])
allow_to_assume_me = sb.listof(trust_dict("principal")).normalise(
meta.at("allow_to_assume_me"),
val.get("allow_to_assume_me", NotSpecified))
disallow_to_assume_me = sb.listof(
trust_dict("notprincipal")).normalise(
meta.at("disallow_to_assume_me"),
val.get("disallow_to_assume_me", NotSpecified))
if not allow_to_assume_me and not disallow_to_assume_me:
raise BadSpecValue(
"Roles must have either allow_to_assume_me or disallow_to_assume_me specified",
meta=meta)
val = val.wrapped()
val['trust'] = allow_to_assume_me + disallow_to_assume_me
val['permission'] = original_permission + deny_permission + allow_permission
return sb.create_spec(
Role,
name=sb.overridden(role_name),
description=formatted_string,
attached_policies=sb.listof(formatted_string),
trust=sb.container_spec(
Document, sb.listof(trust_statement_spec('role', role_name))),
permission=sb.container_spec(
Document,
sb.listof(permission_statement_spec('role', role_name))),
make_instance_profile=sb.defaulted(sb.boolean(),
False)).normalise(meta, val)
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!", wanted=template, available=available, meta=meta)
val = MergedOptions.using(meta.everything['templates'][template], val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(), MergedOptionStringFormatter, expected_type=six.string_types)
bucket_name = meta.key_names()['_key_name_0']
original_permission = sb.listof(resource_policy_dict()).normalise(meta.at("permission"), NotSpecified if "permission" not in val else val["permission"])
deny_permission = sb.listof(resource_policy_dict(effect='Deny')).normalise(meta.at("deny_permission"), NotSpecified if "deny_permission" not in val else val["deny_permission"])
allow_permission = sb.listof(resource_policy_dict(effect='Allow')).normalise(meta.at("allow_permission"), NotSpecified if "allow_permission" not in val else val["allow_permission"])
# require_mfa_to_delete is an alias for this permission
if val.get("require_mfa_to_delete") is True:
delete_policy = {"action": "s3:DeleteBucket", "resource": { "s3": "__self__" }, "Condition": { "Bool": { "aws:MultiFactorAuthPresent": True } } }
normalised_delete_policy = resource_policy_dict(effect='Allow').normalise(meta.at("require_mfa_to_delete"), delete_policy)
allow_permission.append(normalised_delete_policy)
val = val.wrapped()
val['permission'] = original_permission + deny_permission + allow_permission
return sb.create_spec(Bucket
, acl = sb.defaulted(sb.match_spec((six.string_types, canned_acl_spec()), (dict, acl_statement_spec('acl', 'acl'))), None)
, name = sb.overridden(bucket_name)
, location = sb.defaulted(formatted_string, None)
, permission = sb.container_spec(Document, sb.listof(resource_policy_statement_spec('bucket', bucket_name)))
, tags = sb.dictof(sb.string_spec(), formatted_string)
, website = sb.defaulted(website_statement_spec("website", "website"), None)
, logging = sb.defaulted(logging_statement_spec("logging", "logging"), None)
, lifecycle = sb.defaulted(sb.listof(lifecycle_statement_spec("lifecycle", "lifecycle")), None)
).normalise(meta, val)
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!", wanted=template, available=available, meta=meta)
val = MergedOptions.using(meta.everything['templates'][template], val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(), MergedOptionStringFormatter, expected_type=six.string_types)
key_name = meta.key_names()['_key_name_0']
key = sb.create_spec(EncryptionKey
, name = sb.overridden(key_name)
, location = sb.required(formatted_string)
, description = formatted_string
, grant = sb.listof(grant_statement_spec('key', key_name))
, admin_users = sb.listof(sb.any_spec())
, permission = sb.listof(sb.dictionary_spec())
, no_root_access = sb.defaulted(sb.boolean(), False)
).normalise(meta, val)
statements = key.permission
if not key.no_root_access:
statements.append({"principal": {"iam": "root"}, "action": "kms:*", "resource": "*", "Sid": ""})
if key.admin_users:
for admin_user in key.admin_users:
statements.append({"principal": admin_user, "action": "kms:*", "resource": { "kms": "__self__" }, "Sid": ""})
key.policy = sb.container_spec(Document, sb.listof(resource_policy_statement_spec('key', key_name))).normalise(meta.at("admin_users"), statements)
return key
def normalise(self, meta, val):
if "use" in val:
template = val["use"]
if template not in meta.everything["templates"]:
available = list(meta.everything["templates"].keys())
raise BadTemplate("Template doesn't exist!", wanted=template, available=available, meta=meta)
val = MergedOptions.using(meta.everything["templates"][template], val)
formatted_string = sb.formatted(
sb.string_or_int_as_string_spec(), MergedOptionStringFormatter, expected_type=six.string_types
)
key_name = meta.key_names()["_key_name_0"]
key = sb.create_spec(
EncryptionKey,
name=sb.overridden(key_name),
location=sb.required(formatted_string),
description=formatted_string,
grant=sb.listof(grant_statement_spec("key", key_name)),
admin_users=sb.listof(sb.any_spec()),
).normalise(meta, val)
statements = [{"principal": {"iam": "root"}, "action": "kms:*", "resource": "*", "Sid": ""}]
if key.admin_users:
for admin_user in key.admin_users:
statements.append(
{"principal": admin_user, "action": "kms:*", "resource": {"kms": "__self__"}, "Sid": ""}
)
key.policy = sb.container_spec(Document, sb.listof(resource_policy_statement_spec("key", key_name))).normalise(
meta.at("admin_users"), statements
)
return key
def authentications_spec(self):
"""Spec for a group of authentication options"""
return container_spec(authentication_objs.Authentication
, dictof(string_spec(), set_options(
reading = optional_spec(authentication_spec())
, writing = optional_spec(authentication_spec())
)
)
)
def authentications_spec(self):
"""Spec for a group of authentication options"""
return optional_spec(
container_spec(
authentication_objs.Authentication,
dictof(
string_spec(),
set_options(reading=optional_spec(authentication_spec()),
writing=optional_spec(
authentication_spec())))))
def normalise(self, meta, val):
from harpoon.option_spec.harpoon_specs import HarpoonSpec
formatted_string = sb.formatted(sb.string_spec(), formatter=MergedOptionStringFormatter)
val = sb.apply_validators(meta, val, [validators.either_keys(["context"], ["content"], ["get"], ["formatted"])])
if "get" in val:
val = sb.create_spec(CommandAddExtra
, get = sb.required(sb.listof(formatted_string))
, prefix = sb.optional_spec(sb.string_spec())
).normalise(meta, val)
if "context" in val:
val = sb.create_spec(CommandContextAdd
, validators.deprecated_key("mtime", "Since docker 1.8, timestamps no longer invalidate the docker layer cache")
, dest = sb.required(formatted_string)
, context = sb.required(HarpoonSpec().context_spec)
).normalise(meta, val)
if "formatted" in val:
val = sb.create_spec(CommandContentAdd
, validators.deprecated_key("mtime", "Since docker 1.8, timestamps no longer invalidate the docker layer cache")
, dest = sb.required(formatted_string)
, content = sb.overridden(sb.NotSpecified)
, formatted = sb.container_spec(CommandContentAddString, formatted_string)
).normalise(meta, val)
if "content" in val:
val = sb.create_spec(CommandContentAdd
, validators.deprecated_key("mtime", "Since docker 1.8, timestamps no longer invalidate the docker layer cache")
, dest = sb.required(formatted_string)
, content = sb.match_spec(
(six.string_types, sb.container_spec(CommandContentAddString, sb.string_spec()))
, fallback = complex_ADD_from_image_spec()
)
).normalise(meta, val)
return list(val.commands(meta))
def normalise(self, meta, val):
from harpoon.option_spec.harpoon_specs import HarpoonSpec
formatted_string = sb.formatted(sb.string_spec(), formatter=MergedOptionStringFormatter)
val = sb.apply_validators(meta, val, [validators.either_keys(["context"], ["content"], ["get"], ["formatted"])])
if "get" in val:
val = sb.create_spec(CommandAddExtra
, get = sb.required(sb.listof(formatted_string))
, prefix = sb.optional_spec(sb.string_spec())
).normalise(meta, val)
if "context" in val:
val = sb.create_spec(CommandContextAdd
, dest = sb.required(formatted_string)
, mtime = sb.optional_spec(sb.integer_spec())
, context = sb.required(HarpoonSpec().context_spec)
).normalise(meta, val)
if "formatted" in val:
val = sb.create_spec(CommandContentAdd
, dest = sb.required(formatted_string)
, mtime = sb.optional_spec(sb.integer_spec())
, content = sb.overridden(sb.NotSpecified)
, formatted = sb.container_spec(CommandContentAddString, formatted_string)
).normalise(meta, val)
if "content" in val:
val = sb.create_spec(CommandContentAdd
, dest = sb.required(formatted_string)
, mtime = sb.optional_spec(sb.integer_spec())
, content = sb.match_spec(
(six.string_types, sb.container_spec(CommandContentAddString, sb.string_spec()))
, fallback = complex_ADD_from_image_spec()
)
).normalise(meta, val)
return list(val.commands(meta))
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!",
wanted=template,
available=available,
meta=meta)
val = MergedOptions.using(meta.everything['templates'][template],
val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(),
MergedOptionStringFormatter,
expected_type=six.string_types)
bucket_name = meta.key_names()['_key_name_0']
original_permission = sb.listof(resource_policy_dict()).normalise(
meta.at("permission"),
NotSpecified if "permission" not in val else val["permission"])
deny_permission = sb.listof(
resource_policy_dict(effect='Deny')).normalise(
meta.at("deny_permission"), NotSpecified
if "deny_permission" not in val else val["deny_permission"])
allow_permission = sb.listof(
resource_policy_dict(effect='Allow')).normalise(
meta.at("allow_permission"), NotSpecified
if "allow_permission" not in val else val["allow_permission"])
val = val.wrapped()
val['permission'] = original_permission + deny_permission + allow_permission
return sb.create_spec(
Bucket,
name=sb.overridden(bucket_name),
location=sb.required(formatted_string),
permission=sb.container_spec(
Document,
sb.listof(resource_policy_statement_spec(
'bucket', bucket_name))),
tags=sb.dictof(sb.string_spec(),
formatted_string)).normalise(meta, val)
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!", wanted=template, available=available, meta=meta)
val = MergedOptions.using(meta.everything['templates'][template], val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(), MergedOptionStringFormatter, expected_type=six.string_types)
bucket_name = meta.key_names()['_key_name_0']
original_permission = sb.listof(resource_policy_dict()).normalise(meta.at("permission"), NotSpecified if "permission" not in val else val["permission"])
deny_permission = sb.listof(resource_policy_dict(effect='Deny')).normalise(meta.at("deny_permission"), NotSpecified if "deny_permission" not in val else val["deny_permission"])
allow_permission = sb.listof(resource_policy_dict(effect='Allow')).normalise(meta.at("allow_permission"), NotSpecified if "allow_permission" not in val else val["allow_permission"])
val = val.wrapped()
val['permission'] = original_permission + deny_permission + allow_permission
return sb.create_spec(Bucket
, name = sb.overridden(bucket_name)
, location = sb.required(formatted_string)
, permission = sb.container_spec(Document, sb.listof(resource_policy_statement_spec('bucket', bucket_name)))
, tags = sb.dictof(sb.string_spec(), formatted_string)
).normalise(meta, val)
def __register__():
return {(22, "lambda"): sb.container_spec(Lambdas, sb.dictof(sb.string_spec(), lambdas_spec()))}
def __register__():
return {
(99, "apigateway"):
sb.container_spec(Gateways, sb.dictof(sb.string_spec(),
gateways_spec()))
}
def __register__():
return {
(21, "roles"):
sb.container_spec(Roles, sb.dictof(sb.string_spec(), role_spec()))
}
normalise = mock.Mock(name="normalise", return_value=normalised)
with mock.patch.object(cs.complex_ADD_spec, "normalise", normalise):
result = self.spec.normalise(self.meta, command)
self.assertEqual(result, normalised)
normalise.assert_called_once_with(self.meta.at("ADD"), val)
it "complains if the key isn't ADD":
actual_error = BadSpecValue("Expected the value to be one of the valid choices", choices=("ADD", ), got="blah", meta=self.meta.at("blah"))
with self.fuzzyAssertRaisesError(BadSpecValue, meta=self.meta, _errors=[BadSpecValue("Failed to validate", meta=self.meta.at("blah"), _errors=[actual_error])]):
self.spec.normalise(self.meta, {"blah": {"content": "blah", "dest": "somewhere"}})
describe CommandCase, "command_spec":
before_each:
self.spec = sb.container_spec(Commands, sb.listof(cs.command_spec()))
it "works":
content = self.unique_val()
blah_image = self.unique_val()
md5 = hashlib.md5(json.dumps({"content": content}).encode('utf-8')).hexdigest()
md52 = hashlib.md5(json.dumps({"content": {"image": "blah2", "path": "/tmp/stuff"}}, sort_keys=True).encode("utf-8")).hexdigest()
everything = MergedOptions.using(
{ "mtime": lambda ctxt: 1430660297, "one": 1, "two": 2, "three": 3, "harpoon": self.harpoon, "config_root": "."
, "images":
{ "blah": blah_image
, "blah2": mock.Mock(name="blah2", image_name="blah2")
}
}
)
def __register__():
return {(80, "buckets"): sb.container_spec(Buckets, sb.dictof(sb.string_spec(), buckets_spec()))}
def __register__():
return {
(10, "encryption_keys"): sb.container_spec(EncryptionKeys, sb.dictof(sb.string_spec(), encryption_keys_spec()))
}
def __register__():
return {
(80, "buckets"):
sb.container_spec(Buckets, sb.dictof(sb.string_spec(), buckets_spec()))
}
spec = complex_ADD_spec()
else:
spec = complex_COPY_spec()
result = []
for val in spec.normalise(meta.at(items[0]), items[1]):
if isinstance(val, Command):
result.append(val)
else:
result.extend(val)
return result
class has_a_space(validators.Validator):
def validate(self, meta, val):
if ' ' not in val:
raise BadOption("Expected string to have a space (<ACTION> <COMMAND>)", meta=meta, got=val)
return val
string_command_spec = lambda: sb.container_spec(Command, sb.valid_string_spec(has_a_space()))
# The main spec
# We match against, strings, lists, dictionaries and Command objects with different specs
command_spec = lambda: sb.match_spec(
(six.string_types, string_command_spec())
, (list, array_command_spec())
, (dict, convert_dict_command_spec())
, (Command, sb.any_spec())
)
def image_spec(self):
"""Spec for each image"""
from harpoon.option_spec import image_specs as specs
from harpoon.option_spec import image_objs
class persistence_shell_spec(Spec):
"""Make the persistence shell default to the shell on the image"""
def normalise(self, meta, val):
shell = defaulted(string_spec(), "/bin/bash").normalise(meta, meta.everything[["images", meta.key_names()["_key_name_2"]]].get("shell", NotSpecified))
shell = defaulted(formatted(string_spec(), formatter=MergedOptionStringFormatter), shell).normalise(meta, val)
return shell
return create_spec(image_objs.Image
, validators.deprecated_key("persistence", "The persistence feature has been removed")
, validators.deprecated_key("squash_after", "The squash feature has been removed")
, validators.deprecated_key("squash_before_push", "The squash feature has been removed")
# Changed how volumes_from works
, validators.deprecated_key("volumes_from", "Use ``volumes.share_with``")
# Deprecated link
, validators.deprecated_key("link", "Use ``links``")
# Harpoon options
, harpoon = any_spec()
# default the name to the key of the image
, tag = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, name = formatted(defaulted(string_spec(), "{_key_name_1}"), formatter=MergedOptionStringFormatter)
, key_name = formatted(overridden("{_key_name_1}"), formatter=MergedOptionStringFormatter)
, image_name = optional_spec(string_spec())
, image_index = formatted(defaulted(string_spec(), ""), formatter=MergedOptionStringFormatter)
, container_name = optional_spec(string_spec())
, image_name_prefix = defaulted(string_spec(), "")
, no_tty_option = defaulted(formatted(boolean(), formatter=MergedOptionStringFormatter), False)
, user = defaulted(string_spec(), None)
, configuration = any_spec()
, vars = dictionary_spec()
, assume_role = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, deleteable_image = defaulted(boolean(), False)
, authentication = self.authentications_spec
# The spec itself
, shell = defaulted(formatted(string_spec(), formatter=MergedOptionStringFormatter), "/bin/bash")
, bash = delayed(optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter)))
, command = delayed(optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter)))
, commands = required(container_spec(Commands, listof(command_spec())))
, cache_from = delayed(or_spec(boolean(), listof(formatted(string_spec(), formatter=MergedOptionStringFormatter))))
, cleanup_intermediate_images = defaulted(boolean(), True)
, links = listof(specs.link_spec(), expect=image_objs.Link)
, context = self.context_spec
, wait_condition = optional_spec(self.wait_condition_spec)
, lxc_conf = defaulted(filename_spec(), None)
, volumes = create_spec(image_objs.Volumes
, mount = listof(specs.mount_spec(), expect=image_objs.Mount)
, share_with = listof(formatted(string_spec(), MergedOptionStringFormatter, expected_type=image_objs.Image))
)
, dependency_options = dictof(specs.image_name_spec()
, create_spec(image_objs.DependencyOptions
, attached = defaulted(boolean(), False)
, wait_condition = optional_spec(self.wait_condition_spec)
)
)
, env = listof(specs.env_spec(), expect=image_objs.Environment)
, ports = listof(specs.port_spec(), expect=image_objs.Port)
, ulimits = defaulted(listof(dictionary_spec()), None)
, log_config = defaulted(listof(dictionary_spec()), None)
, security_opt = defaulted(listof(string_spec()), None)
, read_only_rootfs = defaulted(boolean(), False)
, other_options = create_spec(other_options
, start = dictionary_spec()
, build = dictionary_spec()
, create = dictionary_spec()
, host_config = dictionary_spec()
)
, network = create_spec(image_objs.Network
, dns = defaulted(listof(string_spec()), None)
, mode = defaulted(string_spec(), None)
, hostname = defaulted(string_spec(), None)
, domainname = defaulted(string_spec(), None)
, disabled = defaulted(boolean(), False)
, dns_search = defaulted(listof(string_spec()), None)
, extra_hosts = listof(string_spec())
, network_mode = defaulted(string_spec(), None)
, publish_all_ports = defaulted(boolean(), False)
)
, cpu = create_spec(image_objs.Cpu
, cap_add = defaulted(listof(string_spec()), None)
, cpuset_cpus = defaulted(string_spec(), None)
, cpuset_mems = defaulted(string_spec(), None)
, cap_drop = defaulted(listof(string_spec()), None)
, mem_limit = defaulted(integer_spec(), 0)
, cpu_shares = defaulted(integer_spec(), None)
, memswap_limit = defaulted(integer_spec(), 0)
)
, devices = defaulted(listof(dictionary_spec()), None)
, privileged = defaulted(boolean(), False)
, restart_policy = defaulted(string_spec(), None)
)
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!",
wanted=template,
available=available,
meta=meta)
val = MergedOptions.using(meta.everything['templates'][template],
val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(),
MergedOptionStringFormatter,
expected_type=six.string_types)
bucket_name = meta.key_names()['_key_name_0']
original_permission = sb.listof(resource_policy_dict()).normalise(
meta.at("permission"),
NotSpecified if "permission" not in val else val["permission"])
deny_permission = sb.listof(
resource_policy_dict(effect='Deny')).normalise(
meta.at("deny_permission"), NotSpecified
if "deny_permission" not in val else val["deny_permission"])
allow_permission = sb.listof(
resource_policy_dict(effect='Allow')).normalise(
meta.at("allow_permission"), NotSpecified
if "allow_permission" not in val else val["allow_permission"])
# require_mfa_to_delete is an alias for this permission
if val.get("require_mfa_to_delete") is True:
delete_policy = {
"action": "s3:DeleteBucket",
"resource": {
"s3": "__self__"
},
"Condition": {
"Bool": {
"aws:MultiFactorAuthPresent": True
}
}
}
normalised_delete_policy = resource_policy_dict(
effect='Allow').normalise(meta.at("require_mfa_to_delete"),
delete_policy)
allow_permission.append(normalised_delete_policy)
val = val.wrapped()
val['permission'] = original_permission + deny_permission + allow_permission
return sb.create_spec(
Bucket,
acl=sb.defaulted(
sb.match_spec((six.string_types, canned_acl_spec()),
(dict, acl_statement_spec('acl', 'acl'))), None),
name=sb.overridden(bucket_name),
location=sb.defaulted(formatted_string, None),
permission=sb.container_spec(
Document,
sb.listof(resource_policy_statement_spec(
'bucket', bucket_name))),
tags=sb.dictof(sb.string_spec(), formatted_string),
website=sb.defaulted(website_statement_spec("website", "website"),
None),
logging=sb.defaulted(logging_statement_spec("logging", "logging"),
None),
lifecycle=sb.defaulted(
sb.listof(lifecycle_statement_spec("lifecycle", "lifecycle")),
None)).normalise(meta, val)
def __register__():
return {(10, "encryption_keys"): sb.container_spec(EncryptionKeys, sb.dictof(sb.string_spec(), encryption_keys_spec()))}
def __register__():
return {
(100, "dns"):
sb.container_spec(DNSRoutes, sb.dictof(sb.string_spec(), route_spec()))
}
def stack_spec(self):
"""Spec for each stack"""
return create_spec(
stack_objs.Stack,
validators.deprecated_key(
"url_checker", "Use ``confirm_deployment.url_checker1``"),
validators.deprecated_key(
"deploys_s3_path",
"Use ``confirm_deployment.deploys_s3_path``"),
validators.deprecated_key(
"sns_confirmation",
"Use ``confirm_deployment.sns_confirmation``"),
validators.deprecated_key("autoscaling_group_id",
"Use ``auto_scaling_group_name``"),
validators.deprecated_key(
"instance_count_limit",
"Use ``scaling_options.instance_count_limit``"),
bespin=any_spec(),
name=formatted(defaulted(string_spec(), "{_key_name_1}"),
formatter=MergedOptionStringFormatter),
key_name=formatted(overridden("{_key_name_1}"),
formatter=MergedOptionStringFormatter),
stack_name=formatted(defaulted(string_spec(), "{_key_name_1}"),
formatter=MergedOptionStringFormatter),
environment=formatted(overridden("{environment}"),
formatter=MergedOptionStringFormatter),
env=listof(stack_specs.env_spec(),
expect=stack_objs.EnvironmentVariable),
build_env=listof(stack_specs.env_spec(),
expect=stack_objs.EnvironmentVariable),
stack_name_env=listof(stack_specs.env_spec(),
expect=stack_objs.EnvironmentVariable),
tags=self.tags_spec,
termination_protection=defaulted(boolean(), False),
stack_json=valid_stack_json(
default="{config_root}/{_key_name_1}.json"),
stack_yaml=valid_stack_yaml(
default="{config_root}/{_key_name_1}.yaml"),
params_json=valid_params_json(
default="{config_root}/{environment}/{_key_name_1}-params.json"
),
params_yaml=valid_params_yaml(
default="{config_root}/{environment}/{_key_name_1}-params.yaml"
),
stack_policy=valid_policy_json(
default="{config_root}/{_key_name_1}-policy.json"),
role_name=formatted(string_spec(),
formatter=MergedOptionStringFormatter),
build_first=listof(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
build_after=listof(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
build_timeout=defaulted(integer_spec(), 1200),
ignore_deps=defaulted(boolean(), False),
vars=delayed(
dictof(string_spec(), stack_specs.var_spec(), nested=True)),
skip_update_if_equivalent=listof(stack_specs.skipper_spec()),
suspend_actions=defaulted(boolean(), False),
auto_scaling_group_name=optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
artifact_retention_after_deployment=defaulted(boolean(), False),
command=optional_spec(string_spec()),
netscaler=optional_spec(self.netscaler_spec),
notify_stackdriver=defaulted(boolean(), False),
stackdriver=optional_spec(
create_spec(
stack_objs.Stackdriver,
api_key=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
deployment_version=defaulted(
formatted(string_spec(),
formatter=MergedOptionStringFormatter),
"<version>"))),
dns=optional_spec(
stack_specs.dns_spec(
create_spec(
stack_objs.DNS,
vars=dictof(
string_spec(),
formatted(string_spec(),
formatter=MergedOptionStringFormatter),
nested=True),
providers=dictof(string_spec(),
stack_specs.dns_provider_spec()),
sites=delayed(
dictof(string_spec(),
stack_specs.dns_site_spec()))))),
scaling_options=create_spec(
ScalingOptions,
highest_min=defaulted(integer_spec(), 2),
instance_count_limit=defaulted(integer_spec(), 10)),
artifacts=container_spec(
artifact_objs.ArtifactCollection,
dictof(
string_spec(),
create_spec(
artifact_objs.Artifact,
not_created_here=defaulted(boolean(), False),
compression_type=string_choice_spec(["gz", "xz"]),
history_length=integer_spec(),
cleanup_prefix=optional_spec(string_spec()),
upload_to=formatted(
string_spec(),
formatter=MergedOptionStringFormatter),
commands=listof(stack_specs.artifact_command_spec(),
expect=artifact_objs.ArtifactCommand),
paths=listof(stack_specs.artifact_path_spec(),
expect=artifact_objs.ArtifactPath),
files=listof(
create_spec(
artifact_objs.ArtifactFile,
validators.has_either(["content", "task"]),
content=optional_spec(
formatted(
string_spec(),
formatter=MergedOptionStringFormatter)
),
task=optional_spec(
formatted(
string_spec(),
formatter=MergedOptionStringFormatter)
),
path=formatted(
string_spec(),
formatter=MergedOptionStringFormatter),
task_runner=formatted(
always_same_spec("{task_runner}"),
formatter=MergedOptionStringFormatter)))))
),
newrelic=optional_spec(
create_spec(
stack_objs.NewRelic,
api_key=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
account_id=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
application_id=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
env=listof(stack_specs.env_spec(),
expect=stack_objs.EnvironmentVariable),
deployed_version=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)))),
downtimer_options=optional_spec(
dictof(
valid_string_spec(valid_alerting_system()),
create_spec(
stack_objs.DowntimerOptions,
hosts=listof(
formatted(
string_spec(),
formatter=MergedOptionStringFormatter))))),
alerting_systems=optional_spec(
dictof(string_spec(), self.alerting_system_spec)),
ssh=optional_spec(
create_spec(
stack_objs.SSH,
validators.deprecated_key(
"autoscaling_group_id",
"Use ``auto_scaling_group_name``"),
user=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
bastion=optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
bastion_user=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
bastion_key_location=optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
instance_key_location=optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
address=optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
instance=optional_spec(
listof(
formatted(string_spec(),
formatter=MergedOptionStringFormatter))),
auto_scaling_group_name=optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
bastion_key_path=formatted(
defaulted(
string_spec(),
"{config_root}/{environment}/bastion_ssh_key.pem"),
formatter=MergedOptionStringFormatter),
instance_key_path=formatted(
defaulted(string_spec(),
"{config_root}/{environment}/ssh_key.pem"),
formatter=MergedOptionStringFormatter),
storage_type=formatted(
defaulted(string_choice_spec(["url", "rattic"]),
"url"),
formatter=MergedOptionStringFormatter),
storage_host=optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)))),
confirm_deployment=optional_spec(self.confirm_deployment_spec))
def image_spec(self):
"""Spec for each image"""
from harpoon.option_spec import image_specs as specs
from harpoon.option_spec import image_objs
return create_spec(
image_objs.Image
# Change the context options
,
validators.deprecated_key("exclude_context",
"Use ``context.exclude``"),
validators.deprecated_key("use_git_timestamps",
"Use ``context.use_git_timestamps``"),
validators.deprecated_key("respect_gitignore",
"Use ``context.use_gitignore``"),
validators.deprecated_key("parent_dir",
"Use ``context.parent_dir``")
# Changed how volumes_from works
,
validators.deprecated_key("volumes_from",
"Use ``volumes.share_with``")
# Deprecated link
,
validators.deprecated_key("link", "Use ``links``")
# Harpoon options
,
harpoon=any_spec()
# default the name to the key of the image
,
name=formatted(defaulted(string_spec(), "{_key_name_1}"),
formatter=MergedOptionStringFormatter),
key_name=formatted(overridden("{_key_name_1}"),
formatter=MergedOptionStringFormatter),
image_name=optional_spec(string_spec()),
image_index=defaulted(string_spec(), ""),
container_name=optional_spec(string_spec()),
image_name_prefix=defaulted(string_spec(), ""),
user=defaulted(string_spec(), None),
mtime=defaulted(any_spec(), time.time()),
configuration=any_spec(),
vars=dictionary_spec(),
deleteable_image=defaulted(boolean(), False)
# The spec itself
,
bash=delayed(
optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter))),
command=delayed(
optional_spec(
formatted(string_spec(),
formatter=MergedOptionStringFormatter))),
commands=required(container_spec(Commands,
listof(command_spec()))),
squash_after=optional_spec(
or_spec(boolean(),
container_spec(Commands, listof(command_spec())))),
squash_before_push=optional_spec(
or_spec(boolean(),
container_spec(Commands, listof(command_spec())))),
recursive=optional_spec(
create_spec(
image_objs.Recursive,
action=required(
formatted(string_spec(),
formatter=MergedOptionStringFormatter)),
persist=required(
listof(
formatted(string_spec(),
formatter=MergedOptionStringFormatter))),
image_name=delayed(
many_format(
overridden("images.{_key_name_2}.image_name"),
formatter=MergedOptionStringFormatter)))),
links=listof(specs.link_spec(), expect=image_objs.Link),
context=self.context_spec,
wait_condition=optional_spec(self.wait_condition_spec),
lxc_conf=defaulted(filename_spec(), None),
volumes=create_spec(image_objs.Volumes,
mount=listof(specs.mount_spec(),
expect=image_objs.Mount),
share_with=listof(
formatted(
string_spec(),
MergedOptionStringFormatter,
expected_type=image_objs.Image))),
dependency_options=dictof(
specs.image_name_spec(),
create_spec(image_objs.DependencyOptions,
attached=defaulted(boolean(), False),
wait_condition=optional_spec(
self.wait_condition_spec))),
env=listof(specs.env_spec(), expect=image_objs.Environment),
ports=listof(specs.port_spec(), expect=image_objs.Port),
ulimits=defaulted(listof(dictionary_spec()), None),
log_config=defaulted(listof(dictionary_spec()), None),
security_opt=defaulted(listof(string_spec()), None),
read_only_rootfs=defaulted(boolean(), False),
other_options=create_spec(other_options,
start=dictionary_spec(),
build=dictionary_spec(),
create=dictionary_spec(),
host_config=dictionary_spec()),
network=create_spec(image_objs.Network,
dns=defaulted(listof(string_spec()), None),
mode=defaulted(string_spec(), None),
hostname=defaulted(string_spec(), None),
domainname=defaulted(string_spec(), None),
disabled=defaulted(boolean(), False),
dns_search=defaulted(listof(string_spec()),
None),
extra_hosts=listof(string_spec()),
network_mode=defaulted(string_spec(), None),
publish_all_ports=defaulted(boolean(), False)),
cpu=create_spec(image_objs.Cpu,
cap_add=defaulted(boolean(), None),
cpuset=defaulted(listof(string_spec()), None),
cap_drop=defaulted(boolean(), None),
mem_limit=defaulted(integer_spec(), 0),
cpu_shares=defaulted(integer_spec(), None),
memswap_limit=defaulted(integer_spec(), 0)),
devices=defaulted(listof(dictionary_spec()), None),
privileged=defaulted(boolean(), False),
restart_policy=defaulted(string_spec(), None))
def __register__():
return {
(22, "lambda"):
sb.container_spec(Lambdas, sb.dictof(sb.string_spec(), lambdas_spec()))
}
if isinstance(val, Command):
result.append(val)
else:
result.extend(val)
return result
class has_a_space(validators.Validator):
def validate(self, meta, val):
if ' ' not in val:
raise BadOption(
"Expected string to have a space (<ACTION> <COMMAND>)",
meta=meta,
got=val)
return val
string_command_spec = lambda: sb.container_spec(
Command, sb.valid_string_spec(has_a_space()))
# Only support ADD commands for the dictionary representation atm
dict_key = sb.valid_string_spec(validators.choice("ADD"))
dictionary_command_spec = lambda: convert_dict_command_spec(
sb.dictof(dict_key, complex_ADD_spec()))
# The main spec
# We match against, strings, lists, dictionaries and Command objects with different specs
command_spec = lambda: sb.match_spec(
(six.string_types, string_command_spec()), (list, array_command_spec()),
(dict, dictionary_command_spec()), (Command, sb.any_spec()))
def __register__():
return {(21, "roles"): sb.container_spec(Roles, sb.dictof(sb.string_spec(), role_spec()))}
def image_spec(self):
"""Spec for each image"""
from harpoon.option_spec import image_specs as specs
from harpoon.option_spec import image_objs
return create_spec(
image_objs.Image
# Change the context options
,
validators.deprecated_key("exclude_context", "Use ``context.exclude``"),
validators.deprecated_key("use_git_timestamps", "Use ``context.use_git_timestamps``"),
validators.deprecated_key("respect_gitignore", "Use ``context.use_gitignore``"),
validators.deprecated_key("parent_dir", "Use ``context.parent_dir``"),
validators.deprecated_key("recursive", "Use ``persistence``")
# Changed how volumes_from works
,
validators.deprecated_key("volumes_from", "Use ``volumes.share_with``")
# Deprecated link
,
validators.deprecated_key("link", "Use ``links``")
# Harpoon options
,
harpoon=any_spec()
# default the name to the key of the image
,
name=formatted(defaulted(string_spec(), "{_key_name_1}"), formatter=MergedOptionStringFormatter),
key_name=formatted(overridden("{_key_name_1}"), formatter=MergedOptionStringFormatter),
image_name=optional_spec(string_spec()),
image_index=defaulted(string_spec(), ""),
container_name=optional_spec(string_spec()),
image_name_prefix=defaulted(string_spec(), ""),
user=defaulted(string_spec(), None),
mtime=defaulted(any_spec(), time.time()),
configuration=any_spec(),
vars=dictionary_spec(),
deleteable_image=defaulted(boolean(), False)
# The spec itself
,
bash=delayed(optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))),
command=delayed(optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))),
commands=required(container_spec(Commands, listof(command_spec()))),
squash_after=optional_spec(or_spec(boolean(), container_spec(Commands, listof(command_spec())))),
squash_before_push=optional_spec(or_spec(boolean(), container_spec(Commands, listof(command_spec())))),
persistence=optional_spec(
create_spec(
image_objs.Persistence,
validators.deprecated_key("persist", "Use ``folders``"),
action=required(formatted(string_spec(), formatter=MergedOptionStringFormatter)),
folders=required(listof(formatted(string_spec(), formatter=MergedOptionStringFormatter))),
cmd=optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter)),
shell=defaulted(formatted(string_spec(), formatter=MergedOptionStringFormatter), "/bin/bash"),
image_name=delayed(
many_format(
overridden("images.{_key_name_2}.image_name"), formatter=MergedOptionStringFormatter
)
),
)
),
links=listof(specs.link_spec(), expect=image_objs.Link),
context=self.context_spec,
wait_condition=optional_spec(self.wait_condition_spec),
lxc_conf=defaulted(filename_spec(), None),
volumes=create_spec(
image_objs.Volumes,
mount=listof(specs.mount_spec(), expect=image_objs.Mount),
share_with=listof(
formatted(string_spec(), MergedOptionStringFormatter, expected_type=image_objs.Image)
),
),
dependency_options=dictof(
specs.image_name_spec(),
create_spec(
image_objs.DependencyOptions,
attached=defaulted(boolean(), False),
wait_condition=optional_spec(self.wait_condition_spec),
),
),
env=listof(specs.env_spec(), expect=image_objs.Environment),
ports=listof(specs.port_spec(), expect=image_objs.Port),
ulimits=defaulted(listof(dictionary_spec()), None),
log_config=defaulted(listof(dictionary_spec()), None),
security_opt=defaulted(listof(string_spec()), None),
read_only_rootfs=defaulted(boolean(), False),
other_options=create_spec(
other_options,
start=dictionary_spec(),
build=dictionary_spec(),
create=dictionary_spec(),
host_config=dictionary_spec(),
),
network=create_spec(
image_objs.Network,
dns=defaulted(listof(string_spec()), None),
mode=defaulted(string_spec(), None),
hostname=defaulted(string_spec(), None),
domainname=defaulted(string_spec(), None),
disabled=defaulted(boolean(), False),
dns_search=defaulted(listof(string_spec()), None),
extra_hosts=listof(string_spec()),
network_mode=defaulted(string_spec(), None),
publish_all_ports=defaulted(boolean(), False),
),
cpu=create_spec(
image_objs.Cpu,
cap_add=defaulted(boolean(), None),
cpuset=defaulted(listof(string_spec()), None),
cap_drop=defaulted(boolean(), None),
mem_limit=defaulted(integer_spec(), 0),
cpu_shares=defaulted(integer_spec(), None),
memswap_limit=defaulted(integer_spec(), 0),
),
devices=defaulted(listof(dictionary_spec()), None),
privileged=defaulted(boolean(), False),
restart_policy=defaulted(string_spec(), None),
)
def __register__():
return {(100, "dns"): sb.container_spec(DNSRoutes, sb.dictof(sb.string_spec(), route_spec()))}
it "complains if given a string without a space":
val = self.unique_val()
with self.fuzzyAssertRaisesError(BadOption, "Expected string to have a space .+", meta=self.meta, got=val):
cs.string_command_spec().normalise(self.meta, val)
it "returns a Command object without formatting":
self.meta.everything = MergedOptions.using({"thing": self.unique_val()})
val = "FROM {thing}"
result = cs.string_command_spec().normalise(self.meta, val)
self.assertEqual(result.action, "FROM")
self.assertEqual(result.command, "{thing}")
self.assertDockerLines(val, ["FROM {thing}"])
describe CommandCase, "command_spec":
before_each:
self.spec = sb.container_spec(Commands, sb.listof(cs.command_spec()))
it "works":
content = self.unique_val()
blah_image = self.unique_val()
md5 = hashlib.md5(json.dumps({"content": content}).encode('utf-8')).hexdigest()
md52 = hashlib.md5(json.dumps({"content": {"image": "blah2", "path": "/tmp/stuff"}}, sort_keys=True).encode("utf-8")).hexdigest()
blah2_image = mock.Mock(name="blah2", image_name="blah2", from_name="somewhere-blah2")
blah3_image = mock.Mock(name="blah3", image_name="blah3", from_name="somewhere-blah3")
everything = MergedOptions.using(
{ "one": 1, "two": 2, "three": 3, "harpoon": self.harpoon, "config_root": "."
, "images":
{ "blah2": blah2_image
, "blah3": blah3_image
def __register__():
return {(99, "apigateway"): sb.container_spec(Gateways, sb.dictof(sb.string_spec(), gateways_spec()))}
from bespin.formatter import MergedOptionStringFormatter
from bespin.errors import BadNetScaler
from input_algorithms.spec_base import Spec, dictof, listof, string_spec, container_spec, match_spec, overridden, formatted, set_options, any_spec, optional_spec
from input_algorithms.spec_base import NotSpecified
from input_algorithms.dictobj import dictobj
import requests
import logging
import json
import six
import re
log = logging.getLogger("bespin.option_spec.netscaler")
netscaler_binding_spec = lambda: container_spec(NetscalerBinding, match_spec(((list, ) + six.string_types, listof(string_spec())), (dict, set_options(tagged=listof(string_spec())))))
class valid_environment_spec(Spec):
def normalise_filled(self, meta, val):
if "environments" not in meta.everything:
raise BespinError("Please specify {environments}")
val = string_spec().normalise(meta, val)
available = list(meta.everything["environments"].keys())
if val not in available:
raise BespinError("Please choose a valid environment", meta=meta, wanted=val, available=available)
return val
class netscaler_config_spec(Spec):
def normalise_filled(self, meta, val):
typ = formatted(overridden("{_key_name_1}"), formatter=MergedOptionStringFormatter).normalise(meta, val)
def stack_spec(self):
"""Spec for each stack"""
return create_spec(stack_objs.Stack
, validators.deprecated_key("url_checker", "Use ``confirm_deployment.url_checker1``")
, validators.deprecated_key("deploys_s3_path", "Use ``confirm_deployment.deploys_s3_path``")
, validators.deprecated_key("sns_confirmation", "Use ``confirm_deployment.sns_confirmation``")
, validators.deprecated_key("autoscaling_group_id", "Use ``auto_scaling_group_name``")
, validators.deprecated_key("instance_count_limit", "Use ``scaling_options.instance_count_limit``")
, bespin = any_spec()
, name = formatted(defaulted(string_spec(), "{_key_name_1}"), formatter=MergedOptionStringFormatter)
, key_name = formatted(overridden("{_key_name_1}"), formatter=MergedOptionStringFormatter)
, stack_name = formatted(defaulted(string_spec(), "{_key_name_1}"), formatter=MergedOptionStringFormatter)
, environment = formatted(overridden("{environment}"), formatter=MergedOptionStringFormatter)
, env = listof(stack_specs.env_spec(), expect=stack_objs.Environment)
, build_env = listof(stack_specs.env_spec(), expect=stack_objs.Environment)
, stack_name_env = listof(stack_specs.env_spec(), expect=stack_objs.Environment)
, tags = dictionary_spec()
, stack_json = valid_stack_json(default="{config_root}/{_key_name_1}.json")
, params_json = valid_params_json(default="{config_root}/{environment}/{_key_name_1}-params.json")
, params_yaml = valid_params_yaml(default="{config_root}/{environment}/{_key_name_1}-params.yaml")
, build_first = listof(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, build_after = listof(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, build_timeout = defaulted(integer_spec(), 1200)
, ignore_deps = defaulted(boolean(), False)
, vars = dictof(string_spec(), stack_specs.var_spec(), nested=True)
, skip_update_if_equivalent = listof(stack_specs.skipper_spec())
, suspend_actions = defaulted(boolean(), False)
, auto_scaling_group_name = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, artifact_retention_after_deployment = defaulted(boolean(), False)
, command = optional_spec(string_spec())
, netscaler = optional_spec(self.netscaler_spec)
, dns = optional_spec(stack_specs.dns_spec(create_spec(stack_objs.DNS
, vars = dictof(string_spec(), formatted(string_spec(), formatter=MergedOptionStringFormatter), nested=True)
, providers = dictof(string_spec(), stack_specs.dns_provider_spec())
, sites = delayed(dictof(string_spec(), stack_specs.dns_site_spec()))
)))
, scaling_options = create_spec(ScalingOptions
, highest_min = defaulted(integer_spec(), 2)
, instance_count_limit = defaulted(integer_spec(), 10)
)
, artifacts = container_spec(artifact_objs.ArtifactCollection, dictof(string_spec(), create_spec(artifact_objs.Artifact
, not_created_here = defaulted(boolean(), False)
, compression_type = string_choice_spec(["gz", "xz"])
, history_length = integer_spec()
, cleanup_prefix = optional_spec(string_spec())
, upload_to = formatted(string_spec(), formatter=MergedOptionStringFormatter)
, commands = listof(stack_specs.artifact_command_spec(), expect=artifact_objs.ArtifactCommand)
, paths = listof(stack_specs.artifact_path_spec(), expect=artifact_objs.ArtifactPath)
, files = listof(create_spec(artifact_objs.ArtifactFile, validators.has_either(["content", "task"])
, content = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, task = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, path = formatted(string_spec(), formatter=MergedOptionStringFormatter)
, task_runner = formatted(always_same_spec("{task_runner}"), formatter=MergedOptionStringFormatter)
))
)))
, newrelic = optional_spec(create_spec(stack_objs.NewRelic
, api_key = required(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, account_id = required(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, application_id = required(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, env = listof(stack_specs.env_spec(), expect=stack_objs.Environment)
, deployed_version = required(formatted(string_spec(), formatter=MergedOptionStringFormatter))
))
, downtimer_options = optional_spec(dictof(valid_string_spec(valid_alerting_system())
, create_spec(stack_objs.DowntimerOptions
, hosts = listof(formatted(string_spec(), formatter=MergedOptionStringFormatter))
)
))
, alerting_systems = optional_spec(dictof(string_spec(), self.alerting_system_spec))
, ssh = optional_spec(create_spec(stack_objs.SSH
, validators.deprecated_key("autoscaling_group_id", "Use ``auto_scaling_group_name``")
, user = required(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, bastion = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, bastion_user = required(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, bastion_key_location = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, instance_key_location = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, address = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, instance = optional_spec(listof(formatted(string_spec(), formatter=MergedOptionStringFormatter)))
, auto_scaling_group_name = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
, bastion_key_path = formatted(defaulted(string_spec(), "{config_root}/{environment}/bastion_ssh_key.pem"), formatter=MergedOptionStringFormatter)
, instance_key_path = formatted(defaulted(string_spec(), "{config_root}/{environment}/ssh_key.pem"), formatter=MergedOptionStringFormatter)
, storage_type = formatted(defaulted(string_choice_spec(["url", "rattic"]), "url"), formatter=MergedOptionStringFormatter)
, storage_host = optional_spec(formatted(string_spec(), formatter=MergedOptionStringFormatter))
))
, confirm_deployment = optional_spec(self.confirm_deployment_spec)
)
