Release/0.0.20 (#15)

- added upgrade instructions - Added better version command - Added an AWS SNS Topic that all product provisions send their AWS CloudFormation stack events to
awslabs · Apr 25, 2019 · 7caaca8 · 7caaca8
1 parent 75a4c9e
commit 7caaca8
Show file tree

Hide file tree

Showing 8 changed files with 116 additions and 29 deletions.
diff --git a/docs/source/index.rst b/docs/source/index.rst
@@ -8,3 +8,5 @@ Welcome to aws-service-catalog-puppets's documentation!
    puppet/what_is_this
    puppet/getting_up_and_running
    puppet/designing_your_manifest
+   puppet/notifications
+   puppet/upgrading
diff --git a/docs/source/puppet/notifications.md b/docs/source/puppet/notifications.md
@@ -0,0 +1,13 @@
+Notifications
+=============
+
+You can listen to the AWS CloudFormation stack events from your product provisioning.
+
+This is the recommended way of discovering provisioning errors.
+
+When you bootstraped your account you will have created an AWS SNS Topic: 
+```servicecatalog-puppet-cloudformation-events``` in your default region.
+
+Please note this will only receive notifications for products provisioned using 
+ServiceCatalog-Puppet - any self service vending from AWS Service Catalog will not 
+use this topic.
diff --git a/docs/source/puppet/upgrading.md b/docs/source/puppet/upgrading.md
@@ -0,0 +1,34 @@
+Upgrading
+=========
+
+Firstly, verify which version you have installed already:
+
+```bash
+servicecatalog-puppet version
+```
+
+If this errors, check you have activated your virtualenv.
+
+Then you are ready to install the version you want:
+
+```bash
+pip install aws-service-catalog-puppet==<version>
+```
+
+If you want to upgrade to the latest you can run:
+
+```bash
+pip install --upgrade aws-service-catalog-puppet
+```
+
+Once you have completed the upgrade you will have to bootstrap your install again:
+
+```bash
+servicecatalog-puppet bootstrap
+```
+
+And finally, you can verify the upgrade has worked by running version again:
+
+```bash
+servicecatalog-puppet version
+```
diff --git a/servicecatalog_puppet/cli.py b/servicecatalog_puppet/cli.py
@@ -343,6 +343,7 @@ def write_share_template(portfolio_use_by_account, region, host_account_id):
             env.get_template('shares.template.yaml.j2').render(
                 portfolio_use_by_account=portfolio_use_by_account,
                 host_account_id=host_account_id,
+                HOME_REGION=HOME_REGION,
             )
         )
 
@@ -423,20 +424,24 @@ def deploy(f, single_account):
     deployment_map = build_deployment_map(manifest)
     write_templates(deployment_map)
     logger.info('Starting to deploy')
-    deploy_launches(deployment_map, manifest.get('parameters', {}), single_account)
+    with betterboto_client.ClientContextManager('sts') as sts:
+        puppet_account_id = sts.get_caller_identity().get('Account')
+    deploy_launches(deployment_map, manifest.get('parameters', {}), single_account, puppet_account_id)
     logger.info('Finished deploy')
 
 
-def deploy_launches_for_region(region, account, role, deployment_map, parameters):
+def deploy_launches_for_region(region, account, role, deployment_map, parameters, puppet_account_id):
     logger.info("Starting region: {}".format(region))
     templates = os.listdir(os.sep.join([TEMPLATES, account, region]))
     for template_name in templates:
         deploy_launches_for_region_and_product(
-            region, account, role, deployment_map, parameters, template_name
+            region, account, role, deployment_map, parameters, template_name, puppet_account_id
         )
 
 
-def deploy_launches_for_region_and_product(region, account, role, deployment_map, parameters, template_name):
+def deploy_launches_for_region_and_product(
+        region, account, role, deployment_map, parameters, template_name, puppet_account_id
+):
     logger.info("Starting template: {} in region: {}".format(template_name, region))
     launch_name = template_name.replace('.template.yaml', '')
     stack_name = "-".join([PREFIX, account, region, launch_name])
@@ -539,6 +544,9 @@ def deploy_launches_for_region_and_product(region, account, role, deployment_map
                         'Value': launch_name,
                     }
                 ],
+                NotificationArns=[
+                    "arn:aws:sns:{}:{}:servicecatalog-puppet-cloudformation-events".format(HOME_REGION, puppet_account_id),
+                ],
             )
             logger.info('Plan created, waiting for completion')
 
@@ -583,7 +591,7 @@ def deploy_launches_for_region_and_product(region, account, role, deployment_map
                 raise Exception("Execute was not successful: {}".format(execute_status))
 
 
-def deploy_launches(deployment_map, parameters, single_account):
+def deploy_launches(deployment_map, parameters, single_account, puppet_account_id):
     logger.info('Deploying launches')
     accounts = os.listdir(TEMPLATES)
     logger.info('Creating stacks')
@@ -601,7 +609,7 @@ def deploy_launches(deployment_map, parameters, single_account):
                     name='-'.join([account, region]),
                     target=deploy_launches_for_region,
                     args=[
-                        region, account, role, deployment_map, parameters
+                        region, account, role, deployment_map, parameters, puppet_account_id
                     ]
                 )
                 process.start()
@@ -728,24 +736,6 @@ def seed(complexity, p):
     )
 
 
-@cli.command()
-@click.argument('p', type=click.Path(exists=True))
-def reseed(p):
-    for f in ['requirements.txt', 'cli.py', ]:
-        shutil.copy2(
-            resolve_from_site_packages(f),
-            os.path.sep.join([p, f])
-        )
-    for d in ['templates']:
-        target = os.path.sep.join([p, d])
-        if os.path.exists(target):
-            shutil.rmtree(target)
-        shutil.copytree(
-            resolve_from_site_packages(d),
-            target
-        )
-
-
 @cli.command()
 @click.argument('f', type=click.File())
 def list_launches(f):
@@ -905,7 +895,25 @@ def validate(f):
 
 @cli.command()
 def version():
-    click.echo(VERSION)
+    click.echo("cli version: {}".format(VERSION))
+    with betterboto_client.ClientContextManager('ssm', region_name=HOME_REGION) as ssm:
+        response = ssm.get_parameter(
+            Name="service-catalog-puppet-regional-version"
+        )
+        click.echo(
+            "regional stack version: {} for region: {}".format(
+                response.get('Parameter').get('Value'),
+                response.get('Parameter').get('ARN').split(':')[3]
+            )
+        )
+        response = ssm.get_parameter(
+            Name="service-catalog-puppet-version"
+        )
+        click.echo(
+            "stack version: {}".format(
+                response.get('Parameter').get('Value'),
+            )
+        )
 
 
 @cli.command()

diff --git a/servicecatalog_puppet/servicecatalog-puppet-regional.template.yaml b/servicecatalog_puppet/servicecatalog-puppet-regional.template.yaml
@@ -8,6 +8,7 @@ Parameters:
     Default: "{{ VERSION }}"
 
 Resources:
+
   Param:
     Type: AWS::SSM::Parameter
     Properties:
@@ -28,4 +29,4 @@ Resources:
 
 Outputs:
   Version:
-    Value: !GetAtt Param.Value
+    Value: !GetAtt Param.Value
diff --git a/servicecatalog_puppet/servicecatalog-puppet.template.yaml b/servicecatalog_puppet/servicecatalog-puppet.template.yaml
@@ -391,6 +391,16 @@ Resources:
       TimeoutInMinutes: 30
 
 
+  ProductTopic:
+    Type: AWS::SNS::Topic
+    Properties:
+      DisplayName: servicecatalog-puppet-cloudformation-events
+      TopicName: servicecatalog-puppet-cloudformation-events
+
 Outputs:
+  ProductTopicArn:
+    Value: !Ref ProductTopic
+  ProductTopicName:
+    Value: !GetAtt ProductTopic.TopicName
   Version:
     Value: !GetAtt Param.Value
diff --git a/servicecatalog_puppet/templates/shares.template.yaml.j2 b/servicecatalog_puppet/templates/shares.template.yaml.j2
@@ -1,7 +1,10 @@
 # Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 AWSTemplateFormatVersion: '2010-09-09'
-Description: Shares
+Description: Shares for puppet
+
+Conditions:
+  RunningInHomeRegion: !Equals [ !Sub "${AWS::Region}", {{ HOME_REGION }} ]
 
 Resources:
   ShareAcceptFunction:
@@ -95,9 +98,25 @@ Resources:
       Timeout: 30
 
 
-
 {% for account_id, portfolios in portfolio_use_by_account.items() %}
   {% if account_id != host_account_id %}
+  TopicPolicyFor{{ account_id }}:
+    Type: AWS::SNS::TopicPolicy
+    Condition: RunningInHomeRegion
+    Properties:
+      Topics:
+        - !Sub "arn:aws:sns:{{ HOME_REGION }}:${AWS::AccountId}:servicecatalog-puppet-cloudformation-events"
+      PolicyDocument:
+        Id: MyTopicPolicy
+        Version: '2012-10-17'
+        Statement:
+          - Sid: "{{ account_id }}"
+            Effect: Allow
+            Principal:
+              AWS: "{{ account_id }}"
+            Action: sns:Publish
+            Resource: "*"
+
   BucketPolicyFor{{ account_id }}:
     Type: AWS::S3::BucketPolicy
     Properties:

diff --git a/setup.py b/setup.py
@@ -7,7 +7,7 @@
 
 setuptools.setup(
     name="aws-service-catalog-puppet",
-    version="0.0.19",
+    version="0.0.20",
     author="Eamonn Faherty",
     author_email="aws-service-catalog-tools@amazon.com",
     description="Making it easier to deploy ServiceCatalog products",