Class: Pipedream::Pipeline::S3Bucket

Inherits:
Object
  • Object
show all
Extended by:
Memoist
Includes:
AwsServices
Defined in:
lib/pipedream/pipeline/s3_bucket.rb

Class Method Summary collapse

Instance Method Summary collapse

Methods included from AwsServices

#cfn, #codepipeline, #s3

Methods included from AwsServices::Helpers

#are_you_sure?, #inferred_pipeline_name, #inferred_stack_name, #pipeline_name_convention, #stack_exists?

Class Method Details

.nameObject 



10
11
12
 
# File 'lib/pipedream/pipeline/s3_bucket.rb', line 10

def name
  new.name
end

Instance Method Details

#bucket_nameObject 



22
23
24
 
# File 'lib/pipedream/pipeline/s3_bucket.rb', line 22

def bucket_name
  "codepipeline-#{aws.region}-#{aws.}"
end

#ensure_exists(name) ⇒ Object 



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/pipedream/pipeline/s3_bucket.rb', line 26

def ensure_exists(name)
  return if exists?(name) || ENV['TEST']
  s3.create_bucket(bucket: name)
  policy = {
    "Version": "2012-10-17",
    "Id": "SSEAndSSLPolicy",
    "Statement": [
      {
        "Sid": "DenyUnEncryptedObjectUploads",
        "Effect": "Deny",
        "Principal": "*",
        "Action": "s3:PutObject",
        "Resource": "arn:aws:s3:::#{name}/*",
        "Condition": {
          "StringNotEquals": {
            "s3:x-amz-server-side-encryption": "aws:kms"
          }
        }
      },
      {
          "Sid": "DenyInsecureConnections",
          "Effect": "Deny",
          "Principal": "*",
          "Action": "s3:*",
          "Resource": "arn:aws:s3:::#{name}/*",
          "Condition": {
              "Bool": {
                  "aws:SecureTransport": "false"
              }
          }
      }
    ]
  }
  s3.put_bucket_policy(
    bucket: name,
    policy: JSON.dump(policy),
  )
rescue Aws::S3::Errors::BucketAlreadyExists => e
  puts "ERROR #{e.class}: #{e.message}".color(:red)
  puts "Bucket name: #{name}"
  exit 1
end

#exists?(name) ⇒ Boolean

Returns:

  • (Boolean) 


69
70
71
72
73
74
75
76
77
78
79
80
 
# File 'lib/pipedream/pipeline/s3_bucket.rb', line 69

def exists?(name)
  begin
    s3.head_bucket(bucket: name)
    true
  rescue Aws::S3::Errors::BucketAlreadyOwnedByYou, Aws::S3::Errors::Http301Error
    # These exceptions indicate bucket already exists
    # Aws::S3::Errors::Http301Error could be inaccurate but compromising for simplicity
    true
  rescue
    false
  end
end

#nameObject 



16
17
18
19
 
# File 'lib/pipedream/pipeline/s3_bucket.rb', line 16

def name
  ensure_exists(bucket_name)
  bucket_name
end