class Cumulus::IAM::PolicyUnifier

Public: A class that keeps track of policy statements, determining when to put a policy into the inline definition of the resource, or to create a static policy that can apply to multiple resources. It does this by keeping track of policies that it's seen before, and putting everything into inlines. When it sees something for the second time, it will remove the policy from the first resource's inlines, and creates a static policy definition.

Public Class Methods

new(dir) click to toggle source

Public: Constructor

dir - the directory to write static policies to

# File lib/iam/migration/PolicyUnifier.rb, line 35
def initialize(dir)
  @dir = dir
  @policies = {}
end

Public Instance Methods

unify(config, policy, name) click to toggle source

Public: Unify a particular policy for a configuration object. If `policy` has not been encountered before, it will be put into the config's inlines, but if it has, it will be written to static and added to the static array of the configuration. Will also go back and fix the inlines for the first time `policy` was encountered.

config - the config object to change policy - the policy to unify name - the name of the file to write, if needed

# File lib/iam/migration/PolicyUnifier.rb, line 49
def unify(config, policy, name)
  # if we haven't seen the policy before, add it to the inlines
  if !@policies.has_key?(policy)
    @policies[policy] = SingleInstance.new(config, name)
    config.inlines << policy
  else
    case @policies[policy]
    # if we've only seen the policy once before, write it to file and fix the
    # previous configuration that had the policy
    when SingleInstance
      single = @policies[policy]

      # write to file, checking for naming conflicts
      file = "#{@dir}/#{single.name}"
      contents = JSON.pretty_generate(policy)
      if File.exists?(file)
        original_contents = File.read(file)
        if original_contents != contents
          file = "#{file}-#{single.config.name}"
        end
      end
      File.open(file, 'w') { |f| f.write(contents) }
      file = file[(file.rindex("/") + 1)..-1]

      # update the config objects
      single.config.inlines.delete(policy)
      single.config.statics << file
      config.statics << file
      @policies[policy] = MultipleInstances.new(file)

    # if the policy has already been written to file, we just use the static
    # in the configuration
    when MultipleInstances
      multiple = @policies[policy]
      config.statics << multiple.name
    end
  end
end