From 7d48df9b3ab92948154c05fa7722e0c00a803b53 Mon Sep 17 00:00:00 2001
From: toshke <toshke@users.noreply.github.com>
Date: Fri, 21 Sep 2018 17:51:09 +1000
Subject: [PATCH 1/3] stdext optional hosted zone. output hosted zone id

---
 ext/cfndsl/az.rb    | 158 --------------------------------------------
 ext/cfndsl/nacl.rb  |  11 ---
 ext/cfndsl/nat.rb   |  23 -------
 ext/cfndsl/sg.rb    |  59 -----------------
 vpc.cfhighlander.rb |   1 +
 vpc.cfndsl.rb       |   7 ++
 vpc.config.yaml     |   2 +
 7 files changed, 10 insertions(+), 251 deletions(-)
 delete mode 100644 ext/cfndsl/az.rb
 delete mode 100644 ext/cfndsl/nacl.rb
 delete mode 100644 ext/cfndsl/nat.rb
 delete mode 100644 ext/cfndsl/sg.rb

diff --git a/ext/cfndsl/az.rb b/ext/cfndsl/az.rb
deleted file mode 100644
index 979030c..0000000
--- a/ext/cfndsl/az.rb
+++ /dev/null
@@ -1,158 +0,0 @@
-$maximum_availability_zones = 6
-
-def az_conditions(x = $maximum_availability_zones)
-  x.times do |az|
-    Condition("Az#{az}", FnNot([FnEquals(Ref("Az#{az}"), false)]))
-  end
-
-  x.times do |i|
-    tf = []
-    (i + 1).times do |y|
-      tf << { 'Condition' => "Az#{y}" }
-    end
-    (x - (i + 1)).times do |z|
-      tf << FnNot(['Condition' => "Az#{i + z + 1}"])
-    end
-    Condition("#{i + 1}Az", FnAnd(tf))
-  end
-end
-
-def nat_gateway_ips_list_internal(x = $maximum_availability_zones)
-  if x.to_i > 0
-    resources = []
-    x.times do |y|
-      resources << FnIf("Nat#{y}EIPRequired",
-          Ref("NatIPAddress#{y}"),
-          Ref("AWS::NoValue")
-      )
-    end
-    if_statement = FnIf("NatGateway#{x-1}Exist", resources, nat_gateway_ips_list_internal( x - 1))
-    if_statement
-  else
-    FnIf("Nat#{x}EIPRequired",
-        Ref("NatIPAddress#{x}"),
-        Ref("AWS::NoValue")
-    )
-  end
-end
-
-def az_conditional_resources_internal(resource_name, x = $maximum_availability_zones)
-  if x.to_i > 0
-    resources = []
-    x.times do |y|
-      resources << Ref("#{resource_name}#{y}")
-    end
-    if_statement = FnIf("#{x}Az", resources, az_conditional_resources_internal(resource_name, x - 1))
-    if_statement
-  else
-    Ref("#{resource_name}#{x}")
-  end
-end
-
-def az_conditions_resources(resource_name, x = $maximum_availability_zones)
-  if x.to_i > 0
-    x.times do |y|
-      if y <= 1
-        Condition("#{y}#{resource_name}", FnNot([FnEquals(Ref("#{resource_name}#{y}"), "")]))
-      elsif y-1 >= 0
-        Condition("#{y}#{resource_name}", FnAnd([
-            FnNot([FnEquals(Ref("#{resource_name}#{y}"), "")]),
-            Condition("#{y-1}#{resource_name}")
-        ]))
-      end
-    end
-  end
-end
-
-def az_conditional_resources(resource_name, x = $maximum_availability_zones)
-  if x.to_i > 0
-    resources = []
-    x.times do |y|
-      resources << Ref("#{resource_name}#{y}")
-    end
-    if_statement = FnIf("#{x-1}#{resource_name}", resources, az_conditional_resources(resource_name, x - 1)) if x>1
-    if_statement = Ref("#{resource_name}#{x}") if x == 1
-    if_statement
-  else
-    Ref("#{resource_name}#{x}")
-  end
-end
-
-
-def az_conditional_resources_names(resource_name, x = $maximum_availability_zones)
-  if x.to_i > 0
-    resources = []
-    x.times do |y|
-      resources << "#{resource_name}#{y}"
-    end
-    if_statement = FnIf("#{x}Az", resources, az_conditional_resources_names(resource_name, x - 1))
-    if_statement
-  else
-    "#{resource_name}#{x}"
-  end
-end
-
-def az_conditional_resources_array(resource_name, x = $maximum_availability_zones)
-  if x.to_i > 0
-    if_statement = FnIf("#{x}Az", resource_name[x - 1], az_conditional_resources_array(resource_name, x - 1))
-    if_statement
-  else
-    resource_name[0]
-  end
-end
-
-def az_create_subnets(subnet_allocation, subnet_name, type = 'private', vpc = 'VPC', x = $maximum_availability_zones)
-  subnets = []
-  x.times do |az|
-    subnet_name_az = "Subnet#{subnet_name}#{az}"
-    Resource(subnet_name_az) do
-      Condition "Az#{az}"
-      Type 'AWS::EC2::Subnet'
-      Property('VpcId', Ref(vpc.to_s))
-      Property('CidrBlock', FnJoin('', ['10.', Ref('StackOctet'), ".#{subnet_allocation * x + az}.0/24"]))
-      Property('AvailabilityZone', Ref("Az#{az}"))
-      Property('Tags', [{ Key: 'Name', Value: "#{subnet_name}#{az}" }])
-    end
-
-    # Route table associations
-    if type == 'private'
-      # Associate subnet with public route
-      EC2_SubnetRouteTableAssociation("RouteTableAssociation#{subnet_name_az}") do
-        Condition "Az#{az}"
-        SubnetId Ref(subnet_name_az)
-        RouteTableId Ref("RouteTablePrivate#{az}")
-      end
-    end
-
-    if type == 'public'
-      # Associate Subnet with public ACL
-      EC2_SubnetNetworkAclAssociation("ACLAssociation#{subnet_name_az}") do
-        Condition "Az#{az}"
-        SubnetId Ref(subnet_name_az)
-        NetworkAclId Ref('PublicNetworkAcl')
-      end
-
-      # Associate subnet with public route
-      EC2_SubnetRouteTableAssociation("RouteTableAssociation#{subnet_name_az}") do
-        Condition "Az#{az}"
-        SubnetId Ref(subnet_name_az)
-        RouteTableId Ref('RouteTablePublic')
-      end
-    end
-    Output(subnet_name_az) { Value(FnIf("Az#{az}", Ref(subnet_name_az), '')) }
-    subnets << "#{subnet_name}#{az}"
-  end
-
-  subnets
-end
-
-def az_create_private_route_associations(subnet_name, x = $maximum_availability_zones)
-  x.times do |az|
-    Resource("RouteTableAssociation#{subnet_name}#{az}") do
-      Condition "Az#{az}"
-      Type 'AWS::EC2::SubnetRouteTableAssociation'
-      Property('SubnetId', Ref("#{subnet_name}#{az}"))
-      Property('RouteTableId', Ref("RouteTablePrivate#{az}"))
-    end
-  end
-end
diff --git a/ext/cfndsl/nacl.rb b/ext/cfndsl/nacl.rb
deleted file mode 100644
index 2b08046..0000000
--- a/ext/cfndsl/nacl.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-def nacl_entry( cidr_block, entry, type, acl_id)
-  EC2_NetworkAclEntry("#{type}#{entry['number']}") {
-    NetworkAclId acl_id
-    RuleNumber entry['number']
-    Protocol entry['protocol'] || '6'
-    RuleAction entry['action'] || 'allow'
-    Egress (type == 'outbound' ? true : false)
-    CidrBlock cidr_block
-    PortRange ({ From: entry['from'], To: entry['to'] || entry['from'] })
-  }
-end
\ No newline at end of file
diff --git a/ext/cfndsl/nat.rb b/ext/cfndsl/nat.rb
deleted file mode 100644
index c72fe01..0000000
--- a/ext/cfndsl/nat.rb
+++ /dev/null
@@ -1,23 +0,0 @@
-def max_nat_conditions(maximum_azs)
-
-  maximum_azs.times do |az|
-    Condition("#{az+1}NatGateways", FnEquals((az + 1).to_s, Ref('MaxNatGateways')))
-  end
-
-
-  Condition("RoutedBySingleNat", FnEquals(Ref("SingleNatGateway"), 'true'))
-
-  maximum_azs.times do |az|
-    range_inverted=*(az..maximum_azs-1)
-    az_condition = Condition("Az#{az}")
-    if range_inverted.size() > 1
-      nat_condition = FnOr(range_inverted.map { |x| Condition("#{x+1}NatGateways") })
-    else
-      nat_condition = Condition("#{az+1}NatGateways")
-    end
-    Condition("NatGateway#{az}Exist", FnAnd([az_condition, nat_condition]))
-    Condition("RoutedByNat#{az}", FnAnd([Condition("NatGateway#{az}Exist"), FnNot([Condition("RoutedBySingleNat")])]))
-    Condition("RoutedBySingleNat#{az}", FnAnd([Condition("Az#{az}"), Condition("RoutedBySingleNat")]))
-  end
-
-end
\ No newline at end of file
diff --git a/ext/cfndsl/sg.rb b/ext/cfndsl/sg.rb
deleted file mode 100644
index fc0e18b..0000000
--- a/ext/cfndsl/sg.rb
+++ /dev/null
@@ -1,59 +0,0 @@
-require 'netaddr'
-
-def sg_create_rules (security_groups, ip_blocks={})
-  rules = []
-  security_groups.each do | group |
-    group['ips'].each do |ip|
-      group['rules'].each do |rule|
-        lookup_ips_for_sg(ip_blocks, ip).each do |cidrs|
-          (cidrs.kind_of?(Array) ? cidrs : [cidrs]).each do |cidr|
-            rules << { IpProtocol: "#{rule['IpProtocol']}", FromPort: "#{rule['FromPort']}", ToPort: "#{rule['ToPort']}", CidrIp: cidr }
-          end
-        end
-      end
-    end
-  end
-  return rules
-end
-
-
-def lookup_ips(ips, block_name)
-  return  lookup_ips_for_sg(ips, block_name)
-end
-
-def lookup_ips_for_sg (ips, ip_block_name={})
-  cidr = []
-  if ip_block_name == 'stack'
-    cidr = [FnJoin( "", [ "10.", Ref('StackOctet'), ".", "0.0/16" ] )]
-  elsif ips.has_key? ip_block_name
-    ips[ip_block_name].each do |ip|
-      if (ips.include?(ip) || ip_block_name == 'stack')
-        cidr += lookup_ips_for_sg(ips, ip) unless ip == ip_block_name
-      else
-        if ip == 'stack'
-          cidr << [FnJoin( "", [ "10.", Ref('StackOctet'), ".", "0.0/16" ] )]
-        elsif(isCidr(ip))
-          cidr << ip
-        else
-          STDERR.puts("WARN: ip #{ip} is not a valid CIDR. Ignoring IP")
-        end
-      end
-    end
-  else
-    if isCidr(ip_block_name)
-      cidr = [ip_block_name]
-    else
-      STDERR.puts("WARN: ip #{ip_block_name} is not a valid CIDR. Ignoring IP")
-    end
-  end
-  cidr
-end
-
-def isCidr(block)
-  begin
-    NetAddr::CIDR.create(block)
-    return block.include?('/')
-  rescue NetAddr::ValidationError
-    return false
-  end
-end
\ No newline at end of file
diff --git a/vpc.cfhighlander.rb b/vpc.cfhighlander.rb
index 1b53234..1898e32 100644
--- a/vpc.cfhighlander.rb
+++ b/vpc.cfhighlander.rb
@@ -6,6 +6,7 @@
 
   Name 'VPC'
   Description "Highlander VPC component #{component_version}"
+  DependsOn stdext
   ComponentVersion component_version
   ComponentDistribution 's3://source.highlander.base2.services/components'
 
diff --git a/vpc.cfndsl.rb b/vpc.cfndsl.rb
index 9f93791..762612f 100644
--- a/vpc.cfndsl.rb
+++ b/vpc.cfndsl.rb
@@ -33,7 +33,10 @@
       Ref('EnvironmentName'), Ref('DnsDomain')
   ])
 
+  Condition('Route53ZoneGiven', FnNot(FnEquals(Ref('DnsDomain'),'')))
+
   Route53_HostedZone('HostedZone') do
+    Condition('Route53ZoneGiven')
     Name dns_domain
   end
 
@@ -232,6 +235,10 @@
     Value(Ref('SecurityGroupBackplane'))
     Export FnSub("${EnvironmentName}-#{component_name}-SecurityGroupBackplane")
   }
+  Output('HostedZoneId') {
+    Condition 'Route53ZoneGiven'
+    Value(Ref('HostedZone'))
+  }
 
   nat_ip_list = nat_gateway_ips_list_internal(maximum_availability_zones)
   Output('NatGatewayIps') {
diff --git a/vpc.config.yaml b/vpc.config.yaml
index 5a1ebc4..6f26bdf 100644
--- a/vpc.config.yaml
+++ b/vpc.config.yaml
@@ -9,6 +9,8 @@
 #
 maximum_availability_zones: 5
 component_version: 1.0.3
+stdext: github:toshke/hl-component-stdext
+
 subnets:
   vpc_public:
     allocation: 0

From 3efcfc210b2dab47c0eca7eec20e1b4a72af2180 Mon Sep 17 00:00:00 2001
From: toshke <toshke@users.noreply.github.com>
Date: Fri, 21 Sep 2018 18:46:44 +1000
Subject: [PATCH 2/3] remove global az export

---
 vpc.config.yaml | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/vpc.config.yaml b/vpc.config.yaml
index 6f26bdf..0e54d46 100644
--- a/vpc.config.yaml
+++ b/vpc.config.yaml
@@ -165,7 +165,3 @@ config_export:
   global:
     - maximum_availability_zones
 
-lib_export:
-  global:
-    cfndsl:
-      - az

From ba66f9734bf73b533c8c710335ad0806a491bebb Mon Sep 17 00:00:00 2001
From: toshke <toshke@users.noreply.github.com>
Date: Mon, 24 Sep 2018 14:00:23 +1000
Subject: [PATCH 3/3] route53 standardisation - optional zone

---
 vpc.cfndsl.rb   | 10 +++-------
 vpc.config.yaml |  2 ++
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/vpc.cfndsl.rb b/vpc.cfndsl.rb
index 762612f..88c4374 100644
--- a/vpc.cfndsl.rb
+++ b/vpc.cfndsl.rb
@@ -29,19 +29,15 @@
     EnableDnsHostnames true
   end
 
-  dns_domain = FnJoin('.', [
-      Ref('EnvironmentName'), Ref('DnsDomain')
-  ])
-
   Condition('Route53ZoneGiven', FnNot(FnEquals(Ref('DnsDomain'),'')))
 
   Route53_HostedZone('HostedZone') do
     Condition('Route53ZoneGiven')
-    Name dns_domain
-  end
+    Name FnSub(dns_zone)
+  end unless (dns_zone.nil? or dns_zone.empty?)
 
   EC2_DHCPOptions('DHCPOptionSet') do
-    DomainName dns_domain
+    DomainName FnSub(dns_zone) unless (dns_zone.nil? or dns_zone.empty?)
     DomainNameServers ['AmazonProvidedDNS']
   end
 
diff --git a/vpc.config.yaml b/vpc.config.yaml
index 0e54d46..1ddf498 100644
--- a/vpc.config.yaml
+++ b/vpc.config.yaml
@@ -11,6 +11,8 @@ maximum_availability_zones: 5
 component_version: 1.0.3
 stdext: github:toshke/hl-component-stdext
 
+dns_zone: $EnvironmentName.$DnsDomain
+
 subnets:
   vpc_public:
     allocation: 0