MovableInkAWS 0.2.7 → 0.2.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8cf9a7ff2af2c85e14f517ace88f76b802c3b5412105ffa40d5d9c674eb14c30
-  data.tar.gz: 278ef41a323e0e1ea3491a5e448bbf87dc8434229ffdd79e02cca399733512cb
+  metadata.gz: 88c1b6ff56ab368ab4d97a3f539b6a822e7af3c0447f8373a3601907c4e90393
+  data.tar.gz: 31146689d3eab6d8514f88cb85c013b1d4314ff5ad06376fc6e2f7b577dc94a2
 SHA512:
-  metadata.gz: f982b231053941d943f530342844d986665c049c3b56616de858fc7b41f2825c85d9354a5fd199b36482a808c793446ba5dc10bc0578cd5beb2a4b3e0dc48dc6
-  data.tar.gz: b5d4ef2fc3c9d89f953eca81d99e51cbdb680a770274130931daecdc7f4be1e75c600ca91dc74d3d2c714ffa14ea001cb5521bd0d8c57546a524af13fea6fbb8
+  metadata.gz: 18352f2392290945415bf01b8be8daf41dfa4e5d146174f9d2bebe7154e74681eaced174a1a44cd072190521cb03c2045436d6c9eed8b246b885c267ded92370
+  data.tar.gz: f76fdc11f3109407596a82005400701345d9bea7803f14b3ebf2be283c3ca8ad1072c313370590b86974759dbd5e38cc98631c314ddb0d0b825b7672796734b4

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    MovableInkAWS (0.2.7)
+    MovableInkAWS (0.2.8)
       aws-sdk (= 2.11.240)
 
 GEM
@@ -41,4 +41,4 @@ DEPENDENCIES
   rspec (~> 3.6)
 
 BUNDLED WITH
-   1.16.2
+   1.16.6

data/lib/movable_ink/aws/ssm.rb

@@ -1,12 +1,26 @@
 module MovableInk
   class AWS
     module SSM
-      def ssm
+      def ssm_client
         @ssm_client ||= Aws::SSM::Client.new(region: 'us-east-1')
       end
 
-      def get_secret(environment: mi_env, role:, attribute:)
+      def ssm_client_failover
+        @ssm_client_failover ||= Aws::SSM::Client.new(region: 'us-west-2')
+      end
+
+      def run_with_backoff_and_client_fallback(&block)
         run_with_backoff do
+          block.call(ssm_client)
+        end
+      rescue MovableInk::AWS::Errors::FailedWithBackoff => e
+        run_with_backoff(tries: 3) do
+          block.call(ssm_client_failover)
+        end
+      end
+
+      def get_secret(environment: mi_env, role:, attribute:)
+        run_with_backoff_and_client_fallback do |ssm|
           begin
             resp = ssm.get_parameter(
                       name: "/#{environment}/#{role}/#{attribute}",
@@ -21,7 +35,7 @@ module MovableInk
 
       def get_role_secrets(environment: mi_env, role:)
         path = "/#{environment}/#{role}"
-        run_with_backoff do
+        run_with_backoff_and_client_fallback do |ssm|
           ssm.get_parameters_by_path(
             path: path,
             with_decryption: true

data/lib/movable_ink/aws.rb

@@ -41,8 +41,8 @@ module MovableInk
       end
     end
 
-    def run_with_backoff(quiet: false)
-      9.times do |num|
+    def run_with_backoff(quiet: false, tries: 9)
+      tries.times do |num|
         begin
           return yield
         rescue Aws::EC2::Errors::RequestLimitExceeded,
@@ -57,7 +57,7 @@ module MovableInk
                MovableInk::AWS::Errors::NoEnvironmentTagError
           sleep_time = (num+1)**2 + rand(10)
           if quiet
-            (num >=8) ? notify_and_sleep(sleep_time, $!.class) : sleep(sleep_time)
+            (num >= tries - 1) ? notify_and_sleep(sleep_time, $!.class) : sleep(sleep_time)
           else
             notify_and_sleep(sleep_time, $!.class)
           end

data/lib/movable_ink/version.rb

@@ -1,5 +1,5 @@
 module MovableInk
   class AWS
-    VERSION = '0.2.7'
+    VERSION = '0.2.8'
   end
 end

data/spec/ssm_spec.rb

@@ -50,7 +50,7 @@ describe MovableInk::AWS::SSM do
   it "should retrieve a decrypted secret" do
     ssm.stub_responses(:get_parameter, parameter)
     allow(aws).to receive(:mi_env).and_return('test')
-    allow(aws).to receive(:ssm).and_return(ssm)
+    allow(aws).to receive(:ssm_client).and_return(ssm)
 
     expect(aws.get_secret(role: 'sneakers', attribute: 'setec-astronomy')).to eq('too-many-secrets')
   end
@@ -58,8 +58,47 @@ describe MovableInk::AWS::SSM do
   it "should retrieve all secrets for a role" do
     ssm.stub_responses(:get_parameters_by_path, parameters)
     allow(aws).to receive(:mi_env).and_return('test')
-    allow(aws).to receive(:ssm).and_return(ssm)
+    allow(aws).to receive(:ssm_client).and_return(ssm)
 
     expect(aws.get_role_secrets(role: 'zelda')).to eq(zelda_secrets)
   end
+
+  describe 'ssm_client' do
+    it 'uses to us-east-1 as a primary for secrets' do
+      expect(Aws::SSM::Client).to receive(:new).with({ region: 'us-east-1' })
+      aws.ssm_client
+    end
+  end
+
+  describe 'ssm_client_failover' do
+    it 'fails over to us-west-2' do
+      expect(Aws::SSM::Client).to receive(:new).with({ region: 'us-west-2' })
+      aws.ssm_client_failover
+    end
+  end
+
+  describe 'run_with_backoff_and_client_fallback' do
+    it 'passes in the ssm_client client and then the ssm_client_failover client' do
+      allow(aws).to receive(:ssm_client).and_return(1)
+      allow(aws).to receive(:ssm_client_failover).and_return(2)
+      allow(aws).to receive(:notify_and_sleep).and_return(nil)
+
+      results = []
+      calls = 0
+
+      begin
+        aws.run_with_backoff_and_client_fallback do |client|
+          calls += 1
+          results.push(client)
+          raise Aws::EC2::Errors::RequestLimitExceeded.new('context', 'message')
+        end
+      rescue
+      end
+
+      # 9 calls for the first client and 3 calls for the second client
+      expect(calls).to eq(12)
+      # the results will include the mock values for each of the clients
+      expect(results).to include(1, 2)
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: MovableInkAWS
 version: !ruby/object:Gem::Version
-  version: 0.2.7
+  version: 0.2.8
 platform: ruby
 authors:
 - Matt Chesler
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-03-14 00:00:00.000000000 Z
+date: 2019-03-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk