aws-google 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f79c246b1eb0ee41aca8f28875b6b9d904840ece7d6ca8eabb1e74de2fff3896
-  data.tar.gz: 7c3dff0815d0cd4fe69b8d9a9e333e766506e2a7d6a8a91188f49ee4476c0430
+  metadata.gz: dedc522fef979083cb7e238f1d8aebe317f471edb4c6bc3799cef1a220bc61d4
+  data.tar.gz: ca5d5e6244f0ed938e70ec70e4f0fd42d2fa4bb5dfcc370d0f3229ae5d5faac9
 SHA512:
-  metadata.gz: 0a63a1d1b18abe0101c68cf26564f3e32b095cd19f99c13eb8089cfc112e9bb5ab2e2530bc14b080b9cecf14d46f8e28e360a0cfb223aab44e24689771472470
-  data.tar.gz: e81a579a2df2d1e18baeff05879f44a9f91127f60fc1cc9062afcdb1c6a446b9f5bee7823570133a3c63daf5858eb5976a92670595b4bd24d36e4f4d808b3750
+  metadata.gz: fa6dafdd466d434affaff2ed9dce8f6846da7d0128c5592667ea35c15c688d447212552b9c521cdfcd1e81e828104be9545e6d743ac0573460582415d9ddf670
+  data.tar.gz: 58e54a1b84565ba47b86f891dae4780bfd7d86eaf37d8901460ed084ff4725a7d96b491ddac222886795b77d63395caba74ea6eb2b0dc521cbac3d1f9d4f4e81

data/.github/workflows/pr-verify.yml

@@ -0,0 +1,47 @@
+name: Run Tests
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  # Test on code-dot-org Ruby version
+  test_3_0_5:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.0.5
+          bundler-cache: true
+
+      - name: Install gems
+        run: bundle install
+
+      - name: Run tests
+        run: bundle exec rake test
+
+  #Test on latest Ruby
+  test_3_3:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.3
+          bundler-cache: true
+      
+      - name: Install gems
+        run: bundle install
+
+      - name: Run tests
+        run: bundle exec rake test

data/.ruby-version

@@ -0,0 +1 @@
+3.0.5

data/Dockerfile

@@ -0,0 +1,8 @@
+FROM ruby:3.0.5
+
+WORKDIR /app
+
+# Copy bare minimum files to install gems
+COPY Gemfile aws-google.gemspec /app/
+COPY lib /app/lib
+RUN bundle install

data/README.md

@@ -24,9 +24,14 @@ Or install it yourself as:
 Visit the [Google API Console](https://console.developers.google.com/) to create/obtain [OAuth 2.0 Client ID credentials](https://support.google.com/cloud/answer/6158849) (client ID and client secret) for an application in your Google account.
 
 ### Create an AWS IAM Role
-Create an AWS IAM Role with the desired IAM policies attached, and a ['trust policy'](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#term_trust-policy) ([`AssumeRolePolicyDocument`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html)) allowing the [`sts:AssumeRoleWithWebIdentity`](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html) action with [Web Identity Federation condition keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif) authorizing
+Create an AWS IAM Role with the desired IAM policies attached, and a ['trust policy'][1] ([`AssumeRolePolicyDocument`][2]) allowing the [`sts:AssumeRoleWithWebIdentity`][3] action with [Web Identity Federation condition keys][4] authorizing
 your Google Client ID (`accounts.google.com:aud`) and a specific set of Google Account IDs (`accounts.google.com:sub`):
 
+[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#term_trust-policy "IAM Trust Policy"
+[2]: https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html "Create Role API"
+[3]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html "Assume Role With Identity API"
+[4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif "IAM Condition Keys"
+
 ```json
 {
   "Version": "2012-10-17",
@@ -53,6 +58,7 @@ your Google Client ID (`accounts.google.com:aud`) and a specific set of Google A
 
 ### Method 1: `Aws::Google`
 In your Ruby code, construct an `Aws::Google` object by passing the AWS `role_arn`, Google `client_id` and `client_secret`, either as constructor arguments or via the `Aws::Google.config` global defaults:
+
 ```ruby
 require 'aws/google'
 
@@ -87,9 +93,22 @@ The extra `credential_process` config line tells AWS to [Source Credentials with
 
 ## Development
 
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+Prerequisites:
+
+* Ruby 3.0.5
+
+You can have Ruby installed locally, or use Docker and mount this repository into a Ruby container. By using Docker you can avoid conflicts with differing Ruby versions or other installed gems. To run and 'bash' into a Ruby container, install Docker and run the following. See [docker-compose.yml](docker-compose.yml) for details.
+
+```
+docker compose build
+docker compose run ruby
+```
+
+With either option, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`.
 
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
 ## Contributing
 

data/aws-google.gemspec

@@ -1,8 +1,9 @@
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'aws/google/version'
 
 Gem::Specification.new do |spec|
+  spec.required_ruby_version = '>= 3.0.5'
   spec.name          = 'aws-google'
   spec.version       = Aws::Google::VERSION
   spec.authors       = ['Will Jordan']
@@ -21,14 +22,14 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'aws-sdk-core', '~> 3.130'
-  spec.add_dependency 'google-apis-core'
-  spec.add_dependency 'launchy', '~> 2'
+  spec.add_dependency 'aws-sdk-core', '~> 3.211.0'
+  spec.add_dependency 'google-apis-core', '~> 0.15.1'
+  spec.add_dependency 'launchy', '~> 3.0.1'
 
-  spec.add_development_dependency 'activesupport', '~> 5'
-  spec.add_development_dependency 'minitest', '~> 5.14.2'
-  spec.add_development_dependency 'mocha', '~> 1.5'
-  spec.add_development_dependency 'rake', '~> 12'
-  spec.add_development_dependency 'timecop', '~> 0.8'
-  spec.add_development_dependency 'webmock', '~> 3.3'
+  spec.add_development_dependency 'activesupport', '~> 6.1.7.8'
+  spec.add_development_dependency 'minitest', '~> 5.25.1'
+  spec.add_development_dependency 'mocha', '~> 2.4.5'
+  spec.add_development_dependency 'rake', '~> 13.2.1'
+  spec.add_development_dependency 'timecop', '~> 0.9.10'
+  spec.add_development_dependency 'webmock', '3.24.0'
 end

data/docker-compose.yml

@@ -0,0 +1,7 @@
+services:
+  ruby:
+    build: .
+    volumes:
+      - .:/app
+    working_dir: /app
+    command: bash

data/lib/aws/google/cached_credentials.rb

@@ -23,22 +23,31 @@ module Aws
       end
 
       def refresh_if_near_expiration
-        if near_expiration?(SYNC_EXPIRATION_LENGTH)
-          @mutex.synchronize do
-            if near_expiration?(SYNC_EXPIRATION_LENGTH)
-              refresh
-              write_credentials
-            end
+        return unless near_expiration?(SYNC_EXPIRATION_LENGTH)
+
+        @mutex.synchronize do
+          if near_expiration?(SYNC_EXPIRATION_LENGTH)
+            refresh
+            write_credentials
           end
         end
       end
 
       # Write credentials and expiration to AWS credentials file.
       def write_credentials
-        # AWS CLI is needed because writing AWS credentials is not supported by the AWS Ruby SDK.
+        # Ensure the AWS CLI is available before attempting to write credentials.
         return unless system('which aws >/dev/null 2>&1')
-        Aws::SharedCredentials::KEY_MAP.transform_values(&@credentials.method(:send)).
-          merge(expiration: @expiration).each do |key, value|
+
+        # Manually map the credentials to the keys used by AWS CLI
+        credentials_map = {
+          'aws_access_key_id' => @credentials.access_key_id,
+          'aws_secret_access_key' => @credentials.secret_access_key,
+          'aws_session_token' => @credentials.session_token,
+          'expiration' => @expiration
+        }
+
+        # Use the AWS CLI to set the credentials in the session profile
+        credentials_map.each do |key, value|
           system("aws configure set #{key} #{value} --profile #{@session_profile}")
         end
       end

data/lib/aws/google/version.rb

@@ -1,5 +1,5 @@
 module Aws
   class Google
-    VERSION = '0.2.0'.freeze
+    VERSION = '0.2.1'.freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-google
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Will Jordan
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-01-03 00:00:00.000000000 Z
+date: 2024-11-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -16,126 +16,126 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.130'
+        version: 3.211.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.130'
+        version: 3.211.0
 - !ruby/object:Gem::Dependency
   name: google-apis-core
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.15.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.15.1
 - !ruby/object:Gem::Dependency
   name: launchy
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 3.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 3.0.1
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: 6.1.7.8
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: 6.1.7.8
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.2
+        version: 5.25.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.2
+        version: 5.25.1
 - !ruby/object:Gem::Dependency
   name: mocha
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: 2.4.5
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: 2.4.5
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12'
+        version: 13.2.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12'
+        version: 13.2.1
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.9.10
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.9.10
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3.3'
+        version: 3.24.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3.3'
+        version: 3.24.0
 description: Use Google OAuth as an AWS credential provider.
 email:
 - will@code.org
@@ -144,8 +144,11 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/pr-verify.yml"
 - ".gitignore"
+- ".ruby-version"
 - ".travis.yml"
+- Dockerfile
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -153,6 +156,7 @@ files:
 - aws-google.gemspec
 - bin/console
 - bin/setup
+- docker-compose.yml
 - exe/aws-google
 - lib/aws/google.rb
 - lib/aws/google/cached_credentials.rb
@@ -163,7 +167,7 @@ licenses:
 - Apache-2.0
 metadata:
   allowed_push_host: https://rubygems.org
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -171,15 +175,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.0.5
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
-signing_key: 
+rubygems_version: 3.2.33
+signing_key:
 specification_version: 4
 summary: Use Google OAuth as an AWS credential provider
 test_files: []