aws-sdk-core 3.196.1 → 3.197.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b77f2eeb94a52526e385b422b59703e582c75af70402ab009b66d542694259c8
-  data.tar.gz: e97d33313f38d3b6dd565a02b3c1ccdc34d5960cd076ace3449fe50f7f75f2b6
+  metadata.gz: f11249692fa65ae987ba92fad403281cc16a877ccfe8381afb6ae7806c3a50ae
+  data.tar.gz: 0f8b8f4a441fb62dc3b5c7f296e8e3c5fff877262414796b98fc20dbd4eb680c
 SHA512:
-  metadata.gz: 2efdc811c495c91558cf5144599eff67f2e828a94d90d4fd31d49575a9bff4456e7f237aa79853cdb6f8fba016b9011cc8f6d8677596c85a9e6179f606431961
-  data.tar.gz: e933ae0dc9b2d77e0455a1af5f5c635833b394ec2f70f90133af52993992134b56481952124d5a2448182a6c180c4cb1483114667ea5d2437891e22a739e3f44
+  metadata.gz: e7b0fbfd6d0062f19f0c9ec4f70b909123e98b570a83b156fcbb4bae0e58a685745f1bffdb55c2999d4fd0e8ad0a2927b685bd59373d9008c5f2a3e12a5878e2
+  data.tar.gz: 356fab036a80251e70ad0ecd0232db0df377a2bfffef5b2631f12fa3d3dd048166f10013105818dfd59ff4e66deef16dfaf2c03ceb889009b8b9d5beb89907f5

data/CHANGELOG.md

@@ -1,6 +1,18 @@
 Unreleased Changes
 ------------------
 
+3.197.1 (2024-06-19)
+------------------
+
+* Issue - Support an array of string arguments for `Aws::ProcessCredentials` to be executed by `system`.
+
+3.197.0 (2024-06-05)
+------------------
+
+* Issue - Ensure no UTC offset when deserializing `iso8601` timestamp format values.
+
+* Feature - Bump User Agent to version 2.1 to track business metrics. This changes the User Agent plugin order to be just before sending.
+
 3.196.1 (2024-05-14)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-3.196.1
+3.197.1

data/lib/aws-sdk-core/pageable_response.rb

@@ -201,7 +201,7 @@ module Aws
       def next_response(params)
         params = next_page_params(params)
         request = context.client.build_request(context.operation_name, params)
-        Aws::Plugins::UserAgent.feature('paginator') do
+        Aws::Plugins::UserAgent.metric('PAGINATOR') do
           request.send_request
         end
       end

data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb

@@ -11,6 +11,8 @@ module Aws
           # AttemptHandler comes just before we would retry an error.
           # Or before we would follow redirects.
           handlers.add(AttemptHandler, step: :sign, priority: 39)
+          # ErrorHandler comes after we have parsed an error.
+          handlers.add(ErrorHandler, step: :sign, priority: 95)
           # LatencyHandler is as close to sending as possible.
           handlers.add(LatencyHandler, step: :sign, priority: 0)
         end
@@ -62,17 +64,27 @@ module Aws
             call_attempt.x_amzn_request_id = headers["x-amzn-request-id"]
           end
           call_attempt.http_status_code = context.http_response.status_code
-          if e = resp.error
+          context.metadata[:current_call_attempt] = call_attempt
+          request_metrics.add_call_attempt(call_attempt)
+          resp
+        end
+      end
+
+      class ErrorHandler < Seahorse::Client::Handler
+        def call(context)
+          resp = @handler.call(context)
+          call_attempt = context.metadata[:current_call_attempt]
+          if (e = resp.error)
             e_name = _extract_error_name(e)
             e_msg = e.message
             call_attempt.aws_exception = "#{e_name}"
             call_attempt.aws_exception_msg = "#{e_msg}"
           end
-          request_metrics.add_call_attempt(call_attempt)
           resp
         end
 
         private
+
         def _extract_error_name(error)
           if error.is_a?(Aws::Errors::ServiceError)
             error.class.code

data/lib/aws-sdk-core/plugins/request_compression.rb

@@ -91,11 +91,20 @@ and 10485780 bytes inclusive.
               end
             end
           end
-          @handler.call(context)
+          with_metric(selected_encoding) { @handler.call(context) }
         end
 
         private
 
+        def with_metric(encoding, &block)
+          case encoding
+          when 'gzip'
+            Aws::Plugins::UserAgent.metric('GZIP_REQUEST_COMPRESSION', &block)
+          else
+            block.call
+          end
+        end
+
         def request_encoding_selection(context)
           encoding_list = context.operation.request_compression['encodings']
           encoding_list.find { |encoding| RequestCompression::SUPPORTED_ENCODINGS.include?(encoding) }

data/lib/aws-sdk-core/plugins/retry_errors.rb

@@ -235,7 +235,7 @@ a clock skew correction and retry requests with skewed client clocks.
 
           get_send_token(config)
           add_retry_headers(context)
-          response = @handler.call(context)
+          response = with_metric(config.retry_mode) { @handler.call(context) }
           error_inspector = Retries::ErrorInspector.new(
             response.error, response.context.http_response.status_code
           )
@@ -272,6 +272,10 @@ a clock skew correction and retry requests with skewed client clocks.
 
         private
 
+        def with_metric(retry_mode, &block)
+          Aws::Plugins::UserAgent.metric("RETRY_MODE_#{retry_mode.upcase}", &block)
+        end
+
         def get_send_token(config)
           # either fail fast or block until a token becomes available
           # must be configurable
@@ -359,7 +363,7 @@ a clock skew correction and retry requests with skewed client clocks.
       class LegacyHandler < Seahorse::Client::Handler
 
         def call(context)
-          response = @handler.call(context)
+          response = with_metric { @handler.call(context) }
           if response.error
             error_inspector = Retries::ErrorInspector.new(
               response.error, response.context.http_response.status_code
@@ -378,6 +382,10 @@ a clock skew correction and retry requests with skewed client clocks.
 
         private
 
+        def with_metric(&block)
+          Aws::Plugins::UserAgent.metric('RETRY_MODE_LEGACY', &block)
+        end
+
         def retry_if_possible(response, error_inspector)
           context = response.context
           if should_retry?(context, error_inspector)

data/lib/aws-sdk-core/plugins/user_agent.rb

@@ -4,6 +4,23 @@ module Aws
   module Plugins
     # @api private
     class UserAgent < Seahorse::Client::Plugin
+      METRICS = Aws::Json.load(<<-METRICS)
+        {
+          "RESOURCE_MODEL": "A",
+          "WAITER": "B",
+          "PAGINATOR": "C",
+          "RETRY_MODE_LEGACY": "D",
+          "RETRY_MODE_STANDARD": "E",
+          "RETRY_MODE_ADAPTIVE": "F",
+          "S3_TRANSFER": "G",
+          "S3_CRYPTO_V1N": "H",
+          "S3_CRYPTO_V2": "I",
+          "S3_EXPRESS_BUCKET": "J",
+          "S3_ACCESS_GRANTS": "K",
+          "GZIP_REQUEST_COMPRESSION": "L"
+        }
+      METRICS
+
       # @api private
       option(:user_agent_suffix)
       # @api private
@@ -23,12 +40,20 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
         app_id
       end
 
-      def self.feature(feature, &block)
-        Thread.current[:aws_sdk_core_user_agent_feature] ||= []
-        Thread.current[:aws_sdk_core_user_agent_feature] << "ft/#{feature}"
+      # Deprecated - must exist for old service gems
+      def self.feature(_feature, &block)
+        block.call
+      end
+
+      def self.metric(metric, &block)
+        Thread.current[:aws_sdk_core_user_agent_metric] ||= []
+        Thread.current[:aws_sdk_core_user_agent_metric] << METRICS[metric]
         block.call
       ensure
-        Thread.current[:aws_sdk_core_user_agent_feature].pop
+        Thread.current[:aws_sdk_core_user_agent_metric].pop
+        if Thread.current[:aws_sdk_core_user_agent_metric].empty?
+          Thread.current[:aws_sdk_core_user_agent_metric] = nil
+        end
       end
 
       # @api private
@@ -49,15 +74,24 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
 
           def to_s
             ua = "aws-sdk-ruby3/#{CORE_GEM_VERSION}"
-            ua += ' ua/2.0'
-            ua += " #{api_metadata}" if api_metadata
+            ua += ' ua/2.1'
+            if (api_m = api_metadata)
+              ua += " #{api_m}"
+            end
             ua += " #{os_metadata}"
             ua += " #{language_metadata}"
-            ua += " #{env_metadata}" if env_metadata
-            ua += " #{config_metadata}" if config_metadata
-            ua += " #{app_id}" if app_id
-            ua += " #{feature_metadata}" if feature_metadata
-            ua += " #{framework_metadata}" if framework_metadata
+            if (env_m = env_metadata)
+              ua += " #{env_m}"
+            end
+            if (app_id_m = app_id_metadata)
+              ua += " #{app_id_m}"
+            end
+            if (framework_m = framework_metadata)
+              ua += " #{framework_m}"
+            end
+            if (metric_m = metric_metadata)
+              ua += " #{metric_m}"
+            end
             if @context.config.user_agent_suffix
               ua += " #{@context.config.user_agent_suffix}"
             end
@@ -93,7 +127,6 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             local_version = Gem::Platform.local.version
             metadata += "##{local_version}" if local_version
             metadata += " md/#{RbConfig::CONFIG['host_cpu']}"
-            metadata
           end
 
           # Used to be RUBY_ENGINE/RUBY_VERSION
@@ -107,11 +140,7 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             "exec-env/#{execution_env}"
           end
 
-          def config_metadata
-            "cfg/retry-mode##{@context.config.retry_mode}"
-          end
-
-          def app_id
+          def app_id_metadata
             return unless (app_id = @context.config.sdk_ua_app_id)
 
             # Sanitize and only allow these characters
@@ -119,12 +148,6 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             "app/#{app_id}"
           end
 
-          def feature_metadata
-            return unless Thread.current[:aws_sdk_core_user_agent_feature]
-
-            Thread.current[:aws_sdk_core_user_agent_feature].join(' ')
-          end
-
           def framework_metadata
             if (frameworks_cfg = @context.config.user_agent_frameworks).empty?
               return
@@ -141,10 +164,21 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             end
             frameworks.map { |n, v| "lib/#{n}##{v}" }.join(' ')
           end
+
+          def metric_metadata
+            return unless Thread.current[:aws_sdk_core_user_agent_metric]
+
+            metrics = Thread.current[:aws_sdk_core_user_agent_metric].join(',')
+            # Metric metadata is limited to 1024 bytes
+            return "m/#{metrics}" if metrics.bytesize <= 1024
+
+            # Removes the last unfinished metric
+            "m/#{metrics[0...metrics[0..1024].rindex(',')]}"
+          end
         end
       end
 
-      handler(Handler, priority: 1)
+      handler(Handler, step: :sign, priority: 97)
     end
   end
 end

data/lib/aws-sdk-core/process_credentials.rb

@@ -2,9 +2,15 @@
 
 module Aws
   # A credential provider that executes a given process and attempts
-  # to read its stdout to recieve a JSON payload containing the credentials.
+  # to read its stdout to receive a JSON payload containing the credentials.
   #
-  #     credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc')
+  #     credentials = Aws::ProcessCredentials.new(['/usr/bin/credential_proc'])
+  #     ec2 = Aws::EC2::Client.new(credentials: credentials)
+  #
+  # Arguments should be provided as strings in the array, for example:
+  #
+  #     process = ['/usr/bin/credential_proc', 'arg1', 'arg2']
+  #     credentials = Aws::ProcessCredentials.new(process)
   #     ec2 = Aws::EC2::Client.new(credentials: credentials)
   #
   # Automatically handles refreshing credentials if an Expiration time is
@@ -19,40 +25,49 @@ module Aws
     # Creates a new ProcessCredentials object, which allows an
     # external process to be used as a credential provider.
     #
-    # @param [String] process Invocation string for process
-    # credentials provider.
+    # @param [Array<String>, String] process An array of strings including
+    #  the process name and its arguments to execute, or a single string to be
+    #  executed by the shell (deprecated and insecure).
     def initialize(process)
+      if process.is_a?(String)
+        warn('Passing a single string to Aws::ProcessCredentials.new '\
+             'is insecure, please use use an array of system arguments instead')
+      end
       @process = process
-      @credentials = credentials_from_process(@process)
+      @credentials = credentials_from_process
       @async_refresh = false
 
       super
     end
 
     private
-    def credentials_from_process(proc_invocation)
-      begin
-        raw_out = `#{proc_invocation}`
-        process_status = $?
-      rescue Errno::ENOENT
-        raise Errors::InvalidProcessCredentialsPayload.new("Could not find process #{proc_invocation}")
+
+    def credentials_from_process
+      r, w = IO.pipe
+      success = system(*@process, out: w)
+      w.close
+      raw_out = r.read
+      r.close
+
+      unless success
+        raise Errors::InvalidProcessCredentialsPayload.new(
+          'credential_process provider failure, the credential process had '\
+          'non zero exit status and failed to provide credentials'
+        )
       end
 
-      if process_status.success?
-        begin
-          creds_json = Aws::Json.load(raw_out)
-        rescue Aws::Json::ParseError
-          raise Errors::InvalidProcessCredentialsPayload.new("Invalid JSON response")
-        end
-        payload_version = creds_json['Version']
-        if payload_version == 1
-          _parse_payload_format_v1(creds_json)
-        else
-          raise Errors::InvalidProcessCredentialsPayload.new("Invalid version #{payload_version} for credentials payload")
-        end
-      else
-        raise Errors::InvalidProcessCredentialsPayload.new('credential_process provider failure, the credential process had non zero exit status and failed to provide credentials')
+      begin
+        creds_json = Aws::Json.load(raw_out)
+      rescue Aws::Json::ParseError
+        raise Errors::InvalidProcessCredentialsPayload.new('Invalid JSON response')
       end
+
+      payload_version = creds_json['Version']
+      return _parse_payload_format_v1(creds_json) if payload_version == 1
+
+      raise Errors::InvalidProcessCredentialsPayload.new(
+        "Invalid version #{payload_version} for credentials payload"
+      )
     end
 
     def _parse_payload_format_v1(creds_json)
@@ -64,11 +79,14 @@ module Aws
 
       @expiration = creds_json['Expiration'] ? Time.iso8601(creds_json['Expiration']) : nil
       return creds if creds.set?
-      raise Errors::InvalidProcessCredentialsPayload.new("Invalid payload for JSON credentials version 1")
+
+      raise Errors::InvalidProcessCredentialsPayload.new(
+        'Invalid payload for JSON credentials version 1'
+      )
     end
 
     def refresh
-      @credentials = credentials_from_process(@process)
+      @credentials = credentials_from_process
     end
 
     def near_expiration?(expiration_length)

data/lib/aws-sdk-core/util.rb

@@ -90,16 +90,16 @@ module Aws
         end
       end
 
-      # @param [String, Integer] value
+      # @param [String] value
       # @return [Time]
       def deserialize_time(value)
         case value
         when nil then nil
-        when /^\d+$/ then Time.at(value.to_i)
+        when /^[\d.]+$/ then Time.at(value.to_f).utc
         else
           begin
-            fractional_time = Time.parse(value).utc.to_f
-            Time.at(fractional_time)
+            fractional_time = Time.parse(value).to_f
+            Time.at(fractional_time).utc
           rescue ArgumentError
             raise "unhandled timestamp format `#{value}'"
           end

data/lib/aws-sdk-core/waiters/poller.rb

@@ -62,7 +62,7 @@ module Aws
       def send_request(options)
         req = options[:client].build_request(@operation_name, options[:params])
         req.handlers.remove(RAISE_HANDLER)
-        Aws::Plugins::UserAgent.feature('waiter') do
+        Aws::Plugins::UserAgent.metric('WAITER') do
           req.send_request
         end
       end

data/lib/aws-sdk-sso/client.rb

@@ -630,7 +630,7 @@ module Aws::SSO
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.196.1'
+      context[:gem_version] = '3.197.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sso.rb

@@ -54,6 +54,6 @@ require_relative 'aws-sdk-sso/customizations'
 # @!group service
 module Aws::SSO
 
-  GEM_VERSION = '3.196.1'
+  GEM_VERSION = '3.197.1'
 
 end

data/lib/aws-sdk-ssooidc/client.rb

@@ -983,7 +983,7 @@ module Aws::SSOOIDC
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.196.1'
+      context[:gem_version] = '3.197.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-ssooidc.rb

@@ -54,6 +54,6 @@ require_relative 'aws-sdk-ssooidc/customizations'
 # @!group service
 module Aws::SSOOIDC
 
-  GEM_VERSION = '3.196.1'
+  GEM_VERSION = '3.197.1'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -2377,7 +2377,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.196.1'
+      context[:gem_version] = '3.197.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sts.rb

@@ -54,6 +54,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.196.1'
+  GEM_VERSION = '3.197.1'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.196.1
+  version: 3.197.1
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-14 00:00:00.000000000 Z
+date: 2024-06-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath