aws-sdk-rails 3.5.0 → 3.6.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 06b6734cbbe89bfbec53e688f583d78fb1a1fed48420c0a6b279d0025c8a65d3
4
- data.tar.gz: 6a84d18c8fbb5807bb88e1b3c803ed94a72bb6287abc244341dfb1e05a595923
3
+ metadata.gz: 6dcc9e1a5e3c78d6952327013a71e7e1b2516025c9191eafde4751154854b494
4
+ data.tar.gz: 51eb886b4149c80f585b2ee358a14def1f4c96ab08da36545330518b47442eb5
5
5
  SHA512:
6
- metadata.gz: 339b7acd4cdc666589ec5921ac583b1b8ed17101fedf6637af957ede0863b0aebe025333ddbb8fdb1fe9a491d2f82f76b7cde81d62ad1eab6c58ae34605c8ecf
7
- data.tar.gz: c5d8b881c1f5a9521800bc89dd491266088a03dd98845590e5d498e22538baee8f14a014048a3155adcc411a5ded72bc35e02f456097f1d838a4e3cbff905e02
6
+ metadata.gz: 6b2a91990771c25123f531e82dc4bc67d6c27c6866ccc219b765eefc38181321f5871f9b9f23189bf8a603a513756e25eb70a47f76858f59a8762798f44e301a
7
+ data.tar.gz: a336bdcd1e91d0b21df76f8fde5382d1792491e611be00804ac2f03a1a64eaa656295ab6e13675201d79aeb710f91bff955dcbd7b846faeb884dbbd2e64e15c4
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.5.0
1
+ 3.6.2
@@ -1,4 +1,5 @@
1
1
  require 'aws-sessionstore-dynamodb'
2
+ require 'action_dispatch/middleware/session/abstract_store'
2
3
 
3
4
  module ActionDispatch
4
5
  module Session
@@ -9,11 +10,14 @@ module ActionDispatch
9
10
  # This class will use the Rails secret_key_base unless otherwise provided.
10
11
  #
11
12
  # Configuration can also be provided in YAML files from Rails config, either
12
- # in "config/session_store.yml" or "config/session_store/#{Rails.env}.yml".
13
+ # in "config/session_store.yml" or "config/session_store/#\\{Rails.env}.yml".
13
14
  # Configuration files that are environment-specific will take precedence.
14
15
  #
15
16
  # @see https://docs.aws.amazon.com/sdk-for-ruby/aws-sessionstore-dynamodb/api/Aws/SessionStore/DynamoDB/Configuration.html
16
17
  class DynamodbStore < Aws::SessionStore::DynamoDB::RackMiddleware
18
+ include StaleSessionCheck
19
+ include SessionObject
20
+
17
21
  def initialize(app, options = {})
18
22
  options[:config_file] ||= config_file if config_file.exist?
19
23
  options[:secret_key] ||= Rails.application.secret_key_base
@@ -30,13 +30,15 @@ module ActiveJob
30
30
  # job_id is unique per initialization of job
31
31
  # Remove it from message dup id to ensure run-once behavior
32
32
  # with ActiveJob retries
33
- send_message_opts[:message_deduplication_id] =
34
- Digest::SHA256.hexdigest(
35
- Aws::Json.dump(body.except('job_id'))
36
- )
33
+ send_message_opts[:message_deduplication_id] =
34
+ Digest::SHA256.hexdigest(Aws::Json.dump(body.except('job_id')))
37
35
 
38
- send_message_opts[:message_group_id] = Aws::Rails::SqsActiveJob.config.message_group_id
36
+ message_group_id = job.message_group_id if job.respond_to?(:message_group_id)
37
+ message_group_id ||= Aws::Rails::SqsActiveJob.config.message_group_id
38
+
39
+ send_message_opts[:message_group_id] = message_group_id
39
40
  end
41
+
40
42
  Aws::Rails::SqsActiveJob.config.client.send_message(send_message_opts)
41
43
  end
42
44
 
@@ -0,0 +1,92 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module Rails
5
+ # Middleware to handle requests from the SQS Daemon present on Elastic Beanstalk worker environments.
6
+ class EbsSqsActiveJobMiddleware
7
+ INTERNAL_ERROR_MESSAGE = 'Failed to execute job - see Rails log for more details.'
8
+ INTERNAL_ERROR_RESPONSE = [500, { 'Content-Type' => 'text/plain' }, [INTERNAL_ERROR_MESSAGE]].freeze
9
+ FORBIDDEN_MESSAGE = 'Request with aws-sqsd user agent was made from untrusted address.'
10
+ FORBIDDEN_RESPONSE = [403, { 'Content-Type' => 'text/plain' }, [FORBIDDEN_MESSAGE]].freeze
11
+
12
+ def initialize(app)
13
+ @app = app
14
+ @logger = ::Rails.logger
15
+ end
16
+
17
+ def call(env)
18
+ request = ActionDispatch::Request.new(env)
19
+
20
+ # Pass through unless user agent is the SQS Daemon
21
+ return @app.call(env) unless from_sqs_daemon?(request)
22
+
23
+ @logger.debug('aws-sdk-rails middleware detected call from Elastic Beanstalk SQS Daemon.')
24
+
25
+ # Only accept requests from this user agent if it is from localhost or a docker host in case of forgery.
26
+ unless request.local? || sent_from_docker_host?(request)
27
+ @logger.warn("SQSD request detected from untrusted address #{request.remote_ip}; returning 403 forbidden.")
28
+ return FORBIDDEN_RESPONSE
29
+ end
30
+
31
+ # Execute job or periodic task based on HTTP request context
32
+ periodic_task?(request) ? execute_periodic_task(request) : execute_job(request)
33
+ end
34
+
35
+ private
36
+
37
+ def execute_job(request)
38
+ # Jobs queued from the Active Job SQS adapter contain the JSON message in the request body.
39
+ job = Aws::Json.load(request.body.string)
40
+ job_name = job['job_class']
41
+ @logger.debug("Executing job: #{job_name}")
42
+
43
+ begin
44
+ ActiveJob::Base.execute(job)
45
+ rescue NoMethodError, NameError => e
46
+ @logger.error("Job #{job_name} could not resolve to a class that inherits from Active Job.")
47
+ @logger.error("Error: #{e}")
48
+ return INTERNAL_ERROR_RESPONSE
49
+ end
50
+
51
+ [200, { 'Content-Type' => 'text/plain' }, ["Successfully ran job #{job_name}."]]
52
+ end
53
+
54
+ def execute_periodic_task(request)
55
+ # The beanstalk worker SQS Daemon will add the 'X-Aws-Sqsd-Taskname' for periodic tasks set in cron.yaml.
56
+ job_name = request.headers['X-Aws-Sqsd-Taskname']
57
+ @logger.debug("Creating and executing periodic task: #{job_name}")
58
+
59
+ begin
60
+ job = job_name.constantize.new
61
+ job.perform_now
62
+ rescue NoMethodError, NameError => e
63
+ @logger.error("Periodic task #{job_name} could not resolve to an Active Job class - check the spelling in cron.yaml.")
64
+ @logger.error("Error: #{e}.")
65
+ return INTERNAL_ERROR_RESPONSE
66
+ end
67
+
68
+ [200, { 'Content-Type' => 'text/plain' }, ["Successfully ran periodic task #{job_name}."]]
69
+ end
70
+
71
+ # The beanstalk worker SQS Daemon sets a specific User-Agent headers that begins with 'aws-sqsd'.
72
+ def from_sqs_daemon?(request)
73
+ current_user_agent = request.headers['User-Agent']
74
+
75
+ !current_user_agent.nil? && current_user_agent.start_with?('aws-sqsd')
76
+ end
77
+
78
+ # The beanstalk worker SQS Daemon will add the custom 'X-Aws-Sqsd-Taskname' header for periodic tasks set in cron.yaml.
79
+ def periodic_task?(request)
80
+ !request.headers['X-Aws-Sqsd-Taskname'].nil? && request.headers['X-Aws-Sqsd-Taskname'].present?
81
+ end
82
+
83
+ def sent_from_docker_host?(request)
84
+ app_runs_in_docker_container? && request.remote_ip == '172.17.0.1'
85
+ end
86
+
87
+ def app_runs_in_docker_container?
88
+ @app_runs_in_docker_container ||= `[ -f /proc/1/cgroup ] && cat /proc/1/cgroup` =~ /docker/
89
+ end
90
+ end
91
+ end
92
+ end
@@ -13,6 +13,10 @@ module Aws
13
13
  Aws::Rails.log_to_rails_logger
14
14
  end
15
15
 
16
+ initializer 'aws-sdk-rails.insert_middleware' do |app|
17
+ Aws::Rails.add_sqsd_middleware(app)
18
+ end
19
+
16
20
  rake_tasks do
17
21
  load 'tasks/dynamo_db/session_store.rake'
18
22
  load 'tasks/aws_record/migrate.rake'
@@ -44,10 +48,7 @@ module Aws
44
48
  aws_credential_keys = %i[access_key_id secret_access_key session_token]
45
49
 
46
50
  Aws.config.merge!(
47
- ::Rails.application
48
- .try(:credentials)
49
- .try(:aws)
50
- .to_h.slice(*aws_credential_keys)
51
+ ::Rails.application.credentials[:aws].to_h.slice(*aws_credential_keys)
51
52
  )
52
53
  end
53
54
 
@@ -64,5 +65,21 @@ module Aws
64
65
  end
65
66
  end
66
67
  end
68
+
69
+ # Register a middleware that will handle requests from the Elastic Beanstalk worker SQS Daemon.
70
+ # This will only be added in the presence of the AWS_PROCESS_BEANSTALK_WORKER_REQUESTS environment variable.
71
+ # The expectation is this variable should only be set on EB worker environments.
72
+ def self.add_sqsd_middleware(app)
73
+ is_eb_worker_hosted = Aws::Util.str_2_bool(ENV['AWS_PROCESS_BEANSTALK_WORKER_REQUESTS'].to_s.downcase)
74
+
75
+ return unless is_eb_worker_hosted
76
+
77
+ if app.config.force_ssl
78
+ # SQS Daemon sends requests over HTTP - allow and process them before enforcing SSL.
79
+ app.config.middleware.insert_before(ActionDispatch::SSL, Aws::Rails::EbsSqsActiveJobMiddleware)
80
+ else
81
+ app.config.middleware.use(Aws::Rails::EbsSqsActiveJobMiddleware)
82
+ end
83
+ end
67
84
  end
68
85
  end
data/lib/aws-sdk-rails.rb CHANGED
@@ -7,6 +7,7 @@ require_relative 'aws/rails/sqs_active_job/configuration'
7
7
  require_relative 'aws/rails/sqs_active_job/executor'
8
8
  require_relative 'aws/rails/sqs_active_job/job_runner'
9
9
  require_relative 'aws/rails/sqs_active_job/lambda_handler'
10
+ require_relative 'aws/rails/middleware/ebs_sqs_active_job_middleware'
10
11
 
11
12
  require_relative 'action_dispatch/session/dynamodb_store'
12
13
  require_relative 'active_job/queue_adapters/amazon_sqs_adapter'
@@ -9,11 +9,11 @@ module AwsRecord
9
9
  end
10
10
 
11
11
  def create_model
12
- template "model.rb", File.join("app/models", class_path, "#{file_name}.rb")
12
+ template "model.erb", File.join("app/models", class_path, "#{file_name}.rb")
13
13
  end
14
14
 
15
15
  def create_table_config
16
- template "table_config.rb", File.join("db/table_config", class_path, "#{file_name}_config.rb") if options["table_config"]
16
+ template "table_config.erb", File.join("db/table_config", class_path, "#{file_name}_config.rb") if options["table_config"]
17
17
  end
18
18
 
19
19
  end
@@ -18,7 +18,7 @@ module DynamoDb
18
18
  # of a DynamoDB session table.
19
19
  def generate_migration_file
20
20
  migration_template(
21
- 'session_store_migration.rb',
21
+ 'session_store_migration.erb',
22
22
  "db/migrate/#{name.underscore}.rb"
23
23
  )
24
24
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.5.0
4
+ version: 3.6.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-01-06 00:00:00.000000000 Z
11
+ date: 2022-06-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-record
@@ -124,6 +124,7 @@ files:
124
124
  - lib/active_job/queue_adapters/amazon_sqs_async_adapter.rb
125
125
  - lib/aws-sdk-rails.rb
126
126
  - lib/aws/rails/mailer.rb
127
+ - lib/aws/rails/middleware/ebs_sqs_active_job_middleware.rb
127
128
  - lib/aws/rails/notifications.rb
128
129
  - lib/aws/rails/railtie.rb
129
130
  - lib/aws/rails/sqs_active_job/configuration.rb
@@ -135,13 +136,13 @@ files:
135
136
  - lib/generators/aws_record/generated_attribute.rb
136
137
  - lib/generators/aws_record/model/USAGE
137
138
  - lib/generators/aws_record/model/model_generator.rb
138
- - lib/generators/aws_record/model/templates/model.rb
139
- - lib/generators/aws_record/model/templates/table_config.rb
139
+ - lib/generators/aws_record/model/templates/model.erb
140
+ - lib/generators/aws_record/model/templates/table_config.erb
140
141
  - lib/generators/aws_record/secondary_index.rb
141
142
  - lib/generators/dynamo_db/session_store_migration/USAGE
142
143
  - lib/generators/dynamo_db/session_store_migration/session_store_migration_generator.rb
143
144
  - lib/generators/dynamo_db/session_store_migration/templates/dynamo_db_session_store.yml
144
- - lib/generators/dynamo_db/session_store_migration/templates/session_store_migration.rb
145
+ - lib/generators/dynamo_db/session_store_migration/templates/session_store_migration.erb
145
146
  - lib/tasks/aws_record/migrate.rake
146
147
  - lib/tasks/dynamo_db/session_store.rake
147
148
  homepage: https://github.com/aws/aws-sdk-rails
@@ -163,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
163
164
  - !ruby/object:Gem::Version
164
165
  version: '0'
165
166
  requirements: []
166
- rubygems_version: 3.0.3
167
+ rubygems_version: 3.2.7
167
168
  signing_key:
168
169
  specification_version: 4
169
170
  summary: AWS SDK for Ruby on Rails Plugin