RubyGems - aws_runas - Versions diffs - 0.3.0 → 0.3.1 - Mend

aws_runas 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +3 -2
data/CHANGELOG.md +9 -0
data/aws_runas.gemspec +1 -1
data/lib/aws_runas/main.rb +5 -0
data/lib/aws_runas/version.rb +1 -1
data/spec/aws_runas/main_spec.rb +38 -8
data/spec/helpers/config_spec.rb +1 -0
data/spec/helpers/files/aws_config_nosource +6 -0
metadata +6 -4
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a1725b31ac831ab9d03534988e9503c9531933be
-  data.tar.gz: 77d0509bb39c0d274bedb21152c8de1c340ed9d2
+  metadata.gz: f9e60ed4c0cf8087605426ff18b859a4effcb7d0
+  data.tar.gz: 23c46cc1407a5c521b8d7ac4a3130f85c3ef368e
 SHA512:
-  metadata.gz: c2d5095da3b865dc73abf72abf2492f12641d1ddef9b772f82ce6f68427354dcc10da2f1e4f81ec2766ee59133911f3a85a83239aca40f9b937eabc8c6b16122
-  data.tar.gz: 660afcfda580390e17abe2cf36e0dc1c91980121953209ffe5baf4bba83ebd08480a3304673e8987fc0120b675a3771ca29618303bccbcd576c5f068eaf62b9c
+  metadata.gz: 2774fd7e5f13d104a7c2cf24bcd03f8402162e388a296dbfe75d1632e8a2c60477d106923a89a95ade20b8185fd324a40ef30de2a264ee3707620fd3818eb579
+  data.tar.gz: d283315d8d0025df28dc433b01fbd8a883f219c3dd1bb022e194f967ee4bf4d17a810bea6ec73e65aac40f5f497e5496fb7a67424452dfdcd99b953581a4cfdd

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data.tar.gz.sig CHANGED Viewed

@@ -1,2 +1,3 @@
-;h�&���m��Nޭ��v}����5��}�[a\L/SX���u�,X��k,
-{(�T�f�cTT����fx3��&��8����B�*��+���[��4��a�m(�*�R�.zl�N-�	�f8&t�A0W78^m��&/�gҊ�M��)^���Do�N
+�{�ZL�q���G��ˉ٨xR�7�ˌ�):�[a�s?m`�`sE�ͫ��Z.je�J�Z��ӥo�=��;8���u)'F��O�;��d�qZ�]	��[�J���)=KWwj��2�wX�hK}&�.T���[w��)�*w�PW5�h��MpT|��h�}JF�z᛼��uå�1l�H���]�z$
+l
+�_}|����-�����6IB�m��Zq�j5䂚<g�]b��*�6���։�Ԭ+9]:O9����O&n�ͳ

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,12 @@
+## v0.3.1
+This update sets `AWS_SDK_CONFIG_OPT_OUT` before the `aws-sdk` Ruby gem is
+loaded to start assuming roles, to disable newer AWS Ruby SDK functionality that
+allows the assumption of roles from `~/.aws/config` directly through the
+toolchain. This conflicts with `aws-runas`'s own config file handling and breaks
+in scenarios where one may want a default `~/.aws/config` file but no
+credentials (ie: instance profiles).
 ## v0.3.0
 Add session only features:

data/aws_runas.gemspec CHANGED Viewed

@@ -37,7 +37,7 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ['>= 2.1']
-  spec.add_dependency 'aws-sdk', '~> 2.2'
+  spec.add_dependency 'aws-sdk', '~> 2.6'
   spec.add_dependency 'inifile', '~> 3.0'
   spec.add_dependency 'trollop', '~> 2.1'

data/lib/aws_runas/main.rb CHANGED Viewed

@@ -14,6 +14,11 @@
 require 'aws_runas/config'
 require 'aws_runas/utils'
+# AWS_SDK_CONFIG_OPT_OUT must be set here so that we use the pre-2.4 SDK
+# behaviour, which ensures that ~/.aws/config is not re-read when assuming
+# roles.
+ENV.store('AWS_SDK_CONFIG_OPT_OUT', '1')
 require 'aws-sdk'
 module AwsRunAs

data/lib/aws_runas/version.rb CHANGED Viewed

@@ -13,5 +13,5 @@
 # limitations under the License.
 module AwsRunAs
-  VERSION = '0.3.0'
+  VERSION = '0.3.1'
 end

data/spec/aws_runas/main_spec.rb CHANGED Viewed

@@ -16,6 +16,9 @@ require 'spec_helper'
 require 'aws_runas/main'
 MFA_ERROR = 'No mfa_serial in selected profile, session will be useless'.freeze
+AWS_DEFAULT_CFG_PATH = "#{Dir.home}/.aws/config".freeze
+AWS_DEFAULT_CREDENTIALS_PATH = "#{Dir.home}/.aws/credentials".freeze
+AWS_LOCAL_CFG_PATH = "#{Dir.pwd}/aws_config".freeze
 describe AwsRunAs::Main do
   before(:context) do
@@ -68,6 +71,31 @@ describe AwsRunAs::Main do
       ENV.store('AWS_SESSION_TOKEN', 'foo')
       @main.assume_role
     end
+    context 'with $HOME/.aws/config (test AWS_SDK_CONFIG_OPT_OUT)' do
+      before(:example) do
+        Aws.config.update(stub_responses: false)
+        allow(File).to receive(:exist?).with(AWS_LOCAL_CFG_PATH).and_return false
+        allow(File).to receive(:exist?).with(AWS_DEFAULT_CFG_PATH).and_return true
+        allow(File).to receive(:exist?).with(AWS_DEFAULT_CREDENTIALS_PATH).and_return false
+        allow(File).to receive(:read).with(AWS_DEFAULT_CFG_PATH).and_return File.read(MOCK_AWS_NO_SOURCE_PATH)
+        allow(IniFile).to receive(:load).with(AWS_DEFAULT_CFG_PATH).and_return IniFile.load(MOCK_AWS_NO_SOURCE_PATH)
+        allow(Aws::AssumeRoleCredentials).to receive(:new).and_return(
+          Aws::AssumeRoleCredentials.new(
+            role_arn: 'roleARN',
+            role_session_name: 'roleSessionName',
+            stub_responses: true
+          )
+        )
+        @main = AwsRunAs::Main.new(
+          profile: 'test-profile'
+        )
+      end
+      it 'assumes a role correctly' do
+        @main.assume_role
+      end
+    end
   end
   describe '#credentials_env' do
@@ -75,16 +103,18 @@ describe AwsRunAs::Main do
       @env = @main.credentials_env
     end
-    it 'returns AWS_ACCESS_KEY_ID set in env' do
-      expect(@env['AWS_ACCESS_KEY_ID']).to eq('accessKeyIdType')
-    end
+    context 'with a static, user-defined config path' do
+      it 'returns AWS_ACCESS_KEY_ID set in env' do
+        expect(@env['AWS_ACCESS_KEY_ID']).to eq('accessKeyIdType')
+      end
-    it 'returns AWS_SECRET_ACCESS_KEY set in env' do
-      expect(@env['AWS_SECRET_ACCESS_KEY']).to eq('accessKeySecretType')
-    end
+      it 'returns AWS_SECRET_ACCESS_KEY set in env' do
+        expect(@env['AWS_SECRET_ACCESS_KEY']).to eq('accessKeySecretType')
+      end
-    it 'returns AWS_SESSION_TOKEN set in env' do
-      expect(@env['AWS_SESSION_TOKEN']).to eq('tokenType')
+      it 'returns AWS_SESSION_TOKEN set in env' do
+        expect(@env['AWS_SESSION_TOKEN']).to eq('tokenType')
+      end
     end
   end

data/spec/helpers/config_spec.rb CHANGED Viewed

@@ -16,3 +16,4 @@ require 'spec_helper'
 MOCK_AWS_CONFIGPATH = File.expand_path('../files/aws_config', __FILE__)
 MOCK_AWS_NO_MFA_PATH = File.expand_path('../files/aws_config_nomfa', __FILE__)
+MOCK_AWS_NO_SOURCE_PATH = File.expand_path('../files/aws_config_nosource', __FILE__)

data/spec/helpers/files/aws_config_nosource ADDED Viewed

@@ -0,0 +1,6 @@
+[default]
+region = us-east-1
+[profile test-profile]
+role_arn = arn:aws:iam::123456789012:role/test-admin
+region = us-west-1

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws_runas
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Chris Marchesi
@@ -31,7 +31,7 @@ cert_chain:
   reriQxVYXGlD8ZDuaKlDyVqUbF026ZHIlHKIgg90O037qFPxCBACTtxtYTP2hwug
   Yis=
   -----END CERTIFICATE-----
-date: 2016-06-11 00:00:00.000000000 Z
+date: 2016-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -39,14 +39,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '2.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '2.6'
 - !ruby/object:Gem::Dependency
   name: inifile
   requirement: !ruby/object:Gem::Requirement
@@ -163,6 +163,7 @@ files:
 - spec/helpers/config_spec.rb
 - spec/helpers/files/aws_config
 - spec/helpers/files/aws_config_nomfa
+- spec/helpers/files/aws_config_nosource
 - spec/spec_helper.rb
 homepage: https://github.com/vancluever/aws-runas
 licenses:
@@ -196,4 +197,5 @@ test_files:
 - spec/helpers/config_spec.rb
 - spec/helpers/files/aws_config
 - spec/helpers/files/aws_config_nomfa
+- spec/helpers/files/aws_config_nosource
 - spec/spec_helper.rb

metadata.gz.sig CHANGED Viewed

Binary file