awsecrets 1.14.0 → 1.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: b57fc9a0340fffea08fbcfddff251f9ef297cbcc
-  data.tar.gz: 70a54f7ee11afd5c3cee22fe9def13e193228791
+SHA256:
+  metadata.gz: 496d603f9e18bf3bb51bc071bc9375bc92acc9fb05e5cf441b7036238b4f0b69
+  data.tar.gz: f07676a4365be1db74052197372b0ba364505937467613a2f7893a9b4ce014fd
 SHA512:
-  metadata.gz: 00715cbafab1b0f33df6da7ad7ddd394eb0b5083666f8f164b1a585a715d229188853f1e48b98b5b4a64fe8703c4b4e8e56a3552577a73151e122eb74e23b8b8
-  data.tar.gz: 7fb15484326e4a5f48884eb12429db4b5d8f0ef55d944066b96d135c47340747c4db0a0f3c73081e29282e1455eab5f34db7d77fcda852c0c342ee6e9870f250
+  metadata.gz: 1fa3d149aa0611705f2f6fbc64660a49d0177db8d07373b5e73896401ce733e6b4f9fb1793c4be786f990e225892b25c1a63388213f3993665aeda1fa745f9d8
+  data.tar.gz: 636a84bfa7fbf59ea18bb45d2fde35a5aab919e8ee8639967e311a76d56f857e4ea512acee93607e0acca33702ba3afa3909ccfe909c714a13f2f9470529afeb

data/.rubocop.yml

@@ -1,9 +1,13 @@
+---
 AllCops:
   TargetRubyVersion: 2.1
 
 Lint/HandleExceptions:
   Enabled: false
 
+Lint/MissingCopEnableDirective:
+  Enabled: false
+
 Lint/UselessAssignment:
   Enabled: false
 
@@ -11,10 +15,10 @@ Metrics/AbcSize:
   Max: 50
 
 Metrics/ClassLength:
-  Max: 125
+  Max: 130
 
 Metrics/ModuleLength:
-  Max: 125
+  Max: 130
 
 Metrics/CyclomaticComplexity:
   Max: 15
@@ -66,3 +70,4 @@ Style/SymbolProc:
 
 Style/BracesAroundHashParameters:
   Enabled: false
+

data/.travis.yml

@@ -1,11 +1,22 @@
+---
 language: ruby
-rvm:
-  - 2.3.4
-  - 2.2.7
-
+matrix:
+  include:
+    - rvm: 2.6.2
+      env: RUBYGEMS_VERSION=
+    - rvm: 2.5.3
+      env: RUBYGEMS_VERSION=
+    - rvm: 2.4.5
+      env: RUBYGEMS_VERSION=
+    - rvm: 2.3.8
+      env: RUBYGEMS_VERSION=
+    - rvm: 2.2.10
+      env: RUBYGEMS_VERSION=2.7.8
+    - rvm: 2.1.10
+      env: RUBYGEMS_VERSION=2.7.8
 before_install:
-  - gem update bundler
-  
+  - gem update --system ${RUBYGEMS_VERSION}
+  - gem pristine bundler
+
 script:
   - bundle exec rake spec
-

data/README.md

@@ -31,7 +31,28 @@ Or install it yourself as:
 
 ## Usage example
 
-Create command line tool `ec2sample` like following code
+### Generate exception with wrong configuration
+
+For some use cases, awsecrets might raise an exception if (even after all
+attempts to configure access to an AWS account) there is missing configuration
+parameters.
+
+In other cases, this might not be desired.
+
+To have control on that, you can use the environment variable
+`DISABLE_AWS_CLIENT_CHECK`: if you set it to the string `'true'`, it will not
+attempt to early create an `Aws::EC2::Client` instance with the found
+parameters.
+
+By default, even if you don't set `DISABLE_AWS_CLIENT_CHECK` it will be treated
+like `true`.
+
+To enable this early checking, you **must** setup `DISABLE_AWS_CLIENT_CHECK`
+with the string `'false'`.
+
+### Basic example
+
+Create a command line tool `ec2sample` like following code:
 
 ```ruby
 #!/usr/bin/env ruby
@@ -41,17 +62,21 @@ ec2_client = Aws::EC2::Client.new
 puts ec2_client.describe_instances({ instance_ids: [ARGV.first] }).reservations.first.instances.first
 ```
 
-And execute
+Then execute it with command line parameters:
 
 ```sh
 $ ec2sample i-1aa1aaaa --profile mycreds --region ap-northeast-1
+```
 
-or
+or with environment variables configuration:
 
+```sh
 $ AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXXX AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX AWS_REGION=ap-northeast-1 ec2sample i-1aa1aaaa
+```
 
-or
+or using an YAML file:
 
+```sh
 $ cat <<EOF > secrets.yml
 region: ap-northeast-1
 aws_access_key_id: XXXXXXXXXXXXXXXXXXXX
@@ -64,7 +89,7 @@ $ ec2sample i-1aa1aaaa
 
 Support `role_arn` `role_session_name` `source_profile` `external_id`.
 
-#### 1. .aws/config and .aws/credentials
+#### 1. `.aws/config` and `.aws/credentials`
 
 see http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html
 
@@ -89,7 +114,7 @@ And execute
 $ ec2sample i-1aa1aaaa --profile assumed --region ap-northeast-1
 ```
 
-#### 2. secrets.yml
+#### 2. `secrets.yml`
 
 ```sh
 $ cat <<EOF > secrets.yml
@@ -105,7 +130,7 @@ And execute
 $ ec2sample i-1aa1aaaa
 ```
 
-### Disable load YAML(secrets.yml)
+### Disable load YAML (`secrets.yml`)
 
 ```ruby
 Awsecrets.load(disable_load_secrets:true)
@@ -119,8 +144,8 @@ Awsecrets.load(secrets_path:false)
 
 ## Contributing
 
-1. Fork it ( https://github.com/k1LoW/awsecrets/fork )
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create a new Pull Request
+1. [Fork it]( https://github.com/k1LoW/awsecrets/fork ) !
+2. Create your feature branch (`git checkout -b my-new-feature`).
+3. Commit your changes (`git commit -am 'Add some feature'`).
+4. Push to the branch (`git push origin my-new-feature`).
+5. Create a new Pull Request.

data/awsecrets.gemspec

@@ -1,4 +1,4 @@
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require_relative 'lib/awsecrets/version'
 
@@ -20,10 +20,10 @@ Gem::Specification.new do |spec|
 
   spec.add_runtime_dependency 'aws-sdk', '>= 2', '< 4'
   spec.add_runtime_dependency 'aws_config', '~> 0.1.0'
-  spec.add_development_dependency 'bundler', '~> 1.9'
-  spec.add_development_dependency 'rake', '~> 10.0'
-  spec.add_development_dependency 'rspec'
-  spec.add_development_dependency 'rubocop'
+  spec.add_development_dependency 'bundler', '>= 1.9', '< 3.0'
   spec.add_development_dependency 'octorelease'
   spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubocop', '0.57'
 end

data/lib/awsecrets.rb

@@ -1,11 +1,13 @@
 require_relative 'awsecrets/version'
+require_relative 'awsecrets/utils'
 require 'optparse'
 require 'aws-sdk'
 require 'aws_config'
-require 'net/http'
 require 'yaml'
 
 module Awsecrets
+  include Misc
+
   def self.load(profile: nil, region: nil, secrets_path: nil, disable_load_secrets: false)
     @profile              = profile
     @region               = region
@@ -13,14 +15,8 @@ module Awsecrets
     @disable_load_secrets = disable_load_secrets
     @disable_load_secrets = true if secrets_path == false
 
-    @credentials       = nil
-    @access_key_id     = nil
-    @secret_access_key = nil
-    @session_token     = nil
-    @role_arn          = nil
-    @external_id       = nil
-    @source_profile    = nil
-    @role_session_name = nil
+    @credentials = @access_key_id = @secret_access_key = @session_token = nil
+    @role_arn = @external_id = @source_profile = @role_session_name = nil
 
     # 1. Command Line Options
     load_options if load_method_args
@@ -51,8 +47,9 @@ module Awsecrets
       opt.parse!(ARGV)
     rescue OptionParser::InvalidOption
     end
-    return unless @profile
+    return true unless @profile
     @region ||= AWSConfig[@profile]['region']
+    true
   end
 
   def self.load_env
@@ -60,20 +57,21 @@ module Awsecrets
     @region       ||= ENV['AWS_DEFAULT_REGION']
     @profile      ||= ENV['AWS_PROFILE']
     @secrets_path ||= ENV['AWS_SECRETS_PATH']
-    return if @access_key_id
+    return true if @access_key_id
     return unless ENV['AWS_ACCESS_KEY_ID'] && ENV['AWS_SECRET_ACCESS_KEY']
     @access_key_id     ||= ENV['AWS_ACCESS_KEY_ID']
     @secret_access_key ||= ENV['AWS_SECRET_ACCESS_KEY']
     @session_token     ||= ENV['AWS_SESSION_TOKEN']
+    true
   end
 
   def self.load_yaml
-    return if @disable_load_secrets
+    return false if @disable_load_secrets
     @secrets_path ||= 'secrets.yml'
     creds = YAML.load_file(@secrets_path) if File.exist?(File.expand_path(@secrets_path))
     @region ||= creds['region'] if creds && creds.include?('region')
-    return if @access_key_id
-    return unless creds &&
+    return true if @access_key_id
+    return true unless creds &&
                   creds.include?('aws_access_key_id') &&
                   creds.include?('aws_secret_access_key')
     @access_key_id     ||= creds['aws_access_key_id']
@@ -83,8 +81,8 @@ module Awsecrets
     @external_id       ||= creds['external_id'] if creds.include?('external_id')
     @role_session_name ||= creds['role_session_name'] if creds.include?('role_session_name')
 
-    return unless @role_arn
-    @role_session_name ||= generate_session_name
+    return true unless @role_arn
+    @role_session_name ||= Misc.generate_session_name
     @credentials ||= role_creds(
       client: Aws::STS::Client.new(
         region: @region,
@@ -95,6 +93,7 @@ module Awsecrets
       role_session_name: @role_session_name,
       external_id: @external_id
     )
+    true
   end
 
   def self.load_config
@@ -115,7 +114,7 @@ module Awsecrets
     Aws.config[:region] = @region
 
     if @role_arn && @source_profile
-      @role_session_name ||= generate_session_name
+      @role_session_name ||= Misc.generate_session_name
       region = if AWSConfig[@source_profile.name] && AWSConfig[@source_profile.name]['region']
                  AWSConfig[@source_profile.name]['region']
                else
@@ -138,19 +137,10 @@ module Awsecrets
     @credentials ||= Aws::Credentials.new(@access_key_id, @secret_access_key, @session_token) if @access_key_id
     @credentials ||= Aws::InstanceProfileCredentials.new
 
+    Misc.validate_client
     Aws.config[:credentials] = @credentials
   end
 
-  def self.generate_session_name
-    "awsecrets-session-#{Time.now.to_i}"
-  end
-
-  def self.current_region
-    metadata_endpoint = 'http://169.254.169.254/latest/meta-data/'
-    az = Net::HTTP.get(URI.parse(metadata_endpoint + 'placement/availability-zone'))
-    az[0...-1]
-  end
-
   def self.role_creds(args)
     Aws::AssumeRoleCredentials.new(args)
   end

data/lib/awsecrets/utils.rb

@@ -0,0 +1,25 @@
+require 'net/http'
+
+module Misc
+  def self.validate_client
+    return unless ENV.key?('DISABLE_AWS_CLIENT_CHECK') && (ENV['DISABLE_AWS_CLIENT_CHECK'] == 'false')
+
+    begin
+      Aws::EC2::Client.new
+    rescue Aws::Errors::MissingRegionError
+      raise 'Missing region: use "region" command line option or export ENV[\'AWS_REGION\'] or awscli configure'
+    rescue StandardError => e
+      raise "Oops, there is something wrong with AWS client configuration => #{e}"
+    end
+  end
+
+  def self.generate_session_name
+    "awsecrets-session-#{Time.now.to_i}"
+  end
+
+  def self.current_region
+    metadata_endpoint = 'http://169.254.169.254/latest/meta-data/'
+    az = Net::HTTP.get(URI.parse(metadata_endpoint + 'placement/availability-zone'))
+    az[0...-1]
+  end
+end

data/lib/awsecrets/version.rb

@@ -1,3 +1,3 @@
 module Awsecrets
-  VERSION = '1.14.0'
+  VERSION = '1.15.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awsecrets
 version: !ruby/object:Gem::Version
-  version: 1.14.0
+  version: 1.15.0
 platform: ruby
 authors:
 - k1LoW
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-09-22 00:00:00.000000000 Z
+date: 2020-10-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -48,32 +48,38 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.9'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.9'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: octorelease
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -87,21 +93,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: octorelease
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -115,19 +121,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.57'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.57'
 description: AWS credentials loader
 email:
 - k1lowxb@gmail.com
@@ -148,6 +154,7 @@ files:
 - bin/setup
 - bin/testcommand
 - lib/awsecrets.rb
+- lib/awsecrets/utils.rb
 - lib/awsecrets/version.rb
 homepage: https://github.com/k1LoW/awsecrets
 licenses:
@@ -168,8 +175,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: AWS credentials loader