awsecrets 1.14.0 → 1.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: b57fc9a0340fffea08fbcfddff251f9ef297cbcc
4
- data.tar.gz: 70a54f7ee11afd5c3cee22fe9def13e193228791
2
+ SHA256:
3
+ metadata.gz: 496d603f9e18bf3bb51bc071bc9375bc92acc9fb05e5cf441b7036238b4f0b69
4
+ data.tar.gz: f07676a4365be1db74052197372b0ba364505937467613a2f7893a9b4ce014fd
5
5
  SHA512:
6
- metadata.gz: 00715cbafab1b0f33df6da7ad7ddd394eb0b5083666f8f164b1a585a715d229188853f1e48b98b5b4a64fe8703c4b4e8e56a3552577a73151e122eb74e23b8b8
7
- data.tar.gz: 7fb15484326e4a5f48884eb12429db4b5d8f0ef55d944066b96d135c47340747c4db0a0f3c73081e29282e1455eab5f34db7d77fcda852c0c342ee6e9870f250
6
+ metadata.gz: 1fa3d149aa0611705f2f6fbc64660a49d0177db8d07373b5e73896401ce733e6b4f9fb1793c4be786f990e225892b25c1a63388213f3993665aeda1fa745f9d8
7
+ data.tar.gz: 636a84bfa7fbf59ea18bb45d2fde35a5aab919e8ee8639967e311a76d56f857e4ea512acee93607e0acca33702ba3afa3909ccfe909c714a13f2f9470529afeb
@@ -1,9 +1,13 @@
1
+ ---
1
2
  AllCops:
2
3
  TargetRubyVersion: 2.1
3
4
 
4
5
  Lint/HandleExceptions:
5
6
  Enabled: false
6
7
 
8
+ Lint/MissingCopEnableDirective:
9
+ Enabled: false
10
+
7
11
  Lint/UselessAssignment:
8
12
  Enabled: false
9
13
 
@@ -11,10 +15,10 @@ Metrics/AbcSize:
11
15
  Max: 50
12
16
 
13
17
  Metrics/ClassLength:
14
- Max: 125
18
+ Max: 130
15
19
 
16
20
  Metrics/ModuleLength:
17
- Max: 125
21
+ Max: 130
18
22
 
19
23
  Metrics/CyclomaticComplexity:
20
24
  Max: 15
@@ -66,3 +70,4 @@ Style/SymbolProc:
66
70
 
67
71
  Style/BracesAroundHashParameters:
68
72
  Enabled: false
73
+
@@ -1,11 +1,22 @@
1
+ ---
1
2
  language: ruby
2
- rvm:
3
- - 2.3.4
4
- - 2.2.7
5
-
3
+ matrix:
4
+ include:
5
+ - rvm: 2.6.2
6
+ env: RUBYGEMS_VERSION=
7
+ - rvm: 2.5.3
8
+ env: RUBYGEMS_VERSION=
9
+ - rvm: 2.4.5
10
+ env: RUBYGEMS_VERSION=
11
+ - rvm: 2.3.8
12
+ env: RUBYGEMS_VERSION=
13
+ - rvm: 2.2.10
14
+ env: RUBYGEMS_VERSION=2.7.8
15
+ - rvm: 2.1.10
16
+ env: RUBYGEMS_VERSION=2.7.8
6
17
  before_install:
7
- - gem update bundler
8
-
18
+ - gem update --system ${RUBYGEMS_VERSION}
19
+ - gem pristine bundler
20
+
9
21
  script:
10
22
  - bundle exec rake spec
11
-
data/README.md CHANGED
@@ -31,7 +31,28 @@ Or install it yourself as:
31
31
 
32
32
  ## Usage example
33
33
 
34
- Create command line tool `ec2sample` like following code
34
+ ### Generate exception with wrong configuration
35
+
36
+ For some use cases, awsecrets might raise an exception if (even after all
37
+ attempts to configure access to an AWS account) there is missing configuration
38
+ parameters.
39
+
40
+ In other cases, this might not be desired.
41
+
42
+ To have control on that, you can use the environment variable
43
+ `DISABLE_AWS_CLIENT_CHECK`: if you set it to the string `'true'`, it will not
44
+ attempt to early create an `Aws::EC2::Client` instance with the found
45
+ parameters.
46
+
47
+ By default, even if you don't set `DISABLE_AWS_CLIENT_CHECK` it will be treated
48
+ like `true`.
49
+
50
+ To enable this early checking, you **must** setup `DISABLE_AWS_CLIENT_CHECK`
51
+ with the string `'false'`.
52
+
53
+ ### Basic example
54
+
55
+ Create a command line tool `ec2sample` like following code:
35
56
 
36
57
  ```ruby
37
58
  #!/usr/bin/env ruby
@@ -41,17 +62,21 @@ ec2_client = Aws::EC2::Client.new
41
62
  puts ec2_client.describe_instances({ instance_ids: [ARGV.first] }).reservations.first.instances.first
42
63
  ```
43
64
 
44
- And execute
65
+ Then execute it with command line parameters:
45
66
 
46
67
  ```sh
47
68
  $ ec2sample i-1aa1aaaa --profile mycreds --region ap-northeast-1
69
+ ```
48
70
 
49
- or
71
+ or with environment variables configuration:
50
72
 
73
+ ```sh
51
74
  $ AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXXX AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX AWS_REGION=ap-northeast-1 ec2sample i-1aa1aaaa
75
+ ```
52
76
 
53
- or
77
+ or using an YAML file:
54
78
 
79
+ ```sh
55
80
  $ cat <<EOF > secrets.yml
56
81
  region: ap-northeast-1
57
82
  aws_access_key_id: XXXXXXXXXXXXXXXXXXXX
@@ -64,7 +89,7 @@ $ ec2sample i-1aa1aaaa
64
89
 
65
90
  Support `role_arn` `role_session_name` `source_profile` `external_id`.
66
91
 
67
- #### 1. .aws/config and .aws/credentials
92
+ #### 1. `.aws/config` and `.aws/credentials`
68
93
 
69
94
  see http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html
70
95
 
@@ -89,7 +114,7 @@ And execute
89
114
  $ ec2sample i-1aa1aaaa --profile assumed --region ap-northeast-1
90
115
  ```
91
116
 
92
- #### 2. secrets.yml
117
+ #### 2. `secrets.yml`
93
118
 
94
119
  ```sh
95
120
  $ cat <<EOF > secrets.yml
@@ -105,7 +130,7 @@ And execute
105
130
  $ ec2sample i-1aa1aaaa
106
131
  ```
107
132
 
108
- ### Disable load YAML(secrets.yml)
133
+ ### Disable load YAML (`secrets.yml`)
109
134
 
110
135
  ```ruby
111
136
  Awsecrets.load(disable_load_secrets:true)
@@ -119,8 +144,8 @@ Awsecrets.load(secrets_path:false)
119
144
 
120
145
  ## Contributing
121
146
 
122
- 1. Fork it ( https://github.com/k1LoW/awsecrets/fork )
123
- 2. Create your feature branch (`git checkout -b my-new-feature`)
124
- 3. Commit your changes (`git commit -am 'Add some feature'`)
125
- 4. Push to the branch (`git push origin my-new-feature`)
126
- 5. Create a new Pull Request
147
+ 1. [Fork it]( https://github.com/k1LoW/awsecrets/fork ) !
148
+ 2. Create your feature branch (`git checkout -b my-new-feature`).
149
+ 3. Commit your changes (`git commit -am 'Add some feature'`).
150
+ 4. Push to the branch (`git push origin my-new-feature`).
151
+ 5. Create a new Pull Request.
@@ -1,4 +1,4 @@
1
- lib = File.expand_path('../lib', __FILE__)
1
+ lib = File.expand_path('lib', __dir__)
2
2
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
3
  require_relative 'lib/awsecrets/version'
4
4
 
@@ -20,10 +20,10 @@ Gem::Specification.new do |spec|
20
20
 
21
21
  spec.add_runtime_dependency 'aws-sdk', '>= 2', '< 4'
22
22
  spec.add_runtime_dependency 'aws_config', '~> 0.1.0'
23
- spec.add_development_dependency 'bundler', '~> 1.9'
24
- spec.add_development_dependency 'rake', '~> 10.0'
25
- spec.add_development_dependency 'rspec'
26
- spec.add_development_dependency 'rubocop'
23
+ spec.add_development_dependency 'bundler', '>= 1.9', '< 3.0'
27
24
  spec.add_development_dependency 'octorelease'
28
25
  spec.add_development_dependency 'pry'
26
+ spec.add_development_dependency 'rake', '~> 10.0'
27
+ spec.add_development_dependency 'rspec'
28
+ spec.add_development_dependency 'rubocop', '0.57'
29
29
  end
@@ -1,11 +1,13 @@
1
1
  require_relative 'awsecrets/version'
2
+ require_relative 'awsecrets/utils'
2
3
  require 'optparse'
3
4
  require 'aws-sdk'
4
5
  require 'aws_config'
5
- require 'net/http'
6
6
  require 'yaml'
7
7
 
8
8
  module Awsecrets
9
+ include Misc
10
+
9
11
  def self.load(profile: nil, region: nil, secrets_path: nil, disable_load_secrets: false)
10
12
  @profile = profile
11
13
  @region = region
@@ -13,14 +15,8 @@ module Awsecrets
13
15
  @disable_load_secrets = disable_load_secrets
14
16
  @disable_load_secrets = true if secrets_path == false
15
17
 
16
- @credentials = nil
17
- @access_key_id = nil
18
- @secret_access_key = nil
19
- @session_token = nil
20
- @role_arn = nil
21
- @external_id = nil
22
- @source_profile = nil
23
- @role_session_name = nil
18
+ @credentials = @access_key_id = @secret_access_key = @session_token = nil
19
+ @role_arn = @external_id = @source_profile = @role_session_name = nil
24
20
 
25
21
  # 1. Command Line Options
26
22
  load_options if load_method_args
@@ -51,8 +47,9 @@ module Awsecrets
51
47
  opt.parse!(ARGV)
52
48
  rescue OptionParser::InvalidOption
53
49
  end
54
- return unless @profile
50
+ return true unless @profile
55
51
  @region ||= AWSConfig[@profile]['region']
52
+ true
56
53
  end
57
54
 
58
55
  def self.load_env
@@ -60,20 +57,21 @@ module Awsecrets
60
57
  @region ||= ENV['AWS_DEFAULT_REGION']
61
58
  @profile ||= ENV['AWS_PROFILE']
62
59
  @secrets_path ||= ENV['AWS_SECRETS_PATH']
63
- return if @access_key_id
60
+ return true if @access_key_id
64
61
  return unless ENV['AWS_ACCESS_KEY_ID'] && ENV['AWS_SECRET_ACCESS_KEY']
65
62
  @access_key_id ||= ENV['AWS_ACCESS_KEY_ID']
66
63
  @secret_access_key ||= ENV['AWS_SECRET_ACCESS_KEY']
67
64
  @session_token ||= ENV['AWS_SESSION_TOKEN']
65
+ true
68
66
  end
69
67
 
70
68
  def self.load_yaml
71
- return if @disable_load_secrets
69
+ return false if @disable_load_secrets
72
70
  @secrets_path ||= 'secrets.yml'
73
71
  creds = YAML.load_file(@secrets_path) if File.exist?(File.expand_path(@secrets_path))
74
72
  @region ||= creds['region'] if creds && creds.include?('region')
75
- return if @access_key_id
76
- return unless creds &&
73
+ return true if @access_key_id
74
+ return true unless creds &&
77
75
  creds.include?('aws_access_key_id') &&
78
76
  creds.include?('aws_secret_access_key')
79
77
  @access_key_id ||= creds['aws_access_key_id']
@@ -83,8 +81,8 @@ module Awsecrets
83
81
  @external_id ||= creds['external_id'] if creds.include?('external_id')
84
82
  @role_session_name ||= creds['role_session_name'] if creds.include?('role_session_name')
85
83
 
86
- return unless @role_arn
87
- @role_session_name ||= generate_session_name
84
+ return true unless @role_arn
85
+ @role_session_name ||= Misc.generate_session_name
88
86
  @credentials ||= role_creds(
89
87
  client: Aws::STS::Client.new(
90
88
  region: @region,
@@ -95,6 +93,7 @@ module Awsecrets
95
93
  role_session_name: @role_session_name,
96
94
  external_id: @external_id
97
95
  )
96
+ true
98
97
  end
99
98
 
100
99
  def self.load_config
@@ -115,7 +114,7 @@ module Awsecrets
115
114
  Aws.config[:region] = @region
116
115
 
117
116
  if @role_arn && @source_profile
118
- @role_session_name ||= generate_session_name
117
+ @role_session_name ||= Misc.generate_session_name
119
118
  region = if AWSConfig[@source_profile.name] && AWSConfig[@source_profile.name]['region']
120
119
  AWSConfig[@source_profile.name]['region']
121
120
  else
@@ -138,19 +137,10 @@ module Awsecrets
138
137
  @credentials ||= Aws::Credentials.new(@access_key_id, @secret_access_key, @session_token) if @access_key_id
139
138
  @credentials ||= Aws::InstanceProfileCredentials.new
140
139
 
140
+ Misc.validate_client
141
141
  Aws.config[:credentials] = @credentials
142
142
  end
143
143
 
144
- def self.generate_session_name
145
- "awsecrets-session-#{Time.now.to_i}"
146
- end
147
-
148
- def self.current_region
149
- metadata_endpoint = 'http://169.254.169.254/latest/meta-data/'
150
- az = Net::HTTP.get(URI.parse(metadata_endpoint + 'placement/availability-zone'))
151
- az[0...-1]
152
- end
153
-
154
144
  def self.role_creds(args)
155
145
  Aws::AssumeRoleCredentials.new(args)
156
146
  end
@@ -0,0 +1,25 @@
1
+ require 'net/http'
2
+
3
+ module Misc
4
+ def self.validate_client
5
+ return unless ENV.key?('DISABLE_AWS_CLIENT_CHECK') && (ENV['DISABLE_AWS_CLIENT_CHECK'] == 'false')
6
+
7
+ begin
8
+ Aws::EC2::Client.new
9
+ rescue Aws::Errors::MissingRegionError
10
+ raise 'Missing region: use "region" command line option or export ENV[\'AWS_REGION\'] or awscli configure'
11
+ rescue StandardError => e
12
+ raise "Oops, there is something wrong with AWS client configuration => #{e}"
13
+ end
14
+ end
15
+
16
+ def self.generate_session_name
17
+ "awsecrets-session-#{Time.now.to_i}"
18
+ end
19
+
20
+ def self.current_region
21
+ metadata_endpoint = 'http://169.254.169.254/latest/meta-data/'
22
+ az = Net::HTTP.get(URI.parse(metadata_endpoint + 'placement/availability-zone'))
23
+ az[0...-1]
24
+ end
25
+ end
@@ -1,3 +1,3 @@
1
1
  module Awsecrets
2
- VERSION = '1.14.0'
2
+ VERSION = '1.15.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: awsecrets
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.14.0
4
+ version: 1.15.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - k1LoW
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-09-22 00:00:00.000000000 Z
11
+ date: 2020-10-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk
@@ -48,32 +48,38 @@ dependencies:
48
48
  name: bundler
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
- - - "~>"
51
+ - - ">="
52
52
  - !ruby/object:Gem::Version
53
53
  version: '1.9'
54
+ - - "<"
55
+ - !ruby/object:Gem::Version
56
+ version: '3.0'
54
57
  type: :development
55
58
  prerelease: false
56
59
  version_requirements: !ruby/object:Gem::Requirement
57
60
  requirements:
58
- - - "~>"
61
+ - - ">="
59
62
  - !ruby/object:Gem::Version
60
63
  version: '1.9'
64
+ - - "<"
65
+ - !ruby/object:Gem::Version
66
+ version: '3.0'
61
67
  - !ruby/object:Gem::Dependency
62
- name: rake
68
+ name: octorelease
63
69
  requirement: !ruby/object:Gem::Requirement
64
70
  requirements:
65
- - - "~>"
71
+ - - ">="
66
72
  - !ruby/object:Gem::Version
67
- version: '10.0'
73
+ version: '0'
68
74
  type: :development
69
75
  prerelease: false
70
76
  version_requirements: !ruby/object:Gem::Requirement
71
77
  requirements:
72
- - - "~>"
78
+ - - ">="
73
79
  - !ruby/object:Gem::Version
74
- version: '10.0'
80
+ version: '0'
75
81
  - !ruby/object:Gem::Dependency
76
- name: rspec
82
+ name: pry
77
83
  requirement: !ruby/object:Gem::Requirement
78
84
  requirements:
79
85
  - - ">="
@@ -87,21 +93,21 @@ dependencies:
87
93
  - !ruby/object:Gem::Version
88
94
  version: '0'
89
95
  - !ruby/object:Gem::Dependency
90
- name: rubocop
96
+ name: rake
91
97
  requirement: !ruby/object:Gem::Requirement
92
98
  requirements:
93
- - - ">="
99
+ - - "~>"
94
100
  - !ruby/object:Gem::Version
95
- version: '0'
101
+ version: '10.0'
96
102
  type: :development
97
103
  prerelease: false
98
104
  version_requirements: !ruby/object:Gem::Requirement
99
105
  requirements:
100
- - - ">="
106
+ - - "~>"
101
107
  - !ruby/object:Gem::Version
102
- version: '0'
108
+ version: '10.0'
103
109
  - !ruby/object:Gem::Dependency
104
- name: octorelease
110
+ name: rspec
105
111
  requirement: !ruby/object:Gem::Requirement
106
112
  requirements:
107
113
  - - ">="
@@ -115,19 +121,19 @@ dependencies:
115
121
  - !ruby/object:Gem::Version
116
122
  version: '0'
117
123
  - !ruby/object:Gem::Dependency
118
- name: pry
124
+ name: rubocop
119
125
  requirement: !ruby/object:Gem::Requirement
120
126
  requirements:
121
- - - ">="
127
+ - - '='
122
128
  - !ruby/object:Gem::Version
123
- version: '0'
129
+ version: '0.57'
124
130
  type: :development
125
131
  prerelease: false
126
132
  version_requirements: !ruby/object:Gem::Requirement
127
133
  requirements:
128
- - - ">="
134
+ - - '='
129
135
  - !ruby/object:Gem::Version
130
- version: '0'
136
+ version: '0.57'
131
137
  description: AWS credentials loader
132
138
  email:
133
139
  - k1lowxb@gmail.com
@@ -148,6 +154,7 @@ files:
148
154
  - bin/setup
149
155
  - bin/testcommand
150
156
  - lib/awsecrets.rb
157
+ - lib/awsecrets/utils.rb
151
158
  - lib/awsecrets/version.rb
152
159
  homepage: https://github.com/k1LoW/awsecrets
153
160
  licenses:
@@ -168,8 +175,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
168
175
  - !ruby/object:Gem::Version
169
176
  version: '0'
170
177
  requirements: []
171
- rubyforge_project:
172
- rubygems_version: 2.4.5.1
178
+ rubygems_version: 3.0.3
173
179
  signing_key:
174
180
  specification_version: 4
175
181
  summary: AWS credentials loader