cerberus_client 1.5.0.rc.3 → 1.5.0.rc.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +12 -0
- data/lib/cerberus/aws_principal_credentials_provider.rb +16 -4
- data/lib/cerberus_client/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3e01636863ecb3ed0d02bf1aa3fe9df33dc0d766
|
4
|
+
data.tar.gz: 5e3416ffe640a9d843b02a5d41acda791361fcc8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fc6df32e7bdddb2c95d552103b9a3fc9fe843d081e511e73e32241ea06b6d868b0b8cf620d8a61205b853f095b0c2979e58d00cf332f727eb04791a0d07e601b
|
7
|
+
data.tar.gz: 9168a709b1afe9ce6ebecb54d19820c9377978f5ca8d8020676d0940da38116a29eeaf607d812c5fcbd55d924f46836d02001fb30b956c9e3888a7fcf5c9fb38
|
data/README.md
CHANGED
@@ -94,6 +94,18 @@ Then open Interactive Ruby:
|
|
94
94
|
you have added new files. Commit the new files and re-build your gem to ensure the new files
|
95
95
|
get included in your gem release candidate .
|
96
96
|
|
97
|
+
### Run Tests Locally
|
98
|
+
|
99
|
+
```bash
|
100
|
+
% gem install rspec
|
101
|
+
```
|
102
|
+
|
103
|
+
Then in the top-level project directory, run
|
104
|
+
|
105
|
+
```bash
|
106
|
+
% rspec spec
|
107
|
+
```
|
108
|
+
|
97
109
|
### Running in AWS
|
98
110
|
|
99
111
|
If the environment variables used in local development are not found, the client will try to use the AWS metadata
|
@@ -46,8 +46,7 @@ module Cerberus
|
|
46
46
|
def initialize(vaultBaseUrl)
|
47
47
|
@vaultBaseUrl = vaultBaseUrl
|
48
48
|
@clientToken = nil
|
49
|
-
@
|
50
|
-
@role = getRoleFromInstanceMetadata
|
49
|
+
@role = get_role_info
|
51
50
|
|
52
51
|
LOGGER.debug("AwsPrincipalCredentialsProvider initialized with vault base url #{@vaultBaseUrl}")
|
53
52
|
end
|
@@ -76,12 +75,25 @@ module Cerberus
|
|
76
75
|
|
77
76
|
end
|
78
77
|
|
78
|
+
private
|
79
|
+
|
80
|
+
##
|
81
|
+
# Uses provided data to determine how to construct the AwsRoleInfo use by this provider
|
82
|
+
##
|
83
|
+
def get_role_info
|
84
|
+
begin
|
85
|
+
return get_role_from_instance_metadata
|
86
|
+
rescue Cerberus::Exception::HttpError
|
87
|
+
return nil
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
79
91
|
##
|
80
92
|
# Use the instance metadata to extract the role information
|
81
93
|
# This function should only be called from an EC2 instance otherwise the http
|
82
94
|
# call will fail.
|
83
95
|
##
|
84
|
-
def
|
96
|
+
def get_role_from_instance_metadata
|
85
97
|
role_arn = getIAMRoleARN
|
86
98
|
region = getRegionFromAZ(getAvailabilityZone)
|
87
99
|
account_id = getAccountIdFromRoleARN(role_arn)
|
@@ -168,7 +180,7 @@ module Cerberus
|
|
168
180
|
# else throw an IOError for non-2xx responses and RuntimeError for any exceptions down the stack
|
169
181
|
##
|
170
182
|
def doHttpToMDService(relUri)
|
171
|
-
url = URI(
|
183
|
+
url = URI(INSTANCE_METADATA_SVC_BASE_URL + relUri)
|
172
184
|
CerberusClient::Http.new.doHttp(url, 'GET', false)
|
173
185
|
end
|
174
186
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cerberus_client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.5.0.rc.
|
4
|
+
version: 1.5.0.rc.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Joe Teibel
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-08-
|
11
|
+
date: 2017-08-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk
|