cf-s3-invalidator 0.3.6 → 0.3.7

data/README.md

@@ -1,5 +1,8 @@
 # Invalidator for AWS S3-based Cloudfront distributions
 
+[![Build Status](https://secure.travis-ci.org/laurilehmijoki/cf-s3-invalidator.png)]
+
+(http://travis-ci.org/laurilehmijoki/cf-s3-invalidator)
 If your Amazon Web Services Cloudfront distribution is based on AWS S3, then
 this library may be useful to you.
 
@@ -14,13 +17,12 @@ calls on them the invalidation REST API of Cloudfront.
 
 You can specify the configuration as CLI parameters:
 
-`cf-s3-inv --key <AWS-KEY> --secret <AWS-SECRET> --bucket <S3-BUCKET-NAME> --distribution <CLOUDFRONT-DISTRIBUTION-ID>`
+`cf-s3-inv --key <AWS-KEY> --secret <AWS-SECRET> --distribution <CLOUDFRONT-DISTRIBUTION-ID>`
 
 Or you can store them into the file *_cf_s3_invalidator.yml*:
 
-    s3_key: YOUR_AWS_S3_ACCESS_KEY_ID
-    s3_secret: YOUR_AWS_S3_SECRET_ACCESS_KEY
-    s3_bucket: your.bucket.com
+    aws_key: YOUR_AWS_ACCESS_KEY_ID
+    aws_secret: YOUR_AWS_SECRET_ACCESS_KEY
     cloudfront_distribution_id: YOUR_CLOUDFRONT_DISTRIBUTION_ID
 
 Then you can just run:
@@ -29,9 +31,6 @@ Then you can just run:
 
 ## Development
 
-[![Build Status](https://secure.travis-ci.org/laurilehmijoki/cf-s3-invalidator.png)]
-(http://travis-ci.org/laurilehmijoki/cf-s3-invalidator)
-
 Run tests:
 
 `rake test`

data/bin/cf-s3-inv

@@ -9,7 +9,7 @@ unless Kernel.respond_to?(:require_relative)
 end
 require 'optparse'
 require 'yaml'
-require_relative '../lib/cloudfront_invalidator'
+require_relative '../lib/cloudfront_client'
 require_relative '../lib/s3_loader'
 
 class UI
@@ -46,14 +46,28 @@ class UI
   class FileOptionParser
     def parse
       yml = YAML.load_file(get_conf_file_path)
+      validate_keys(yml)
       {
-        :key => yml['s3_key'],
-        :secret => yml['s3_secret'],
-        :bucket => yml['s3_bucket'],
+        # For backward compatibility, support s3_key and s3_secret
+        :key => yml['s3_key'] ? yml['s3_key'] : yml['aws_key'],
+        :secret => yml['s3_secret'] ? yml['s3_secret'] : yml['aws_secret'],
         :distribution => yml['cloudfront_distribution_id']
       }
     end
 
+    def validate_keys(config)
+      def test_keys(alternative_config_keys, error_message, config)
+        valid = config.keys.any? { |key| alternative_config_keys.include? key }
+        raise error_message.red unless valid
+      end
+      test_keys(["s3_key", "aws_key"],
+                "AWS key missing in the configuration file", config)
+      test_keys(["s3_secret", "aws_secret"],
+                "AWS secret missing in the configuration file", config)
+      test_keys(["cloudfront_distribution_id"],
+                "Cloudfront distribution id missing in the configuration file", config)
+    end
+
     def print_help
       puts "Add the rows below into file '#{get_conf_file_name}' and then run the program without arguments"
       puts ""
@@ -77,7 +91,6 @@ class UI
       sample = <<-EOF
     s3_key: YOUR_AWS_S3_ACCESS_KEY_ID
     s3_secret: YOUR_AWS_S3_SECRET_ACCESS_KEY
-    s3_bucket: your.bucket.com
     cloudfront_distribution_id: YOUR_CLOUDFRONT_DISTRIBUTION_ID
       EOF
     end
@@ -100,10 +113,6 @@ class UI
                 "Amazon Web Services API secret key") do |val|
           options[:secret] = val
         end
-        opts.on("-b", "--bucket BUCKET NAME",
-                "S3 bucket name") do |val|
-          options[:bucket] = val
-        end
         opts.on("-d", "--distribution CLOUDFRONT ID",
                 "Cloudfront distribution id") do |val|
           options[:distribution] = val
@@ -123,11 +132,31 @@ class UI
   end
 end
 
-options = UI.new.parse_or_print_help
+class Orchestrator
+  def initialize
+    @options = UI.new.parse_or_print_help
+    @cf = CloudfrontClient.new(
+      @options[:key], @options[:secret], @options[:distribution])
+  end
+
+  def resolve_s3_bucket_name
+    @s3_bucket_name = @cf.get_s3_bucket_name
+    if @s3_bucket_name
+      puts "Resolving S3 bucket name... Got #{@s3_bucket_name.yellow}"
+    else
+      puts
+        "The Cloudfront distribution is not based on an S3 bucket".red
+      exit
+    end
+  end
 
-s3_object_keys = S3Loader.new(
-  options[:key], options[:secret]).list_keys(options[:bucket])
+  def invalidate_cf_dist
+    s3_object_keys = S3Loader.new(
+      @options[:key], @options[:secret]).list_keys(@s3_bucket_name)
+    @cf.invalidate(s3_object_keys)
+  end
+end
 
-invalidator = CloudfrontInvalidator.new(
-  options[:key], options[:secret], options[:distribution])
-invalidator.invalidate(s3_object_keys)
+orchestrator = Orchestrator.new
+orchestrator.resolve_s3_bucket_name
+orchestrator.invalidate_cf_dist

data/cf-s3-invalidator.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'cf-s3-invalidator'
-  s.version       = '0.3.6'
+  s.version       = '0.3.7'
   s.license       = 'MIT'
   s.summary       = 'A tool for invalidating AWS S3-based Cloudfront distributions'
   s.description   =

data/features/cloudfront-s3-invalidator-no-credentials.feature

@@ -5,22 +5,34 @@ Feature: cloudfront-s3-invalidator without AWS credentials
   I want to run cf-s3-inv and see that it tells me I have no valid credentials
 
   Scenario: Run cf-s3-inv with the configuration file that has invalid AWS access key
+    Given a file named "_cf_s3_invalidator.yml" with:
+    """
+    aws_key: YOUR_AWS_ACCESS_KEY_ID
+    aws_secret: YOUR_AWS_SECRET_ACCESS_KEY
+    cloudfront_distribution_id: CF_ID
+    """
+    When I run `cf-s3-inv`
+    Then the output should contain:
+    """
+    The security token included in the request is invalid
+    """
+
+  Scenario: Run cf-s3-inv with the configuration file that has invalid S3 access key
     Given a file named "_cf_s3_invalidator.yml" with:
     """
     s3_key: YOUR_AWS_S3_ACCESS_KEY_ID
     s3_secret: YOUR_AWS_S3_SECRET_ACCESS_KEY
-    s3_bucket: your.bucket.com
     cloudfront_distribution_id: CF_ID
     """
     When I run `cf-s3-inv`
     Then the output should contain:
     """
-    The AWS Access Key Id you provided does not exist in our records. (AWS::S3::Errors::InvalidAccessKeyId)
+    The security token included in the request is invalid
     """
 
   Scenario: Run cf-s3-inv with CLI arguments containing invalid AWS access key
-    When I run `cf-s3-inv --key invalid-aws-key --secret invalid-aws-secret --bucket some-bucket --distribution some-dist`
+    When I run `cf-s3-inv --key invalidawskey --secret invalidawssecret --distribution some-dist`
     Then the output should contain:
     """
-    The AWS Access Key Id you provided does not exist in our records. (AWS::S3::Errors::InvalidAccessKeyId)
+    The security token included in the request is invalid
     """

data/features/configuration-file.feature

@@ -0,0 +1,41 @@
+Feature: configuration file
+  In order to easily specify AWS credentials and Cloudfront distribution name
+  As a geek
+  I want to use a configuration file
+
+  Scenario: Missing key
+    Given a file named "_cf_s3_invalidator.yml" with:
+    """
+    s3_secret: YOUR_AWS_S3_SECRET_ACCESS_KEY
+    cloudfront_distribution_id: CF_ID
+    """
+    When I run `cf-s3-inv`
+    Then the output should contain:
+    """
+    AWS key missing in the configuration file
+    """
+
+  Scenario: Missing secret
+    Given a file named "_cf_s3_invalidator.yml" with:
+    """
+    aws_key: AWS_KEY
+    cloudfront_distribution_id: CF_ID
+    """
+    When I run `cf-s3-inv`
+    Then the output should contain:
+    """
+    AWS secret missing in the configuration file
+    """
+
+  Scenario: Missing Cloudfront distribution id
+    Given a file named "_cf_s3_invalidator.yml" with:
+    """
+    aws_key: AWS_KEY
+    aws_secret: AWS_SECRET
+    """
+    When I run `cf-s3-inv`
+    Then the output should contain:
+    """
+    Cloudfront distribution id missing in the configuration file
+    """
+

data/lib/{cloudfront_invalidator.rb → cloudfront_client.rb}

@@ -5,9 +5,7 @@ require 'net/https'
 require 'base64'
 require 'colored'
 
-# Adapted from:
-# Confabulus @ http://blog.confabulus.com/2011/05/13/cloudfront-invalidation-from-ruby
-class CloudfrontInvalidator
+class CloudfrontClient
   def initialize(aws_account, aws_secret, distribution)
     @aws_account = aws_account
     @aws_secret = aws_secret
@@ -16,18 +14,7 @@ class CloudfrontInvalidator
 
   def invalidate(items)
     items = to_cf_keys(items)
-    date = Time.now.strftime("%a, %d %b %Y %H:%M:%S %Z")
-    digest = Base64.encode64(
-      OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha1'), @aws_secret, date)).strip
-    uri = URI.parse(
-      "https://cloudfront.amazonaws.com/2012-05-05/distribution/#{@distribution}/invalidation")
-    req = Net::HTTP::Post.new(uri.path)
-    req.initialize_http_header({
-      'x-amz-date' => date,
-      'Content-Type' => 'text/xml',
-      'Authorization' => "AWS %s:%s" % [@aws_account, digest]
-    })
-    req.body = %|
+    body = %|
       <InvalidationBatch>
         <Paths>
           <Quantity>#{items.length}</Quantity>
@@ -38,25 +25,58 @@ class CloudfrontInvalidator
         <CallerReference>#{Time.now.utc.to_i}</CallerReference>
       </InvalidationBatch>
     |
+    res = sign_and_call(
+      "https://cloudfront.amazonaws.com/2012-05-05/distribution/#{@distribution}/invalidation",
+      Net::HTTP::Post,
+      body)
+    print_invalidation_result(res, items)
+  end
+
+  def get_s3_bucket_name
+    res = sign_and_call(
+      "https://cloudfront.amazonaws.com/2012-05-05/distribution/#{@distribution}",
+      Net::HTTP::Get)
+    matches =
+      res.body.scan(/<DomainName>([\w|\.]+)\.s3\.amazonaws\.com<\/DomainName>/)
+    if matches.empty?
+      nil
+    else
+      s3_bucket_name = matches.first.first
+      s3_bucket_name
+    end
+  end
+
+  private
+
+  def sign_and_call(url, method, body = nil)
+    date = Time.now.strftime("%a, %d %b %Y %H:%M:%S %Z")
+    digest = Base64.encode64(
+      OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha1'), @aws_secret, date)).strip
+    uri = URI.parse(url)
+    req = method.new(uri.path)
+    req.initialize_http_header({
+      'x-amz-date' => date,
+      'Content-Type' => 'text/xml',
+      'Authorization' => "AWS %s:%s" % [@aws_account, digest]
+    })
+    req.body = body unless body == nil
     http = Net::HTTP.new(uri.host, uri.port)
     http.use_ssl = true
     http.verify_mode = OpenSSL::SSL::VERIFY_NONE
     res = http.request(req)
-    print_operation_result(res, items)
+    if res.code.to_i.between? 200, 299
+      res
+    else
+      raise "AWS API call failed. Reason:".red + "\n" + res.body
+    end
   end
 
-  def print_operation_result(http_response, items)
-    success = http_response.code == '201'
-    puts "Invalidating Cloudfront items".cyan
+  def print_invalidation_result(http_response, items)
+    puts "Invalidating Cloudfront items..."
     items.each do |item|
-      puts "  #{item}".blue
-    end
-    if success
-      puts "succeeded".green
-    else
-      puts "FAILED, reason:".red
-      puts http_response.body
+      puts "  #{item}".yellow
     end
+    puts "succeeded".green
   end
 
   def to_cf_keys(s3_keys)

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: cf-s3-invalidator
 version: !ruby/object:Gem::Version 
-  hash: 31
+  hash: 29
   prerelease: 
   segments: 
   - 0
   - 3
-  - 6
-  version: 0.3.6
+  - 7
+  version: 0.3.7
 platform: ruby
 authors: 
 - Lauri Lehmijoki
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-07-05 00:00:00 Z
+date: 2012-07-06 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: aws-sdk
@@ -112,8 +112,9 @@ files:
 - cf-s3-invalidator.gemspec
 - features/cloudfront-s3-invalidator-help.feature
 - features/cloudfront-s3-invalidator-no-credentials.feature
+- features/configuration-file.feature
 - features/support/env.rb
-- lib/cloudfront_invalidator.rb
+- lib/cloudfront_client.rb
 - lib/s3_loader.rb
 homepage: https://github.com/laurilehmijoki/cf-s3-invalidator
 licenses: