chambermaid 0.3.2 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fbcb610044b8dd8ff4487cb6729889f18dde9a32bd09b25620b53b6c6336a9e9
-  data.tar.gz: 80abde8476c848335de1f9557f49557322a1463f36419fe8c986a53ee18cb816
+  metadata.gz: 22ceec060a8f34e8d44151977ff98af6ac3602b8967aca42a333a6e57ca5b398
+  data.tar.gz: f190c278b648d038fdd518cf2e8801f99036e9164a627682377384a8c9107932
 SHA512:
-  metadata.gz: beb4b9d61c45e48bd48497e2cf27fec7cd5055447aac237324b298ba343b3d4bed49a46151aff364a90049ac31ae78b2c9dcf51b42cfa3cf000c3adde06a9552
-  data.tar.gz: 4228d741b603f187e69d3c900efae0241808eccabd4e3227b745cfd4e75e9c570949071c5d46c079d3ecd34992704c0390cea0f6b174c8560c2ce8ba3fe361f9
+  metadata.gz: 1b338e0bf90f75194e420c225168fd4aa873d398155b232a29e1dfa29aba1518bd6531ede6436417d6c5abae71c5a0565157c43a6261bb232de8f25344b16bd8
+  data.tar.gz: d58b7402d7ab7648218205336ea5bd1df88d3fbbfeaa8680cd11f9666febf8c7a990a32eab5cfdbf6e1e1bb0bf40b39e4f42e7d4f5fc568f32aa6881f83c8e7d

data/.github/workflows/commitlint.yml

@@ -0,0 +1,16 @@
+name: commitlint
+on:
+  - pull_request
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: wagoid/commitlint-github-action@v1
+        with:
+          failOnWarnings: true

data/.github/workflows/release.yml

@@ -0,0 +1,50 @@
+name: release
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    env:
+      GITHUB_TOKEN: ${{ secrets.GHUB_PAT }}
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: ridedott/release-me-action@master
+        id: get-version-number
+        with:
+          dry-run: true
+          release-rules:
+            '[{ "type": "release", "scope": "major", "release": "major" }]'
+      - uses: actions/setup-ruby@v1
+        with:
+          ruby-version: "2.6"
+      - run: gem install bundler -v 2.1.2
+      - name: Set version.rb and Gemfile.lock
+        run: |
+          printf "module Chambermaid\n  VERSION = \"$NEW_VERSION\"\nend" > lib/chambermaid/version.rb
+          bundle install
+        env:
+          NEW_VERSION: ${{ steps.get-version-number.outputs.version }}
+      - run: bundle exec rake build
+      - uses: ridedott/release-me-action@master
+        with:
+          commit-assets: |
+            ./lib/chambermaid/version.rb
+            ./Gemfile.lock
+          release-assets: |
+            ./pkg/*.gem
+          release-rules:
+            '[{ "type": "release", "scope": "major", "release": "major" }]'
+      - name: publish to rubygems
+        run: |
+          mkdir -p ~/.gem
+          printf -- "---\n:rubygems_api_key: $GEM_HOST_API_KEY" > ~/.gem/credentials
+          chmod 0600 ~/.gem/credentials
+          gem push pkg/chambermaid-$NEW_VERSION.gem
+        env:
+          GEM_HOST_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }}
+          NEW_VERSION: ${{ steps.get-version-number.outputs.version }}

data/CHANGELOG.md

@@ -0,0 +1,35 @@
+## [0.5.5](https://github.com/mileszim/chambermaid/compare/v0.5.4...v0.5.5) (2020-08-03)
+
+### Documentation
+
+- add links to documentation and more info for rdoc ([3f7ec6d](https://github.com/mileszim/chambermaid/commit/3f7ec6ddb07478ceefef83403c1e5b9de447509a))
+
+## [0.5.4](https://github.com/mileszim/chambermaid/compare/v0.5.3...v0.5.4) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** chmod 0600 ~/.gem/credentials after generating ([ed85d5b](https://github.com/mileszim/chambermaid/commit/ed85d5b1d9b76762bcc50734c806a6e1cd224ad5))
+
+## [0.5.3](https://github.com/mileszim/chambermaid/compare/v0.5.2...v0.5.3) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** use bash end of args with printf ([fbc0ae2](https://github.com/mileszim/chambermaid/commit/fbc0ae28961c40f984e6685e5feb33799934f510))
+
+## [0.5.2](https://github.com/mileszim/chambermaid/compare/v0.5.1...v0.5.2) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** set rubygem api key into ~/.gem/credentials ([7faef58](https://github.com/mileszim/chambermaid/commit/7faef587631284c3bb89c22572b8bce9c31172d0))
+
+## [0.5.1](https://github.com/mileszim/chambermaid/compare/v0.5.0...v0.5.1) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** publish to rubygems on successful release ([e019c7d](https://github.com/mileszim/chambermaid/commit/e019c7df3f43c251a5542374cc9c869fc4b00d92))
+
+# [0.5.0](https://github.com/mileszim/chambermaid/compare/v0.4.1...v0.5.0) (2020-08-03)
+
+### Features
+
+- add commitlint and release workflow (#2) ([1159e69](https://github.com/mileszim/chambermaid/commit/1159e69e95701e4763fdbe08430d579c2a2a8440)), closes [#2](https://github.com/mileszim/chambermaid/issues/2)

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    chambermaid (0.3.2)
+    chambermaid (1.0.0)
       aws-sdk-ssm (~> 1.85)
 
 GEM

data/README.md

@@ -4,6 +4,8 @@ Companion RubyGem for [chamber](https://github.com/segmentio/chamber).
 
 Chambermaid injects AWS SSM params into your ENV. Plays nice with other ENV gems like dotenv.
 
+ - [RubyDocs](https://rubydoc.info/gems/chambermaid)
+
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -35,13 +37,21 @@ Chambermaid.add_service("my-chamber-service")
 # config/initializers/chambermaid.rb
 
 Chambermaid.configure do |config|
+  # Load all values from SSM Namespace path
   config.add_namespace("/my/param/namespace")
+
+  # Load values from chamber-cli service
   config.add_service("my-chamber-service")
 
   # Set `overload: true` to choose these params over existing
   # ones in ENV when they are merged together
   config.add_namespace("/my/important/namespace", overload: true)
 end
+
+# If this is standalone ruby (not a Rails environment),
+# call `Chambermaid.load!` after the configuration block
+#
+# Chambermaid.load!
 ```
 
 **Reload SSM into ENV**
@@ -55,6 +65,80 @@ Chambermaid.restore!
 Chambermaid.reset! # alias of .restore!
 ```
 
+**Configure Logging**
+```ruby
+Chambermaid.configure do |config|
+  # ... other config ...
+
+  # Change log level
+  config.log_level = :debug
+
+  # Set custom logger instance
+  config.logger = MyCoolLogger.new
+end
+
+# Outside of config block
+Chambermaid.log_level = :warn
+```
+
+_Note: Chambermaid.logger is set to Rails.logger automatically if including inside a rails app_
+
+### AWS Authentication
+
+Chambermaid expects your AWS credential configuration to live inside ENV on application load.
+
+> **Note:** `AWS_DEFAULT_REGION` or `AWS_REGION` is **required**
+
+You can use either:
+* `AWS_ACCESS_KEY_ID`
+* `AWS_SECRET_ACCESS_KEY`
+
+or STS grants:
+```bash
+$ aws-vault exec my-user -- bundle exec rails server
+```
+> *See [aws-vault](https://github.com/99designs/aws-vault/blob/master/USAGE.md) docs for more info*
+
+or a metadata endpoint grant:
+* Available in attached Task or EC2 instance. *See [AWS Docs](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint.html) for more info.*
+* Through aws-vault: `aws-vault exec -s my-user`
+
+#### IAM Permissions Required
+
+Since this is meant to work out of the box as a complement to [chamber cli](https://github.com/segmentio/chamber), it needs similar IAM permissions.
+
+In this case, however, we can grant read-only to the namespace(s).
+```json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "",
+            "Effect": "Allow",
+            "Action": "ssm:DescribeParameters",
+            "Resource": "*"
+        },
+        {
+            "Sid": "",
+            "Effect": "Allow",
+            "Action": [
+                "ssm:GetParametersByPath",
+                "ssm:GetParameters",
+                "ssm:GetParameter",
+                "kms:Decrypt"
+            ],
+            "Resource": [
+                "arn:aws:ssm:us-east-1:1234567890:parameter/my-chamber-service",
+                "arn:aws:kms:us-east-1:1234567890:key/258574a1-cfce-4530-9e3c-d4b07cd04115"
+            ]
+        }
+    ]
+}
+```
+> **Note:** `Resource` array MUST include the full ARN of the key id used for chamber cli
+> *(Default alias is `parameter_store_key`)*
+
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/chambermaid.gemspec

@@ -16,6 +16,8 @@ Gem::Specification.new do |spec|
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/mileszim/chambermaid"
   spec.metadata["changelog_uri"] = "https://github.com/mileszim/chambermaid/blob/master/CHANGELOG.md"
+  spec.metadata["documentation_uri"] = "https://rubydoc.info/gems/chambermaid"
+  spec.metadata["bug_tracker_uri"] = "https://github.com/mileszim/chambermaid/issues"
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.

data/lib/chambermaid.rb

@@ -1,5 +1,6 @@
 require "chambermaid/base"
 require "chambermaid/version"
+require "chambermaid/railtie" if defined?(Rails)
 
 module Chambermaid
   class Error < StandardError; end

data/lib/chambermaid/base.rb

@@ -1,3 +1,5 @@
+require "logger"
+
 require "chambermaid/environment"
 require "chambermaid/namespace"
 require "chambermaid/parameter_store"
@@ -13,7 +15,6 @@ module Chambermaid
 
     def configure
       yield self
-      load!
     end
 
     # @todo
@@ -104,6 +105,39 @@ module Chambermaid
       add_namespace(service)
     end
 
+    # !@attribute [r] logger
+    #   @return [Logger]
+    def logger
+      @logger ||= Logger.new(STDOUT,
+        level: log_level,
+        progname: "Chambermaid"
+      )
+    end
+
+    # !@attribute [w] logger
+    #   @return [Logger]
+    def logger=(val)
+      @logger = val
+      @logger.progname = "Chambermaid"
+      logger
+    end
+
+    # !@attribute [r] log_level
+    #   @return [Symbol] (default = :info) current logger level
+    def log_level
+      return logger.level unless @logger.nil?
+      return @log_level unless @log_level.nil?
+      return :info
+    end
+
+    # !@attribute [w] log_level
+    #   @return [Symbol] (default = :info) current logger level
+    def log_level=(val = :info)
+      @logger.level = val unless @logger.nil?
+      @log_level = val
+      val
+    end
+
     private
 
     def namespaces

data/lib/chambermaid/environment.rb

@@ -1,4 +1,9 @@
 module Chambermaid
+  # Environment keeps a set of params available to load into ENV. It also
+  # maintains a copy of ENV at the time of its initialization, in order to
+  # restore it.
+  #
+  # @attr_reader [Hash] params
   class Environment < Hash
     attr_reader :params
 
@@ -35,16 +40,22 @@ module Chambermaid
     end
 
     # Inject into ENV without overwriting duplicates
+    #
+    # @return [Hash]
     def load!
       each { |k, v| ENV[k] ||= v }
     end
 
     # Inject into ENV and overwrite duplicates
+    #
+    # @return [Hash]
     def overload!
       each { |k, v| ENV[k] = v }
     end
 
     # Restore to original ENV
+    #
+    # @return [ENV]
     def unload!
       ENV.replace(@_original_env)
     end

data/lib/chambermaid/namespace.rb

@@ -1,4 +1,6 @@
 module Chambermaid
+  # Namespaces each contain a ParameterStore and Environment instance,
+  # along with the overload flag
   class Namespace
     # @param [String] path
     # @param [Boolean] overload
@@ -10,25 +12,48 @@ module Chambermaid
       @env = Environment.new({})
     end
 
+    # Create a namespace and immediately fetch and inject params to ENV
+    #
+    # @see Chambermaid::Namespace.load!
+    #
+    # @param [String] path
+    # @param [Boolean] overload
+    #
+    # @return [Chambermaid::Namespace]
     def self.load!(path:, overload: false)
       namespace = new(path: path, overload: overload)
       namespace.load!
       namespace
     end
 
+    # Load ParameterStore and inject into ENV
+    #
+    # @see Chambermaid::ParameterStore#load!
+    # @see Chambermaid::Environment#load!
+    # @see Chambermaid::Environment#overload!
     def load!
       @store.load!
       load_env!
     end
 
+    # Unload params from ENV, reload ParameterStore, and inject into ENV
+    #
+    # @see Chambermaid::Environment#unload!
+    # @see Chambermaid::ParameterStore#reload!
+    # @see Chambermaid::Environment#load!
+    # @see Chambermaid::Environment#overload!
     def reload!
       @env.unload!
       @store.reload!
       load_env!
     end
 
+    # Unload params from ENV
+    #
+    # @see Chambermaid::Environment#unload!
     def unload!
       @env.unload!
+      Chambermaid.logger.info("unloaded #{@env.size} params from ENV")
     end
 
     private
@@ -37,6 +62,7 @@ module Chambermaid
     def load_env!
       @env.replace(@store.params)
       @overload ? @env.overload! : @env.load!
+      Chambermaid.logger.info("loaded #{@env.size} params into ENV from `#{@path}`")
     end
   end
 end

data/lib/chambermaid/parameter_store.rb

@@ -1,30 +1,52 @@
 require "aws-sdk-ssm"
 
 module Chambermaid
+  # ParameterStore instances fetch all parameters under a namespace/path
+  # from AWS SSM
+  #
+  # @note AWS authentication requires configuration via ENV (IAM credentials/STS)
   class ParameterStore
+    # @param [String] path
     def initialize(path:)
       @path = path
     end
 
+    # Fetch and decrypt all parameters selected by a namespace/path string
+    #
+    # @return [Boolean]
     def load!
       fetch_ssm_params!
     end
 
+    # Clear cached parameters and re-fetch parameters from AWS SSM
+    #
+    # @return [Boolean]
     def reload!
       clear_params!
       fetch_ssm_params!
     end
 
+    # Returns true if parameters have been fetched from AWS SSM
+    #
+    # @return [Boolean]
     def loaded?
       !@params_list.empty?
     end
 
+    # Create a ParameterStore and fetch from AWS SSM immediately
+    #
+    # @see Chambermaid::ParameterStore#load!
+    #
+    # @return [Chambermaid::ParameterStore]
     def self.load!(path:)
       store = new(path: path)
       store.load!
       store
     end
 
+    # ENV formatted Hash of parameters loaded from AWS SSM
+    #
+    # @return [Hash]
     def params
       @params ||= @param_list.map { |p|
         [p.name.split("/").last.upcase, p.value]
@@ -40,14 +62,20 @@ module Chambermaid
     end
 
     def fetch_ssm_params!
+      Chambermaid.logger.debug("fetching AWS SSM parameters from `#{@path}`")
       @param_list = []
       response = nil
       loop do
         response = fetch_ssm_param_batch!(response&.next_token)
         @param_list.concat(response.parameters)
 
-        break unless response.next_token
+        if response.next_token
+          Chambermaid.logger.debug("response.next_token found, continuing fetch")
+        else
+          break
+        end
       end
+      Chambermaid.logger.debug("fetched #{@param_list.size} parameters from `#{@path}`")
     end
 
     def fetch_ssm_param_batch!(next_token = nil)

data/lib/chambermaid/railtie.rb

@@ -0,0 +1,8 @@
+module Chambermaid
+  class Railtie < Rails::Railtie
+    config.after_initialize do
+      Chambermaid.logger = Rails.logger
+      Chambermaid.load!
+    end
+  end
+end

data/lib/chambermaid/version.rb

@@ -1,3 +1,3 @@
 module Chambermaid
-  VERSION = "0.3.2"
-end
+  VERSION = "1.0.0"
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chambermaid
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 1.0.0
 platform: ruby
 authors:
 - Miles Zimmerman
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-08-02 00:00:00.000000000 Z
+date: 2020-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-ssm
@@ -59,9 +59,12 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/commitlint.yml"
+- ".github/workflows/release.yml"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - Gemfile.lock
@@ -76,6 +79,7 @@ files:
 - lib/chambermaid/environment.rb
 - lib/chambermaid/namespace.rb
 - lib/chambermaid/parameter_store.rb
+- lib/chambermaid/railtie.rb
 - lib/chambermaid/version.rb
 homepage: https://github.com/mileszim/chambermaid
 licenses:
@@ -84,6 +88,8 @@ metadata:
   homepage_uri: https://github.com/mileszim/chambermaid
   source_code_uri: https://github.com/mileszim/chambermaid
   changelog_uri: https://github.com/mileszim/chambermaid/blob/master/CHANGELOG.md
+  documentation_uri: https://rubydoc.info/gems/chambermaid
+  bug_tracker_uri: https://github.com/mileszim/chambermaid/issues
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -99,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Companion Ruby Gem for chamber cli