chambermaid 0.4.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7205cca8ffd4e9f7b2e20eb02239fd42be4f9dcdbd7c85eafb2e74c000d39be6
-  data.tar.gz: a1b394c7dd79578e738defb6657276aa6988185d432153f900dab3b2bfeda97d
+  metadata.gz: db11b6ed46ebe0bec94edbdfc616b67dcbfd22e280ee5d2ef04c870ff27ea44d
+  data.tar.gz: ab097d0efc95e0e51d1fce0e51b771591c408d683f230716199cc880a3f813ec
 SHA512:
-  metadata.gz: 4ef58ed041bd944a89d06a72c4b4f71dfe7695ef86aa4c2a28edf6d32d6a8b46122c1bfe7b1f6461cf9199dfbe73cfcf9fadd7ee101b54f0e86be5d36cd76c9d
-  data.tar.gz: 9cb1b2f1781b2903a9af7121e7720a8c2f875a28472f8d0ded8b455560262917f2fec5e0cb8584886257de8141fabc90ca7d244d86435004b9c1377a121d4ee2
+  metadata.gz: 35e8d6217d1e90d8e4c24ebea8df5549cf514b82f54e59eec5ae986a84677175d57c1d6074f3b8ec9fa43f6d20e43180f53cba80294b002959bcea6bba676dfe
+  data.tar.gz: 2dd4f31782acc1fbd3ecf314d8462040cf7b1edff7df76d6ee9df46d794ce42b6e0d1796056f80e38092c59a1ebe52aed50db7039f44643f1669e9906d3eaa9d

data/.github/workflows/commitlint.yml

@@ -0,0 +1,16 @@
+name: commitlint
+on:
+  - pull_request
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: wagoid/commitlint-github-action@v1
+        with:
+          failOnWarnings: true

data/.github/workflows/release.yml

@@ -0,0 +1,56 @@
+name: release
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    env:
+      GITHUB_TOKEN: ${{ secrets.GHUB_PAT }}
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: ridedott/release-me-action@master
+        id: get-version-number
+        with:
+          dry-run: true
+          release-rules: |
+            [
+              { "type": "release", "scope": "major", "release": "major" },
+              { "type": "refactor", "release": "patch" }
+            ]
+      - uses: actions/setup-ruby@v1
+        with:
+          ruby-version: "2.6"
+      - run: gem install bundler -v 2.1.2
+      - name: Set version.rb and Gemfile.lock
+        run: |
+          printf "module Chambermaid\n  VERSION = \"$NEW_VERSION\"\nend" > lib/chambermaid/version.rb
+          bundle install
+        env:
+          NEW_VERSION: ${{ steps.get-version-number.outputs.version }}
+      - run: bundle exec rake build
+      - uses: ridedott/release-me-action@master
+        with:
+          commit-assets: |
+            ./lib/chambermaid/version.rb
+            ./Gemfile.lock
+          release-assets: |
+            ./pkg/*.gem
+          release-rules: |
+            [
+              { "type": "release", "scope": "major", "release": "major" },
+              { "type": "refactor", "release": "patch" }
+            ]
+      - name: publish to rubygems
+        run: |
+          mkdir -p ~/.gem
+          printf -- "---\n:rubygems_api_key: $GEM_HOST_API_KEY" > ~/.gem/credentials
+          chmod 0600 ~/.gem/credentials
+          gem push pkg/chambermaid-$NEW_VERSION.gem
+        env:
+          GEM_HOST_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }}
+          NEW_VERSION: ${{ steps.get-version-number.outputs.version }}

data/CHANGELOG.md

@@ -0,0 +1,51 @@
+## [1.0.1](https://github.com/mileszim/chambermaid/compare/v1.0.0...v1.0.1) (2020-08-03)
+
+### Code Refactoring
+
+- load dependencies specific to each module ([f52aa00](https://github.com/mileszim/chambermaid/commit/f52aa00410f6abc63263403d6180b463eca4c0bf))
+
+# [1.0.0](https://github.com/mileszim/chambermaid/compare/v0.5.5...v1.0.0) (2020-08-03)
+
+### Documentation
+
+- **README:** update README with authentication instructions ([fd2a826](https://github.com/mileszim/chambermaid/commit/fd2a826066a7507ecb97b68a8fbbaad2146da764))
+
+### Other
+
+- **major:** release version 1 ([eb2f11c](https://github.com/mileszim/chambermaid/commit/eb2f11cb7d963c27aba467643d46f52eddce2e7e))
+
+## [0.5.5](https://github.com/mileszim/chambermaid/compare/v0.5.4...v0.5.5) (2020-08-03)
+
+### Documentation
+
+- add links to documentation and more info for rdoc ([3f7ec6d](https://github.com/mileszim/chambermaid/commit/3f7ec6ddb07478ceefef83403c1e5b9de447509a))
+
+## [0.5.4](https://github.com/mileszim/chambermaid/compare/v0.5.3...v0.5.4) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** chmod 0600 ~/.gem/credentials after generating ([ed85d5b](https://github.com/mileszim/chambermaid/commit/ed85d5b1d9b76762bcc50734c806a6e1cd224ad5))
+
+## [0.5.3](https://github.com/mileszim/chambermaid/compare/v0.5.2...v0.5.3) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** use bash end of args with printf ([fbc0ae2](https://github.com/mileszim/chambermaid/commit/fbc0ae28961c40f984e6685e5feb33799934f510))
+
+## [0.5.2](https://github.com/mileszim/chambermaid/compare/v0.5.1...v0.5.2) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** set rubygem api key into ~/.gem/credentials ([7faef58](https://github.com/mileszim/chambermaid/commit/7faef587631284c3bb89c22572b8bce9c31172d0))
+
+## [0.5.1](https://github.com/mileszim/chambermaid/compare/v0.5.0...v0.5.1) (2020-08-03)
+
+### Bug Fixes
+
+- **release:** publish to rubygems on successful release ([e019c7d](https://github.com/mileszim/chambermaid/commit/e019c7df3f43c251a5542374cc9c869fc4b00d92))
+
+# [0.5.0](https://github.com/mileszim/chambermaid/compare/v0.4.1...v0.5.0) (2020-08-03)
+
+### Features
+
+- add commitlint and release workflow (#2) ([1159e69](https://github.com/mileszim/chambermaid/commit/1159e69e95701e4763fdbe08430d579c2a2a8440)), closes [#2](https://github.com/mileszim/chambermaid/issues/2)

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    chambermaid (0.4.0)
+    chambermaid (1.0.1)
       aws-sdk-ssm (~> 1.85)
 
 GEM

data/README.md

@@ -4,6 +4,8 @@ Companion RubyGem for [chamber](https://github.com/segmentio/chamber).
 
 Chambermaid injects AWS SSM params into your ENV. Plays nice with other ENV gems like dotenv.
 
+ - [RubyDocs](https://rubydoc.info/gems/chambermaid)
+
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -46,8 +48,10 @@ Chambermaid.configure do |config|
   config.add_namespace("/my/important/namespace", overload: true)
 end
 
-# Load after configuration
-Chambermaid.load!
+# If this is standalone ruby (not a Rails environment),
+# call `Chambermaid.load!` after the configuration block
+#
+# Chambermaid.load!
 ```
 
 **Reload SSM into ENV**
@@ -79,6 +83,62 @@ Chambermaid.log_level = :warn
 
 _Note: Chambermaid.logger is set to Rails.logger automatically if including inside a rails app_
 
+### AWS Authentication
+
+Chambermaid expects your AWS credential configuration to live inside ENV on application load.
+
+> **Note:** `AWS_DEFAULT_REGION` or `AWS_REGION` is **required**
+
+You can use either:
+* `AWS_ACCESS_KEY_ID`
+* `AWS_SECRET_ACCESS_KEY`
+
+or STS grants:
+```bash
+$ aws-vault exec my-user -- bundle exec rails server
+```
+> *See [aws-vault](https://github.com/99designs/aws-vault/blob/master/USAGE.md) docs for more info*
+
+or a metadata endpoint grant:
+* Available in attached Task or EC2 instance. *See [AWS Docs](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint.html) for more info.*
+* Through aws-vault: `aws-vault exec -s my-user`
+
+#### IAM Permissions Required
+
+Since this is meant to work out of the box as a complement to [chamber cli](https://github.com/segmentio/chamber), it needs similar IAM permissions.
+
+In this case, however, we can grant read-only to the namespace(s).
+```json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "",
+            "Effect": "Allow",
+            "Action": "ssm:DescribeParameters",
+            "Resource": "*"
+        },
+        {
+            "Sid": "",
+            "Effect": "Allow",
+            "Action": [
+                "ssm:GetParametersByPath",
+                "ssm:GetParameters",
+                "ssm:GetParameter",
+                "kms:Decrypt"
+            ],
+            "Resource": [
+                "arn:aws:ssm:us-east-1:1234567890:parameter/my-chamber-service",
+                "arn:aws:kms:us-east-1:1234567890:key/258574a1-cfce-4530-9e3c-d4b07cd04115"
+            ]
+        }
+    ]
+}
+```
+> **Note:** `Resource` array MUST include the full ARN of the key id used for chamber cli
+> *(Default alias is `parameter_store_key`)*
+
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/chambermaid.gemspec

@@ -16,6 +16,8 @@ Gem::Specification.new do |spec|
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/mileszim/chambermaid"
   spec.metadata["changelog_uri"] = "https://github.com/mileszim/chambermaid/blob/master/CHANGELOG.md"
+  spec.metadata["documentation_uri"] = "https://rubydoc.info/gems/chambermaid"
+  spec.metadata["bug_tracker_uri"] = "https://github.com/mileszim/chambermaid/issues"
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.

data/lib/chambermaid/base.rb

@@ -1,8 +1,5 @@
 require "logger"
-
-require "chambermaid/environment"
 require "chambermaid/namespace"
-require "chambermaid/parameter_store"
 
 module Chambermaid
   module Base

data/lib/chambermaid/environment.rb

@@ -1,4 +1,9 @@
 module Chambermaid
+  # Environment keeps a set of params available to load into ENV. It also
+  # maintains a copy of ENV at the time of its initialization, in order to
+  # restore it.
+  #
+  # @attr_reader [Hash] params
   class Environment < Hash
     attr_reader :params
 
@@ -35,16 +40,22 @@ module Chambermaid
     end
 
     # Inject into ENV without overwriting duplicates
+    #
+    # @return [Hash]
     def load!
       each { |k, v| ENV[k] ||= v }
     end
 
     # Inject into ENV and overwrite duplicates
+    #
+    # @return [Hash]
     def overload!
       each { |k, v| ENV[k] = v }
     end
 
     # Restore to original ENV
+    #
+    # @return [ENV]
     def unload!
       ENV.replace(@_original_env)
     end

data/lib/chambermaid/namespace.rb

@@ -1,4 +1,9 @@
+require "chambermaid/environment"
+require "chambermaid/parameter_store"
+
 module Chambermaid
+  # Namespaces each contain a ParameterStore and Environment instance,
+  # along with the overload flag
   class Namespace
     # @param [String] path
     # @param [Boolean] overload
@@ -10,23 +15,45 @@ module Chambermaid
       @env = Environment.new({})
     end
 
+    # Create a namespace and immediately fetch and inject params to ENV
+    #
+    # @see Chambermaid::Namespace.load!
+    #
+    # @param [String] path
+    # @param [Boolean] overload
+    #
+    # @return [Chambermaid::Namespace]
     def self.load!(path:, overload: false)
       namespace = new(path: path, overload: overload)
       namespace.load!
       namespace
     end
 
+    # Load ParameterStore and inject into ENV
+    #
+    # @see Chambermaid::ParameterStore#load!
+    # @see Chambermaid::Environment#load!
+    # @see Chambermaid::Environment#overload!
     def load!
       @store.load!
       load_env!
     end
 
+    # Unload params from ENV, reload ParameterStore, and inject into ENV
+    #
+    # @see Chambermaid::Environment#unload!
+    # @see Chambermaid::ParameterStore#reload!
+    # @see Chambermaid::Environment#load!
+    # @see Chambermaid::Environment#overload!
     def reload!
       @env.unload!
       @store.reload!
       load_env!
     end
 
+    # Unload params from ENV
+    #
+    # @see Chambermaid::Environment#unload!
     def unload!
       @env.unload!
       Chambermaid.logger.info("unloaded #{@env.size} params from ENV")

data/lib/chambermaid/parameter_store.rb

@@ -1,30 +1,52 @@
 require "aws-sdk-ssm"
 
 module Chambermaid
+  # ParameterStore instances fetch all parameters under a namespace/path
+  # from AWS SSM
+  #
+  # @note AWS authentication requires configuration via ENV (IAM credentials/STS)
   class ParameterStore
+    # @param [String] path
     def initialize(path:)
       @path = path
     end
 
+    # Fetch and decrypt all parameters selected by a namespace/path string
+    #
+    # @return [Boolean]
     def load!
       fetch_ssm_params!
     end
 
+    # Clear cached parameters and re-fetch parameters from AWS SSM
+    #
+    # @return [Boolean]
     def reload!
       clear_params!
       fetch_ssm_params!
     end
 
+    # Returns true if parameters have been fetched from AWS SSM
+    #
+    # @return [Boolean]
     def loaded?
       !@params_list.empty?
     end
 
+    # Create a ParameterStore and fetch from AWS SSM immediately
+    #
+    # @see Chambermaid::ParameterStore#load!
+    #
+    # @return [Chambermaid::ParameterStore]
     def self.load!(path:)
       store = new(path: path)
       store.load!
       store
     end
 
+    # ENV formatted Hash of parameters loaded from AWS SSM
+    #
+    # @return [Hash]
     def params
       @params ||= @param_list.map { |p|
         [p.name.split("/").last.upcase, p.value]

data/lib/chambermaid/railtie.rb

@@ -1,6 +1,6 @@
 module Chambermaid
   class Railtie < Rails::Railtie
-    config.before_configuration do
+    config.after_initialize do
       Chambermaid.logger = Rails.logger
       Chambermaid.load!
     end

data/lib/chambermaid/version.rb

@@ -1,3 +1,3 @@
 module Chambermaid
-  VERSION = "0.4.0"
-end
+  VERSION = "1.0.1"
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chambermaid
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Miles Zimmerman
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-08-02 00:00:00.000000000 Z
+date: 2020-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-ssm
@@ -59,9 +59,12 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/commitlint.yml"
+- ".github/workflows/release.yml"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - Gemfile.lock
@@ -85,6 +88,8 @@ metadata:
   homepage_uri: https://github.com/mileszim/chambermaid
   source_code_uri: https://github.com/mileszim/chambermaid
   changelog_uri: https://github.com/mileszim/chambermaid/blob/master/CHANGELOG.md
+  documentation_uri: https://rubydoc.info/gems/chambermaid
+  bug_tracker_uri: https://github.com/mileszim/chambermaid/issues
 post_install_message: 
 rdoc_options: []
 require_paths: