config_o_mat 0.5.7 → 0.5.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8350a909966c6de2c8f3ed1de8dbf003c4b26eef0c929c759661dd9088e75d83
-  data.tar.gz: 9339ccb2ec996a3669d8feba956624931c9cb649c7b8f91c9fb048355fd9d814
+  metadata.gz: f230957ea0207b297e312345111dda19349194b5fd4731a4a90eb5ef185dd599
+  data.tar.gz: 1dba9c32e8a41d4bdb4f0257c286209a6759ec191d7520959ff1748e40329b8e
 SHA512:
-  metadata.gz: 63b01beb38ad4fbbd5e2431bf428eb8e27e0c0a76983f93ca8e655bdec317e167e8a79539368db986cd4ee8a02bb00f06a10c48dc557234ac6a83b1c1c097e60
-  data.tar.gz: 6377e0004345fa5c55d84e4892f654fbce97d3d734b42da5bdab4848888d432fc572aa0c6cc4e6360d5504f4778797c3ef93d91aae86b0d016e6d13188f5f595
+  metadata.gz: ce2b20c6942f83a13d1c672f2b6beb4fe3b45f7a08bff3f3dfbce20c6a1b9f8878cf883739a1b41e0b0e84ade645bafdb30f88e001fd9252348ab3775bedfdc5
+  data.tar.gz: f12fee67d7c16366c059816b94ed244ea98a0b018265c2f26dfe680f7ecb8fc57758e0c9d22f8cac7f2b1852ceeb7ead3d68ae27aac3d6734689dcbfc98ea075

data/.github/workflows/test.yml

@@ -0,0 +1,30 @@
+name: Test
+
+on:
+  push:
+    branches: ['**']
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby-version: ['2.7', '3.1', '3.2', '3.3', '3.4']
+
+    env:
+      AWS_REGION: us-east-1
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true
+
+      - name: Run tests
+        run: bundle exec rake spec

data/.ruby-version

@@ -1 +1 @@
-2.7.4
+3.3.9

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.5.8
+
+BUG FIXES:
+
+* Fixes crash when using S3 fallback under Ruby 3.3+
+
 ## 0.5.7
 
 BUG FIXES:

data/CLAUDE.md

@@ -0,0 +1,215 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Overview
+
+ConfigOMat (config_o_mat) is a Ruby gem that manages runtime configuration of systemd services by:
+1. Reading configuration data from AWS AppConfig and AWS Secrets Manager
+2. Rendering ERB templates with that data
+3. Restarting systemd services to apply configuration updates
+
+The system polls AWS AppConfig on a configurable interval and applies configuration changes atomically.
+
+## Working with Claude Code
+
+### Git Workflow
+
+**Branch Naming**: Use prefixes to categorize work:
+- `feat/` - New features
+- `maint/` - Maintenance tasks (CI, dependencies, tooling)
+- `fix/` - Bug fixes
+
+Branch names should be short and succinct (e.g., `maint/ci-setup`, `feat/metrics`, `fix/retry-logic`).
+
+**Commit Messages**: When Claude creates commits, include the complete verbatim user prompts that led to the changes. This helps other users understand how to effectively work with Claude by seeing real interaction examples.
+
+### Text Artifacts
+
+All text artifacts (planning documents, commit messages, branch names, documentation updates, etc.) should be:
+- **Short and concise** - Get to the point quickly
+- **Non-duplicative** - Don't restate what's visible in nearby context (e.g., commit messages shouldn't repeat the diff)
+- **Focused on "why" over "what"** - The code/diff shows what changed; explain the reasoning
+
+## Development Commands
+
+### Running Tests
+```bash
+bundle exec rake spec                    # Run all tests
+bundle exec rspec spec/path/to/spec.rb   # Run a single test file
+bundle exec rspec spec/path/to/spec.rb:42 # Run test at specific line
+```
+
+### Building and Installing
+```bash
+bundle install                           # Install dependencies
+bundle exec rake build                   # Build the gem
+bundle exec rake install                 # Install the gem locally
+bundle exec rake release                 # Release new version (bumps version, tags, pushes)
+```
+
+### Documentation
+```bash
+bundle exec rake doc                     # Generate YARD documentation
+```
+
+### Code Coverage
+Tests use SimpleCov with branch coverage enabled. Coverage reports are generated automatically when running specs.
+
+## Architecture
+
+### State Machine Pattern (LifecycleVM)
+
+The codebase uses the `lifecycle_vm` gem to implement behavior as finite state machines. Each major component is a VM (Virtual Machine) that defines states, operations, and transitions:
+
+- **Configurator::VM** (`lib/config_o_mat/configurator.rb`) - Main configuration management lifecycle
+- **MetaConfigurator::VM** (`lib/config_o_mat/meta_configurator.rb`) - Generates systemd unit files from meta-config
+- **FlipFlopper::VM** (`lib/config_o_mat/flip_flopper.rb`) - Manages flip-flop service restarts (instantiated units @1 and @2)
+- **SecretsLoader::VM** (`lib/config_o_mat/secrets_loader.rb`) - Loads secrets from AWS Secrets Manager
+
+Each VM has:
+- **Memory class** - Holds all state for the VM (immutable state pattern)
+- **Op (Operations)** - Actions that execute and modify state (in `op/` subdirectories)
+- **Cond (Conditions)** - Decision points that determine state transitions (in `cond/` subdirectories)
+
+### Core Workflow (Configurator::VM)
+
+1. **Parse CLI** → Parse command-line arguments
+2. **Load Meta Config** → Read and merge all `.conf` files from config directory
+3. **Compile Templates** → Load and compile ERB templates
+4. **Connect to AWS** → Initialize AWS SDK clients (AppConfig, Secrets Manager, S3)
+5. **Refresh Profiles** → Poll AWS AppConfig for configuration updates
+6. **Apply Profiles** → Process updated profiles and load any referenced secrets
+7. **Generate Templates** → Render ERB templates with profile data
+8. **Reload Services** → Restart affected systemd services
+9. **Running** → Sleep until next refresh interval, then loop back to refresh
+
+### Configuration Types (lib/config_o_mat/shared/types.rb)
+
+The system defines several key configuration objects:
+- **Profile** - AWS AppConfig profile definition (application, environment, profile name)
+- **Template** - ERB template file mapping (src → dst)
+- **Service** - Systemd service with restart mode (`restart`, `flip_flop`, `restart_all`, `none`)
+- **Secret** - AWS Secrets Manager secret definition with parsing instructions
+- **LoadedAppconfigProfile** - Loaded profile data with parsed content (JSON/YAML/text)
+- **LoadedSecret** - Loaded secret data from AWS Secrets Manager
+- **FacterProfile** - System facts from the Facter gem
+
+### Restart Modes
+
+Services can use different restart strategies:
+- **restart** - Standard systemd try-reload-or-restart
+- **flip_flop** - Zero-downtime restart using instantiated units (@1 and @2)
+- **restart_all** - Restart all instances of an instantiated unit template
+- **none** - Only update files, don't restart
+
+### Error Handling and Retry Logic
+
+The Configurator VM includes retry logic:
+- On first run, any operation failure causes the VM to fail immediately
+- After first run, failures trigger retry with exponential backoff
+- Configurable via `retry_count` and `retry_wait` in config files
+- Failed profile refreshes can roll back to previous working version
+
+### Secrets Integration
+
+Profiles can reference secrets via the `aws:secrets` key in their configuration. The SecretsLoader VM:
+1. Identifies secrets to load from staged profiles
+2. Checks an in-memory cache to avoid unnecessary AWS calls
+3. Loads secrets from AWS Secrets Manager
+4. Parses secrets according to content_type (JSON/YAML/text)
+5. Makes secrets available to ERB templates
+
+### Testing Pattern
+
+Tests use RSpec with:
+- `spec_helper.rb` configures SimpleCov, shared contexts, and Facter mocking
+- Tests are organized by component: `configurator/`, `flip_flopper/`, `secrets_loader/`, `meta_configurator/`, `shared/`
+- Each Op and Cond has corresponding spec files
+- Shared context `'with a logger'` provides test logger for specs tagged with `logger: true`
+- Facter is mocked by default with fixture data from `spec/fixtures/facter/default`
+
+### Operations (Op) Pattern
+
+When adding new operations:
+- Inherit from `LifecycleVM::OpBase`
+- Declare `reads` for memory fields to read
+- Declare `writes` for memory fields to modify
+- Implement `call` method
+- Use `error(field, message)` to record errors
+- Return early if `errors?` is true
+
+### Conditions (Cond) Pattern
+
+When adding new conditions:
+- Inherit from `LifecycleVM::CondBase`
+- Declare `reads` for memory fields to read
+- Implement `call` to return the decision value
+- Must return a value that matches a key in the VM's state transition map
+
+## Configuration File Format
+
+Meta-configuration files (`.conf` in YAML):
+```yaml
+log_level: debug|info|notice|warn|error
+log_type: stdout|file
+log_file: path/to/file.log
+refresh_interval: 5  # seconds
+retry_count: 3
+retry_wait: 2  # seconds
+region: us-east-1
+gc_compact: 0  # number of ticks between GC compacts (0 = disabled)
+gc_stat: 0     # number of ticks between GC stat logs (0 = disabled)
+fallback_s3_bucket: bucket-name  # Required if any profile uses s3_fallback
+
+profiles:
+  profile_name:
+    application: app-name
+    environment: env-name
+    profile: profile-name
+    s3_fallback: s3-key-prefix  # Optional S3 fallback location
+
+templates:
+  template_name:
+    src: source/path.erb
+    dst: destination/path
+
+services:
+  service_name:
+    systemd_unit: unit-name
+    restart_mode: restart|flip_flop|restart_all|none
+    templates:
+      - template_name
+
+facter: profile_name  # Enable Facter profile with given name
+```
+
+Multiple `.conf` files are deep-merged in lexical order.
+
+## File Organization
+
+- `bin/` - Executable entry points
+- `lib/config_o_mat/` - Main source code
+  - `configurator/` - Main configuration management VM
+  - `meta_configurator/` - Systemd config generation VM
+  - `flip_flopper/` - Zero-downtime restart VM
+  - `secrets_loader/` - AWS Secrets Manager integration VM
+  - `shared/` - Shared operations, conditions, and types
+- `spec/` - RSpec tests mirroring lib structure
+- `design/` - Original design documentation
+
+## Dependencies
+
+Key external dependencies:
+- `lifecycle_vm` - State machine framework
+- `aws-sdk-appconfig` - AWS AppConfig client
+- `aws-sdk-secretsmanager` - AWS Secrets Manager client
+- `aws-sdk-s3` - S3 client for fallback configurations
+- `ruby-dbus` - systemd communication via D-Bus
+- `sd_notify` - systemd watchdog notifications
+- `facter` - System fact collection
+- `logsformyfamily` - Structured JSON logging
+
+## Ruby Version
+
+Requires Ruby >= 2.7.0 (see `.ruby-version` and gemspec for current version).

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    config_o_mat (0.5.7)
+    config_o_mat (0.5.8)
       aws-sdk-appconfig (~> 1.18)
       aws-sdk-s3 (~> 1.114)
       aws-sdk-secretsmanager (~> 1.57)
@@ -15,32 +15,34 @@ GEM
   remote: https://rubygems.org/
   specs:
     aws-eventstream (1.4.0)
-    aws-partitions (1.1134.0)
-    aws-sdk-appconfig (1.68.0)
-      aws-sdk-core (~> 3, >= 3.227.0)
+    aws-partitions (1.1174.0)
+    aws-sdk-appconfig (1.71.0)
+      aws-sdk-core (~> 3, >= 3.231.0)
       aws-sigv4 (~> 1.5)
-    aws-sdk-core (3.227.0)
+    aws-sdk-core (3.233.0)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.992.0)
       aws-sigv4 (~> 1.9)
       base64
+      bigdecimal
       jmespath (~> 1, >= 1.6.1)
       logger
-    aws-sdk-kms (1.107.0)
-      aws-sdk-core (~> 3, >= 3.227.0)
+    aws-sdk-kms (1.114.0)
+      aws-sdk-core (~> 3, >= 3.231.0)
       aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.194.0)
-      aws-sdk-core (~> 3, >= 3.227.0)
+    aws-sdk-s3 (1.200.0)
+      aws-sdk-core (~> 3, >= 3.231.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.5)
-    aws-sdk-secretsmanager (1.117.0)
-      aws-sdk-core (~> 3, >= 3.227.0)
+    aws-sdk-secretsmanager (1.120.0)
+      aws-sdk-core (~> 3, >= 3.231.0)
       aws-sigv4 (~> 1.5)
     aws-sigv4 (1.12.1)
       aws-eventstream (~> 1, >= 1.0.2)
     base64 (0.3.0)
-    diff-lcs (1.5.0)
-    docile (1.4.0)
+    bigdecimal (3.3.1)
+    diff-lcs (1.6.2)
+    docile (1.4.1)
     facter (4.10.0)
       hocon (~> 1.3)
       thor (>= 1.0.1, < 1.3)
@@ -49,20 +51,21 @@ GEM
     lifecycle_vm (0.1.3)
     logger (1.7.0)
     logsformyfamily (0.3.0)
-    rexml (3.4.1)
-    rspec (3.12.0)
-      rspec-core (~> 3.12.0)
-      rspec-expectations (~> 3.12.0)
-      rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.1)
-      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.2)
+    rake (13.3.0)
+    rexml (3.4.4)
+    rspec (3.13.2)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.6)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.3)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.6)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-support (3.12.0)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.6)
     ruby-dbus (0.19.0)
       rexml
     sd_notify (0.1.1)
@@ -70,7 +73,7 @@ GEM
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.12.3)
+    simplecov-html (0.13.2)
     simplecov_json_formatter (0.1.4)
     thor (1.2.2)
 
@@ -79,8 +82,9 @@ PLATFORMS
 
 DEPENDENCIES
   config_o_mat!
+  rake (~> 13.0)
   rspec (~> 3.10)
   simplecov (~> 0.22.0)
 
 BUNDLED WITH
-   2.1.4
+   2.4.22

data/config_o_mat.gemspec

@@ -47,6 +47,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency('sd_notify', '~> 0.1.1')
   spec.add_dependency('facter', ['~> 4.2', '>= 4.2.8'])
 
+  spec.add_development_dependency('rake', '~> 13.0')
   spec.add_development_dependency('simplecov', '~> 0.22.0')
   spec.add_development_dependency('rspec', '~> 3.10')
 end

data/lib/config_o_mat/configurator/op/refresh_all_profiles.rb

@@ -59,7 +59,7 @@ module ConfigOMat
       def request_from_s3(profile_name, definition, ignore_errors)
         begin
           s3_response = s3_client.get_object(bucket: fallback_s3_bucket, key: definition.s3_fallback)
-          OpenStruct.new(
+          ConfigOMat::S3FallbackResponse.new(
             content: s3_response.body,
             content_type: s3_response.content_type,
             configuration_version: s3_response.version_id || s3_response.etag

data/lib/config_o_mat/configurator/op/refresh_profile.rb

@@ -57,7 +57,7 @@ module ConfigOMat
       def request_from_s3(profile_name, definition)
         begin
           s3_response = s3_client.get_object(bucket: fallback_s3_bucket, key: definition.s3_fallback)
-          OpenStruct.new(
+          ConfigOMat::S3FallbackResponse.new(
             content: s3_response.body,
             content_type: s3_response.content_type,
             configuration_version: s3_response.version_id || s3_response.etag

data/lib/config_o_mat/shared/types.rb

@@ -456,6 +456,35 @@ module ConfigOMat
     end
   end
 
+  class S3FallbackResponse < ConfigItem
+    attr_reader :content, :content_type, :configuration_version
+
+    def initialize(content:, content_type:, configuration_version:)
+      @content = content
+      @content_type = content_type
+      @configuration_version = configuration_version
+    end
+
+    def validate
+      error :content, PRESENCE_ERROR_MSG if @content.nil?
+      error :content_type, PRESENCE_ERROR_MSG if @content_type.nil? || @content_type.empty?
+      error :configuration_version, PRESENCE_ERROR_MSG if @configuration_version.nil? || @configuration_version.empty?
+    end
+
+    def hash
+      @content.hash ^ @content_type.hash ^ @configuration_version.hash
+    end
+
+    def eql?(other)
+      return false if !super(other)
+      if other.content != content ||
+         other.content_type != content_type ||
+         other.configuration_version != configuration_version
+        return false
+      end
+      true
+    end
+  end
 
   class LoadedProfile < ConfigItem
     extend Forwardable

data/lib/config_o_mat/version.rb

@@ -15,5 +15,5 @@
 # limitations under the License.
 
 module ConfigOMat
-  VERSION = "0.5.7"
+  VERSION = "0.5.8"
 end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: config_o_mat
 version: !ruby/object:Gem::Version
-  version: 0.5.7
+  version: 0.5.8
 platform: ruby
 authors:
 - Alex Scarborough
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-07-24 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-appconfig
@@ -128,6 +127,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 4.2.8
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -156,7 +169,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.10'
-description:
 email:
 - alex@teak.io
 executables:
@@ -165,11 +177,13 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/test.yml"
 - ".gitignore"
 - ".rspec"
 - ".ruby-gemset"
 - ".ruby-version"
 - CHANGELOG.md
+- CLAUDE.md
 - Gemfile
 - Gemfile.lock
 - LICENSE
@@ -248,7 +262,6 @@ licenses: []
 metadata:
   homepage_uri: https://github.com/GoCarrot/configurator
   source_code_uri: https://github.com/GoCarrot/configurator
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -263,8 +276,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
-signing_key:
+rubygems_version: 3.7.2
 specification_version: 4
 summary: ConfigOMat applies AWS AppConfig to Systemd services.
 test_files: []