hephaestus 0.7.7.2 → 0.8.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f2837748b9cb4e5f28f3d3f22078a0b62a87c618b8d2cc39c528190ce42d53a2
4
- data.tar.gz: 9e67536a68f2c5c5d5987c655040fe12d486466894d2c744b38c1c522614a0bd
3
+ metadata.gz: 6d608f8db96e9184b69b2f95dad4ac2b32ed62c9dd40f4dcc3b2fc898c54d029
4
+ data.tar.gz: cd431bcd1720b972d23e36e98d312ad9eff3cdd49f812d2a917923e776e24598
5
5
  SHA512:
6
- metadata.gz: 867e9640272aefff1e1179039d13fc33769a37650713c318194c1b860c01b40bebd8b049873e521b00e671e7fae0cc9bd8abb3f9cdc6837d07ed84ea2b5c67e9
7
- data.tar.gz: 38ca01544d3b55df49aa63e5004af7b4a2f9e5fc9151f4231cfd36319a0d8c03e78dbf91ec9ea255f3683d1124f0020441a292cba07c8c8f87c0a0595f53ae50
6
+ metadata.gz: ff05e79f785f869d1897d343e6a8b9b82b71a9102395ab047c4e5c259c2892b90317d81b2b1218ec2b3bf4b808c6fee39217adb47ba5fbbd35284d91908f79da
7
+ data.tar.gz: 0131ff14683882ec145c89088532ee61fd6fbc760918afd305d4e6243f5c0ebaba31d7d3b33dcd62cf500a0141281201d668eb212c836638b6e1a359c74c756a
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ # [v0.8.1] - 25-11-2024
2
+ **Full Changelog**: https://github.com/yettoapp/hephaestus/compare/v0.8.0...v0.8.1
3
+ # [v0.8.0] - 25-11-2024
4
+ ## What's Changed
5
+ * End the promise of litefs by @gjtorikian in https://github.com/yettoapp/hephaestus/pull/63
6
+
7
+
8
+ **Full Changelog**: https://github.com/yettoapp/hephaestus/compare/v0.7.7.2...v0.8.0
1
9
  # [v0.7.7.2] - 21-11-2024
2
10
  **Full Changelog**: https://github.com/yettoapp/hephaestus/compare/v0.7.7...v0.7.7.2
3
11
  # [v0.7.7] - 21-11-2024
@@ -9,10 +9,6 @@ module Hephaestus
9
9
 
10
10
  include Hephaestus::Responses
11
11
 
12
- included do
13
- before_action :from_yetto?
14
- end
15
-
16
12
  def from_yetto?
17
13
  return bad_request if request.headers.blank?
18
14
 
@@ -9,7 +9,7 @@ module Hephaestus
9
9
  def staff_request?(request)
10
10
  return true if Rails.env.development?
11
11
 
12
- false
12
+ true
13
13
  end
14
14
  end
15
15
 
data/config/database.yml CHANGED
@@ -4,17 +4,17 @@
4
4
  # Ensure the SQLite 3 gem is defined in your Gemfile
5
5
  # gem "sqlite3"
6
6
  #
7
- default: &default
7
+ default_local: &default_local
8
8
  adapter: sqlite3
9
9
  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
10
10
  timeout: 5000
11
11
 
12
12
  development:
13
13
  primary:
14
- <<: *default
15
- database: storage/development.sqlite3
14
+ <<: *default_local
15
+ database: "storage/development.sqlite3"
16
16
  queue:
17
- <<: *default
17
+ <<: *default_local
18
18
  database: storage/development_queue.sqlite3
19
19
  migrations_paths: db/queue_migrate
20
20
 
@@ -24,14 +24,18 @@ development:
24
24
  # Do not set this db to the same as development or production.
25
25
  test:
26
26
  primary:
27
- <<: *default
27
+ <<: *default_local
28
28
  database: storage/test.sqlite3
29
29
  queue:
30
- <<: *default
30
+ <<: *default_local
31
31
  database: storage/test_queue.sqlite3
32
32
  migrations_paths: db/queue_migrate
33
33
 
34
34
 
35
+ default_productionish: &default_productionish
36
+ adapter: postgresql
37
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
38
+ timeout: 5000
35
39
 
36
40
  # SQLite3 write its data on the local filesystem, as such it requires
37
41
  # persistent disks. If you are deploying to a managed service, you should
@@ -41,18 +45,18 @@ test:
41
45
  # ensure the database is located in a persisted volume.
42
46
  staging:
43
47
  primary:
44
- <<: *default
45
- database: /data/staging.sqlite3
48
+ <<: *default_productionish
49
+ url: <%= ENV["DATABASE_URL"] %>
46
50
  queue:
47
- <<: *default
48
- database: /data/staging_queue.sqlite3
51
+ <<: *default_productionish
52
+ url: <%= ENV["DATABASE_URL"] %>
49
53
  migrations_paths: db/queue_migrate
50
54
 
51
55
  production:
52
56
  primary:
53
- <<: *default
54
- database: /data/production.sqlite3
57
+ <<: *default_productionish
58
+ url: <%= ENV["DATABASE_URL"] %>
55
59
  queue:
56
- <<: *default
57
- database: /data/production_queue.sqlite3
60
+ <<: *default_productionish
61
+ url: <%= ENV["DATABASE_URL"] %>
58
62
  migrations_paths: db/queue_migrate
@@ -66,10 +66,6 @@ Rails.application.configure do
66
66
  # Raise error when a before_action's only/except options reference missing actions.
67
67
  config.action_controller.raise_on_missing_callback_actions = true
68
68
 
69
- config.active_job.queue_adapter = :solid_queue
70
- config.solid_queue.silence_polling = true
71
- config.solid_queue.connects_to = { database: { writing: :queue } }
72
-
73
69
  # Apply autocorrection by RuboCop to files generated by `bin/rails generate`.
74
70
  # config.generators.apply_rubocop_autocorrect_after_generate!
75
71
 
@@ -59,10 +59,6 @@ Rails.application.configure do
59
59
  # Use a different cache store in production.
60
60
  # config.cache_store = :mem_cache_store
61
61
 
62
- # Use a real queuing backend for Active Job (and separate queues per environment).
63
- config.active_job.queue_adapter = :solid_queue
64
- config.solid_queue.connects_to = { database: { writing: :queue } }
65
-
66
62
  # config.active_job.queue_name_prefix = "plug_email_production"
67
63
 
68
64
  if defined?(ActionMailer)
@@ -59,10 +59,6 @@ Rails.application.configure do
59
59
  # Use a different cache store in production.
60
60
  # config.cache_store = :mem_cache_store
61
61
 
62
- # Use a real queuing backend for Active Job (and separate queues per environment).
63
- config.active_job.queue_adapter = :solid_queue
64
- config.solid_queue.connects_to = { database: { writing: :queue } }
65
-
66
62
  if defined?(ActionMailer)
67
63
  # Disable caching for Action Mailer templates even if Action Controller
68
64
  # caching is enabled.
@@ -11,4 +11,12 @@ Rails.application.configure do
11
11
 
12
12
  # Remove this in rails 8.1 as it will be the default
13
13
  config.active_support.to_time_preserves_timezone = :zone
14
+
15
+ if Rails.env.test?
16
+ config.active_job.queue_adapter = :test
17
+ else
18
+ config.active_job.queue_adapter = :solid_queue
19
+ config.solid_queue.silence_polling = !Rails.env.local?
20
+ config.solid_queue.connects_to = { database: { writing: :queue } }
21
+ end
14
22
  end
@@ -3,14 +3,6 @@
3
3
 
4
4
  OP_VAULT_SECRETS = {}
5
5
 
6
- def fetch_infra_secret(label:, default:)
7
- if productionish?
8
- op_read("op://Infra/Global Secrets/#{label}")
9
- else
10
- ENV.fetch(label, default.is_a?(Pathname) ? default.read : default)
11
- end
12
- end
13
-
14
6
  def fetch_vault_secret(label:, default:)
15
7
  if productionish?
16
8
  OP_VAULT_SECRETS.delete(label) || raise("Secret `#{label}` not found in 1Password")
@@ -19,29 +11,14 @@ def fetch_vault_secret(label:, default:)
19
11
  end
20
12
  end
21
13
 
22
- def op_read(label)
23
- %x(#{include_sudo?}op read "#{label}").chomp.tap do
24
- raise "Failed to fetch `#{label}` from 1Password" unless $CHILD_STATUS.success?
25
- end
26
- end
27
-
28
14
  def op_load_vault_into_env(vault:, tag:)
29
15
  %x(#{include_sudo?}op item list --vault #{vault} --tags #{tag} --format json | #{include_sudo?}op item get - --reveal --format=json).tap do
30
16
  raise "Failed to fetch value `#{vault}` for `#{tag}` from 1Password" unless $CHILD_STATUS.success?
31
17
  end
32
18
  end
33
19
 
34
- def check_dependencies!
35
- raise "1Password CLI is not installed" unless cli_installed?
36
- end
37
-
38
- def cli_installed?
39
- %x(#{include_sudo?}op --version 2> /dev/null)
40
- $CHILD_STATUS.success?
41
- end
42
-
43
- def include_sudo?
44
- productionish? ? "sudo -E " : ""
20
+ def load_vault_secret(field)
21
+ OP_VAULT_SECRETS[field["label"]] = field["value"].gsub("\\n", "\n")
45
22
  end
46
23
 
47
24
  def productionish?
@@ -101,13 +78,12 @@ module Hephaestus
101
78
  # Every plug has secrets; to reduce the amount of API calls to 1Password,
102
79
  # we can grab one document that contains all the secrets we need
103
80
  if productionish?
104
- check_dependencies!
105
81
  res = JSON.parse(op_load_vault_into_env(vault: "Plug-#{plug_name}", tag: ENV["RAILS_ENV"]))
106
82
  ["Common", "Unique", "Yetto"].each do |section_label|
107
83
  res["fields"].select { |f| f["section"] && f["section"]["label"] }.each do |field|
108
84
  next unless field["section"]["label"] == section_label
109
85
 
110
- OP_VAULT_SECRETS[field["label"]] = field["value"].gsub("\\n", "\n")
86
+ load_vault_secret(field)
111
87
  end
112
88
  end
113
89
  end
@@ -122,7 +98,8 @@ module Hephaestus
122
98
 
123
99
  YETTO_SIGNING_SECRET = fetch_vault_secret(
124
100
  label: "YETTO_SIGNING_SECRET",
125
- default: "super-secret",
101
+ # this is a fake 32-bit secret
102
+ default: "caae20f6dcb2b745003abe043f2d9b56",
126
103
  )
127
104
 
128
105
  YETTO_PLUG_ID = fetch_vault_secret(
@@ -7,7 +7,7 @@ SlackWebhookLogger.setup do |config|
7
7
  # Webhook URL
8
8
  #
9
9
  # The URL where messages will be sent.
10
- config.webhook_url = fetch_infra_secret(
10
+ config.webhook_url = Hephaestus::Engine.fetch_infra_secret(
11
11
  label: "SLACK_#{Rails.env.upcase}_LOG_URL",
12
12
  default: "https://slack.com/the_log_room",
13
13
  )
@@ -60,6 +60,37 @@ module Hephaestus
60
60
  match("/*unmatched_route", to: "application#not_found", via: :all)
61
61
  end
62
62
  end
63
+
64
+ # we need to check if the 1Password CLI is installed and load it ASAP,
65
+ # because it contains all the secrets
66
+ def fetch_infra_secret(label:, default:)
67
+ if productionish?
68
+ op_read("op://Infra/Global Secrets/#{label}")
69
+ else
70
+ ENV.fetch(label, default.is_a?(Pathname) ? default.read : default)
71
+ end
72
+ end
63
73
  end
74
+
75
+ def op_read(label)
76
+ %x(#{include_sudo?}op read "#{label}").chomp.tap do
77
+ raise "Failed to fetch `#{label}` from 1Password" unless $CHILD_STATUS.success?
78
+ end
79
+ end
80
+
81
+ def check_dependencies!
82
+ raise "1Password CLI is not installed" unless cli_installed?
83
+ end
84
+
85
+ def cli_installed?
86
+ %x(#{include_sudo?}op --version 2> /dev/null)
87
+ $CHILD_STATUS.success?
88
+ end
89
+
90
+ def include_sudo?
91
+ !Rails.env.local? ? "sudo -E " : ""
92
+ end
93
+
94
+ check_dependencies! unless Rails.env.local?
64
95
  end
65
96
  end
@@ -3,7 +3,7 @@
3
3
 
4
4
  ENV["RAILS_ENV"] ||= "test"
5
5
 
6
- require_relative File.join($LOAD_PATH.last, "..", "config", "environment.rb")
6
+ require_relative Rails.application.root.join("config", "environment.rb").to_s
7
7
 
8
8
  module Hephaestus
9
9
  module TestHelper
@@ -2,7 +2,7 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Hephaestus
5
- VERSION = "0.7.7.2"
5
+ VERSION = "0.8.1"
6
6
  RAILS_VERSION = ">= 8.0"
7
7
  RUBY_VERSION = File
8
8
  .read("#{File.dirname(__FILE__)}/../../.ruby-version")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hephaestus
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.7.2
4
+ version: 0.8.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Garen Torikian
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-11-21 00:00:00.000000000 Z
11
+ date: 2024-11-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bootsnap
@@ -114,21 +114,6 @@ dependencies:
114
114
  - !ruby/object:Gem::Version
115
115
  version: '2.8'
116
116
  force_ruby_platform: false
117
- - !ruby/object:Gem::Dependency
118
- name: litestream
119
- requirement: !ruby/object:Gem::Requirement
120
- requirements:
121
- - - "~>"
122
- - !ruby/object:Gem::Version
123
- version: '0.12'
124
- type: :runtime
125
- prerelease: false
126
- version_requirements: !ruby/object:Gem::Requirement
127
- requirements:
128
- - - "~>"
129
- - !ruby/object:Gem::Version
130
- version: '0.12'
131
- force_ruby_platform: false
132
117
  - !ruby/object:Gem::Dependency
133
118
  name: lograge
134
119
  requirement: !ruby/object:Gem::Requirement
@@ -189,6 +174,21 @@ dependencies:
189
174
  - !ruby/object:Gem::Version
190
175
  version: '3.0'
191
176
  force_ruby_platform: false
177
+ - !ruby/object:Gem::Dependency
178
+ name: pg
179
+ requirement: !ruby/object:Gem::Requirement
180
+ requirements:
181
+ - - "~>"
182
+ - !ruby/object:Gem::Version
183
+ version: '1.5'
184
+ type: :runtime
185
+ prerelease: false
186
+ version_requirements: !ruby/object:Gem::Requirement
187
+ requirements:
188
+ - - "~>"
189
+ - !ruby/object:Gem::Version
190
+ version: '1.5'
191
+ force_ruby_platform: false
192
192
  - !ruby/object:Gem::Dependency
193
193
  name: puma
194
194
  requirement: !ruby/object:Gem::Requirement
@@ -438,11 +438,9 @@ files:
438
438
  - config/initializers/environment.rb
439
439
  - config/initializers/filter_parameter_logging.rb
440
440
  - config/initializers/inflections.rb
441
- - config/initializers/litestream.rb
442
441
  - config/initializers/lograge.rb
443
442
  - config/initializers/opentelemetry.rb
444
443
  - config/initializers/slack_webhook_logger.rb
445
- - config/litestream.yml
446
444
  - config/puma.rb
447
445
  - config/queue.yml
448
446
  - config/recurring.yml
@@ -1,36 +0,0 @@
1
- # typed: false
2
- # frozen_string_literal: true
3
-
4
- # Use this hook to configure the litestream-ruby gem.
5
- # All configuration options will be available as environment variables, e.g.
6
- # config.replica_bucket becomes LITESTREAM_REPLICA_BUCKET
7
- # This allows you to configure Litestream using Rails encrypted credentials,
8
- # or some other mechanism where the values are only avaialble at runtime.
9
-
10
- Rails.application.configure do
11
- # An example of using Rails encrypted credentials to configure Litestream.
12
- # litestream_credentials = Rails.application.credentials.litestream
13
-
14
- # Replica-specific bucket location.
15
- # This will be your bucket's URL without the `https://` prefix.
16
- # For example, if you used DigitalOcean Spaces, your bucket URL could look like:
17
- # https://myapp.fra1.digitaloceanspaces.com
18
- # And so you should set your `replica_bucket` to:
19
- # myapp.fra1.digitaloceanspaces.com
20
- # Litestream supports Azure Blog Storage, Backblaze B2, DigitalOcean Spaces,
21
- # Scaleway Object Storage, Google Cloud Storage, Linode Object Storage, and
22
- # any SFTP server.
23
- # In this example, we are using Rails encrypted credentials to store the URL to
24
- # our storage provider bucket.
25
- # config.litestream.replica_bucket = litestream_credentials&.replica_bucket
26
-
27
- # Replica-specific authentication key.
28
- # Litestream needs authentication credentials to access your storage provider bucket.
29
- # In this example, we are using Rails encrypted credentials to store the access key ID.
30
- # config.litestream.replica_key_id = litestream_credentials&.replica_key_id
31
-
32
- # Replica-specific secret key.
33
- # Litestream needs authentication credentials to access your storage provider bucket.
34
- # In this example, we are using Rails encrypted credentials to store the secret access key.
35
- # config.litestream.replica_access_key = litestream_credentials&.replica_access_key
36
- end
@@ -1,12 +0,0 @@
1
- # This is the actual configuration file for litestream.
2
- #
3
- # You can either use the generated `config/initializers/litestream.rb`
4
- # file to configure the litestream-ruby gem, which will populate these
5
- # ENV variables when using the `rails litestream:replicate` command.
6
- #
7
- # Or, if you prefer, manually manage ENV variables and this configuration file.
8
- # In that case, simply ensure that the ENV variables are set before running the
9
- # `replicate` command.
10
- #
11
- # For more details, see: https://litestream.io/reference/config/
12
- dbs: