jets 4.0.2 → 4.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 898dace94ebd7b32151b27fa45377e873facc028dfd8a70545f9dd85a3aebf2b
-  data.tar.gz: c91297479c8dd6dbe4a66edec38ff2fd3baefca8fc338300a349180935d1d8c3
+  metadata.gz: a04cac354e7cc219602bd9a156eb26be7517025997ebfd4965e2d0678ddaee56
+  data.tar.gz: 1e4d52b85a38f8058dc38538f32f6e0c551aacde7cd2ee444368f787486c7779
 SHA512:
-  metadata.gz: a60f58645caf94956e029721d160954deadd0f6b826841f6178ba0d03b296ad8af13f6a88b376503e47a1e70c8486751d22cb432a03494ef03f9811176fbfc83
-  data.tar.gz: e83434bf93f3f7d139877f2969a5b31fa85e5a49254a42c145e6eec728f3c0a47faaf3c5fe2a2e2c229d55202a149eddf273e93b365c018677e1d8dc967d4db7
+  metadata.gz: 9e8216af98538a02cfd1baed256f0b452daa5d626c6e7bde0093bbe37007e207dccd736122903351eba55615af1750ea1272134c6e8fc32c504f53d252e58fdc
+  data.tar.gz: 7968a375e5a80deafc70b1c8261095b9ff9237471c73fb616c63531ed6080483d83745243d08f5ca33a9b92871ea9b1280c6f0e5beb64b26ee57fa9f2621bd75

data/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
 
+## [4.0.4] - 2023-09-07
+- [#662](https://github.com/boltops-tools/jets/pull/662) fix vpc iam permissions
+
+## [4.0.3] - 2023-08-03
+- [#657](https://github.com/boltops-tools/jets/pull/657) [Fix] ApiGateway for local Middleware: fix query_string_parameters
+
 ## [4.0.2] - 2023-08-03
 - [#660](https://github.com/boltops-tools/jets/pull/660) Fix prewarming
 

data/lib/jets/application/defaults.rb

@@ -2,8 +2,8 @@ class Jets::Application
   module Defaults
     extend ActiveSupport::Concern
 
-    included do
-      def self.default_iam_policy
+    class_methods do
+      def default_iam_policy
         project_namespace = Jets.project_namespace
         logs = {
           action: ["logs:*"],
@@ -24,24 +24,23 @@ class Jets::Application
         }
         policies << cloudformation
 
-        if Jets.config.function.vpc_config
-          vpc = {
-            action: %w[
-              ec2:CreateNetworkInterface
-              ec2:DeleteNetworkInterface
-              ec2:DescribeNetworkInterfaces
-              ec2:DescribeVpcs
-              ec2:DescribeSubnets
-              ec2:DescribeSecurityGroups
-            ],
-            effect: "Allow",
-            resource: "*",
-          }
-          policies << vpc
-        end
-
         policies
       end
+
+      def vpc_iam_policy_statement
+        {
+          Action: %w[
+            ec2:CreateNetworkInterface
+            ec2:DeleteNetworkInterface
+            ec2:DescribeNetworkInterfaces
+            ec2:DescribeVpcs
+            ec2:DescribeSubnets
+            ec2:DescribeSecurityGroups
+          ],
+          Effect: "Allow",
+          Resource: "*",
+        }
+      end
     end
 
     def default_config
@@ -201,5 +200,29 @@ class Jets::Application
         app/shared/functions
       ]
     end
+
+    # Used by app/jobs/jets/preheat_job.rb
+    def preheat_job_iam_policy
+      policy = [
+        {
+          Sid: "Statement1",
+          Action: ["logs:*"],
+          Effect: "Allow",
+          Resource: [{
+            "Fn::Sub": "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${JetsPreheatJobWarmLambdaFunction}"
+          }]
+        },
+        {
+          Sid: "Statement2",
+          Action: ["lambda:InvokeFunction", "lambda:InvokeAsync"],
+          Effect: "Allow",
+          Resource: [{
+            "Fn::Sub": "arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:#{Jets.project_namespace}-*"
+          }]
+        }
+      ]
+      policy << Jets::Application.vpc_iam_policy_statement if Jets.config.function.vpc_config
+      policy
+    end
   end
 end

data/lib/jets/controller/middleware/local/api_gateway.rb

@@ -16,6 +16,7 @@ class Jets::Controller::Middleware::Local
         "httpMethod" => @env['REQUEST_METHOD'], # GET
         "headers" => request_headers,
         "queryStringParameters" => query_string_parameters,
+        "multiValueQueryStringParameters" => multi_value_query_string_parameters,
         "pathParameters" => @route.extract_parameters(path),
         "stageVariables" => nil,
         "requestContext" => {},
@@ -77,7 +78,18 @@ class Jets::Controller::Middleware::Local
     end
 
     def query_string_parameters
-      Rack::Utils.parse_nested_query(@env['QUERY_STRING'])
+      @env['QUERY_STRING']&.split('&')&.each_with_object({}) do |parameter, hash|
+        key, value = parameter.split('=')
+        hash[key] = value
+      end || {}
+    end
+
+    def multi_value_query_string_parameters
+      @env['QUERY_STRING']&.split('&')&.each_with_object({}) do |parameter, hash|
+        key, value = parameter.split('=')
+        hash[key] = [] if hash[key].nil?
+        hash[key] << value
+      end || {}
     end
 
     # To get the post body:

data/lib/jets/controller/rack/env.rb

@@ -112,9 +112,15 @@ module Jets::Controller::Rack
     end
 
     def query_string
-      qs_params = @event["queryStringParameters"] || {} # always set with API Gateway but when testing node shim might not be
-      hash = Jets::Mega::HashConverter.encode(qs_params)
-      hash.to_query
+      qs_params = @event["multiValueQueryStringParameters"] || {} # always set with API Gateway but when testing node shim might not be
+
+      array = qs_params.each_with_object([]) do |(key, value), arr|
+        arr << value.map do |v|
+          v.to_query(key)
+        end
+      end
+
+      array.join("&")
     end
 
     def headers

data/lib/jets/internal/app/jobs/jets/preheat_job.rb

@@ -7,24 +7,7 @@ class Jets::PreheatJob < ApplicationJob
 
   class_timeout 30
   class_memory 1024
-  class_iam_policy(
-    {
-      sid: "Statement1",
-      action: ["logs:*"],
-      effect: "Allow",
-      resource: [
-        sub("arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${WarmLambdaFunction}"),
-      ]
-    },
-    {
-      Sid: "Statement2",
-      Action: ["lambda:InvokeFunction", "lambda:InvokeAsync"],
-      Effect: "Allow",
-      Resource: [
-        sub("arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:#{Jets.project_namespace}-*")
-      ]
-    }
-  )
+  class_iam_policy(Jets.config.preheat_job_iam_policy)
 
   rate(PREWARM_RATE) if torching
   def torch

data/lib/jets/mega/hash_converter.rb

@@ -7,7 +7,7 @@ module Jets::Mega
         value.each { |k,v| encode(v, append_key(key,k), out_hash) }
         out_hash
       when Array then
-        value.each { |v| encode(v, "#{key}[]", out_hash) }
+        value.each { |v| encode(v, "#{key}", out_hash) }
         out_hash
       when nil   then ''
       else
@@ -22,4 +22,4 @@ module Jets::Mega
       root_key.nil? ? :"#{key}" : :"#{root_key}[#{key.to_s}]"
     end
   end
-end
+end

data/lib/jets/resource/iam/base_role_definition.rb

@@ -24,6 +24,12 @@ module Jets::Resource::Iam
         }
       }
 
+      # Add vpc permissions to all policies
+      definition[logical_id][:properties][:policies] = [
+        policy_name: "vpc", # required, limited to 128-chars
+        policy_document: vpc_policy_document,
+      ] if vpc_policy_document
+
       unless managed_policy_arns.empty?
         definition[logical_id][:properties][:managed_policy_arns] = managed_policy_arns
       end
@@ -31,6 +37,14 @@ module Jets::Resource::Iam
       definition
     end
 
+    def vpc_policy_document
+      if Jets.config.function.vpc_config
+        {
+          Statement: [Jets::Application.vpc_iam_policy_statement]
+        }
+      end
+    end
+
     def policy_document
       PolicyDocument.new(@policy_definitions.flatten.uniq).policy_document
     end

data/lib/jets/version.rb

@@ -1,3 +1,3 @@
 module Jets
-  VERSION = "4.0.2"
+  VERSION = "4.0.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jets
 version: !ruby/object:Gem::Version
-  version: 4.0.2
+  version: 4.0.4
 platform: ruby
 authors:
 - Tung Nguyen
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-08-03 00:00:00.000000000 Z
+date: 2023-09-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionmailer